CVE-2006-5462 (retired)

Priority
Description
Mozilla Network Security Service (NSS) library before 3.11.3, as used in
Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey
before 1.0.6, when using an RSA key with exponent 3, does not properly
handle extra data in a signature, which allows remote attackers to forge
signatures for SSL/TLS and email certificates. NOTE: this identifier is for
unpatched product versions that were originally intended to be addressed by
CVE-2006-4340.
Notes
Package
Upstream:needs-triage
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Updated: 2019-10-09 07:04:38 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)