2
Candidate: CVE-2006-5462
4
https://usn.ubuntu.com/usn/usn-381-1
5
https://usn.ubuntu.com/usn/usn-382-1
6
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5462
8
Mozilla Network Security Service (NSS) library before 3.11.3, as used in
9
Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey
10
before 1.0.6, when using an RSA key with exponent 3, does not properly
11
handle extra data in a signature, which allows remote attackers to forge
12
signatures for SSL/TLS and email certificates. NOTE: this identifier is for
13
unpatched product versions that were originally intended to be addressed by
18
dapper_firefox: released (1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1)
19
edgy_firefox: not-affected
20
feisty_firefox: not-affected
21
dapper_mozilla-thunderbird: released (1.5.0.13-0ubuntu0.6.06)
22
edgy_mozilla-thunderbird: released (1.5.0.13-0ubuntu0.6.10)
23
feisty_mozilla-thunderbird: released (1.5.0.13-0ubuntu0.7.04)
24
devel_mozilla-thunderbird: DNE
26
edgy_xulrunner: needed
27
feisty_xulrunner: released (1.8.0.10-3ubuntu1)
28
devel_xulrunner: released (1.8.0.10-3ubuntu1)
30
upstream_mozilla-thunderbird: