CVE-2006-2788 — Vulnetix

Try Vulnetix Request Demo

CVE-2006-2788 PUBLISHED CVSS 7.5 HIGH

Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.

EPSS 8.29% · 92.2th percentile

Risk Scores

CVSS v2.0

7.5

EPSS Score

8.29%

92.2th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
mozilla	firefox	0.8, 0.9, 0.9

Timeline

Jun 2, 2006 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 14, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score

References

MDKSA-2006:145 vendor-advisory
USN-296-1 vendor-advisory
USN-361-1 vendor-advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=321598 url
RHSA-2006:0594 vendor-advisory
21336 third-party-advisory
RHSA-2006:0610 vendor-advisory
22247 third-party-advisory
DSA-1191 vendor-advisory
RHSA-2006:0609 vendor-advisory
DSA-1210 vendor-advisory
22849 third-party-advisory
21532 third-party-advisory
21270 third-party-advisory
21631 third-party-advisory
oval:org.mitre.oval:def:11065 vdb
DSA-1192 vendor-advisory
RHSA-2006:0611 vendor-advisory
22342 third-party-advisory
21269 third-party-advisory

…and 5 more

Open in Interactive Console →