CVE-2006-6585

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 2.0 through 3.0

Description The issue is related to the Extensions manager in Mozilla Firefox, which does not properly populate the list of local extensions. This allows attackers to construct an extension that can hide itself by finding its name in the list and then calling RemoveElement.

Recommendations For Mozilla Firefox versions 2.0 through 3.0, consider disabling the Extensions manager or restricting the installation of new extensions until a fix is available. As a temporary workaround, users can manually monitor the list of installed extensions to detect any suspicious activity. At the moment, there is no information about a newer version that contains a fix for this vulnerability.