CVE-2006-4567
CVE-2006-4567
Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept self-signed certificates for the auto-update mechanism, which might allow remote user-assisted attackers to use DNS spoofing to trick users into visiting a malicious site and accepting a malicious certificate for the Mozilla update site, which can then be used to install arbitrary code on the next update.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://secunia.com/advisories/21906http://secunia.com/advisories/21916http://secunia.com/advisories/21939http://secunia.com/advisories/21949http://secunia.com/advisories/21950http://secunia.com/advisories/22001http://secunia.com/advisories/22025http://secunia.com/advisories/22055http://secunia.com/advisories/22056http://secunia.com/advisories/22066http://secunia.com/advisories/22074http://secunia.com/advisories/22088