Security Advisory

CVE-2006-4567

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-09-15 18:00:00

Last updated 2024-08-07 19:14:47

Assigner redhat

State PUBLISHED

Description

Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update.

← Browse all CVEs View on cve.org ↗