Mozilla, Inc. Information for VU#845620

Multiple RSA implementations fail to properly handle signatures

Status

Affected

Vendor Statement

Mozilla has fixed the RSA vulnerability described in VU#845620 and has released an advisory covering several affected products (http://www.mozilla.org/security/announce/2006/mfsa2006-60.html).

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Refer to http://www.mozilla.org/security/announce/2006/mfsa2006-60.html

If you have feedback, comments, or additional information about this vulnerability, please send us email.