Red Hat Bugzilla – Bug 188805
CVE-2006-1728 Privilege escalation using crypto.generateCRMFRequest
Last modified: 2007-11-30 17:07:24 EST
Privilege escalation using crypto.generateCRMFRequest
shutdown demonstrated that the crypto.generateCRMFRequest method can be used
to run arbitrary code with the privilege of the user, which could enable an
attacker to install malware.
Note: Thunderbird shares the browser engine with Firefox and could be
This issue also affects RHEL3
This issue also affects RHEL2.1
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.