VDB
CVE-2006-2788
CVE-2006-2788
PUBLISHED
CVSS 7.5 HIGH
Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service (hang) and possibly execute arbitrary code via certain Javascript code.
EPSS 8.29% · 92.4th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
8.29%
92.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| mozilla | firefox | 0.8, 0.9, 0.9 |
Exploit Intelligence
- DSA-1210 (circl)
- DSA-1191 (circl)
- USN-296-1 (circl)
- USN-361-1 (circl)
- RHSA-2006:0594 (circl)
- 21336 (circl)
- RHSA-2006:0610 (circl)
- 21532 (circl)
- 22849 (circl)
- RHSA-2006:0609 (circl)
…and 13 more exploits
Timeline
- Jun 2, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 14, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- MDKSA-2006:145 vendor-advisory
- USN-296-1 vendor-advisory
- USN-361-1 vendor-advisory
- https://bugzilla.mozilla.org/show_bug.cgi?id=321598 url
- RHSA-2006:0594 vendor-advisory
- 21336 third-party-advisory
- RHSA-2006:0610 vendor-advisory
- 22247 third-party-advisory
- DSA-1191 vendor-advisory
- RHSA-2006:0609 vendor-advisory
- DSA-1210 vendor-advisory
- 22849 third-party-advisory
- 21532 third-party-advisory
- 21270 third-party-advisory
- 21631 third-party-advisory
- oval:org.mitre.oval:def:11065 vdb
- DSA-1192 vendor-advisory
- RHSA-2006:0611 vendor-advisory
- 22342 third-party-advisory
- 21269 third-party-advisory
…and 5 more