|Mozilla Network Security Service (NSS) library before 3.11.3, as used
in Mozilla Firefox before 22.214.171.124, Thunderbird before 126.96.36.199, and
SeaMonkey before 1.0.6, when using an RSA key with exponent 3, does
not properly handle extra data in a signature, which allows remote
attackers to forge signatures for SSL/TLS and email
certificates. NOTE: this identifier is for unpatched product versions
that were originally intended to be addressed by CVE-2006-4340.