CVE-2006-1728
First published: Fri Apr 14 2006(Updated: )
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Firefox | >=1.0<1.0.8 | |
| Firefox | >=1.5<1.5.0.2 | |
| Mozilla Suite | <1.7.13 | |
| Mozilla SeaMonkey | <1.0.1 | |
| Thunderbird | >=1.0<1.0.8 | |
| Thunderbird | >=1.5<1.5.0.2 | |
| Ubuntu | =4.10 | |
| Ubuntu | =5.04 | |
| Ubuntu | =5.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.redhat.com/support/errata/RHSA-2006-0328.html
- http://www.kb.cert.org/vuls/id/932734
- http://www.securityfocus.com/bid/17516
- http://securitytracker.com/id?1015922
- http://securitytracker.com/id?1015923
- http://securitytracker.com/id?1015924
- http://securitytracker.com/id?1015925
- http://secunia.com/advisories/19631
- http://secunia.com/advisories/19649
- http://www.us-cert.gov/cas/techalerts/TA06-107A.html
- http://www.debian.org/security/2006/dsa-1044
- http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
- http://secunia.com/advisories/19759
- http://secunia.com/advisories/19794
- http://secunia.com/advisories/19821
- http://www.debian.org/security/2006/dsa-1046
- http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml
- http://secunia.com/advisories/19811
- http://secunia.com/advisories/19823
- http://secunia.com/advisories/19852
- http://secunia.com/advisories/19862
- http://secunia.com/advisories/19863
- http://secunia.com/advisories/19902
- http://www.debian.org/security/2006/dsa-1051
- http://secunia.com/advisories/19950
- http://secunia.com/advisories/19941
- http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00153.html
- http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00154.html
- http://lists.suse.com/archive/suse-security-announce/2006-Apr/0003.html
- http://secunia.com/advisories/19714
- http://secunia.com/advisories/19721
- http://secunia.com/advisories/19746
- http://www.gentoo.org/security/en/glsa/glsa-200605-09.xml
- http://www.redhat.com/support/errata/RHSA-2006-0329.html
- http://www.redhat.com/support/errata/RHSA-2006-0330.html
- http://secunia.com/advisories/21033
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1
- http://secunia.com/advisories/21622
- http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-102763-1
- http://secunia.com/advisories/19696
- http://secunia.com/advisories/19729
- http://secunia.com/advisories/19780
- http://secunia.com/advisories/20051
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:075
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:076
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:078
- http://secunia.com/advisories/22065
- http://secunia.com/advisories/22066
- http://www.vupen.com/english/advisories/2006/1356
- http://www.vupen.com/english/advisories/2006/3749
- http://www.vupen.com/english/advisories/2006/3748
- http://www.vupen.com/english/advisories/2007/0058
- http://www.vupen.com/english/advisories/2006/3391
- http://www.vupen.com/english/advisories/2008/0083
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- http://www.mozilla.org/security/announce/2006/mfsa2006-24.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25812
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1698
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10508
- https://usn.ubuntu.com/276-1/
- https://usn.ubuntu.com/275-1/
- https://usn.ubuntu.com/271-1/
- http://www.securityfocus.com/archive/1/446658/100/200/threaded
- http://www.securityfocus.com/archive/1/446657/100/200/threaded
- http://www.securityfocus.com/archive/1/438730/100/0/threaded
- http://www.securityfocus.com/archive/1/436338/100/0/threaded
- http://www.securityfocus.com/archive/1/436296/100/0/threaded
- http://www.securityfocus.com/archive/1/434524/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-1728?
CVE-2006-1728 has been classified with a critical severity level due to the potential for remote code execution.
How do I fix CVE-2006-1728?
You can fix CVE-2006-1728 by upgrading to the latest versions of Mozilla Firefox, Thunderbird, Mozilla Suite, or SeaMonkey that are not affected.
Which versions of software are affected by CVE-2006-1728?
CVE-2006-1728 affects Mozilla Firefox versions before 1.5.0.2, Thunderbird versions before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1.
What impact does CVE-2006-1728 have on my system?
CVE-2006-1728 can allow remote attackers to execute arbitrary code on affected systems, potentially leading to unauthorized access or data compromise.
Is CVE-2006-1728 a widespread vulnerability?
Yes, CVE-2006-1728 is considered widespread due to its impact on widely used Mozilla applications.
- agent/type
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/mozilla
- canonical/firefox
- version/firefox/1.0
- version/firefox/1.5
- canonical/mozilla suite
- canonical/mozilla seamonkey
- canonical/thunderbird
- version/thunderbird/1.0
- version/thunderbird/1.5
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/4.10
- version/ubuntu/5.04
- version/ubuntu/5.10