CVE-2006-4567
Publication date 15 September 2006
Last updated 24 July 2024
Ubuntu priority
Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | ||
firefox-granparadiso | ||
lightning-sunbird | ||
midbrowser | ||
mozilla-thunderbird | ||