Lucene search

MitreCVE-2000-0676

HistoryOct 20, 2000 - 4:00 a.m.

CVE-2000-0676

2000-10-2004:00:00

mitre

web.nvd.nist.gov

cve-2000-0676

netscape communicator

navigator

java applet

vulnerability

brown orifice

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

High

EPSS

0.011

Percentile

84.2%

JSON

Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the “file”, “http”, “https”, and “ftp” protocols, as demonstrated by Brown Orifice.

Affected configurations

Nvd

Node

netscapecommunicatorMatch4.0

netscapecommunicatorMatch4.04

netscapecommunicatorMatch4.05

netscapecommunicatorMatch4.5

netscapecommunicatorMatch4.5_beta

netscapecommunicatorMatch4.06

netscapecommunicatorMatch4.6

netscapecommunicatorMatch4.07

netscapecommunicatorMatch4.08

netscapecommunicatorMatch4.51

netscapecommunicatorMatch4.61

netscapecommunicatorMatch4.72

netscapecommunicatorMatch4.73

netscapecommunicatorMatch4.74

VendorProductVersionCPE
netscapecommunicator4.0cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*
netscapecommunicator4.04cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:*
netscapecommunicator4.05cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*
netscapecommunicator4.5cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*
netscapecommunicator4.5_betacpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*
netscapecommunicator4.06cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*
netscapecommunicator4.6cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*
netscapecommunicator4.07cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*
netscapecommunicator4.08cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*
netscapecommunicator4.51cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
netscape	communicator	4.0	cpe:2.3:a:netscape:communicator:4.0:::::::*
netscape	communicator	4.04	cpe:2.3:a:netscape:communicator:4.04:::::::*
netscape	communicator	4.05	cpe:2.3:a:netscape:communicator:4.05:::::::*
netscape	communicator	4.5	cpe:2.3:a:netscape:communicator:4.5:::::::*
netscape	communicator	4.5_beta	cpe:2.3:a:netscape:communicator:4.5_beta:::::::*
netscape	communicator	4.06	cpe:2.3:a:netscape:communicator:4.06:::::::*
netscape	communicator	4.6	cpe:2.3:a:netscape:communicator:4.6:::::::*
netscape	communicator	4.07	cpe:2.3:a:netscape:communicator:4.07:::::::*
netscape	communicator	4.08	cpe:2.3:a:netscape:communicator:4.08:::::::*
netscape	communicator	4.51	cpe:2.3:a:netscape:communicator:4.51:::::::*

Rows per page:

1-10 of 141

References

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc

archives.neohapsis.com/archives/bugtraq/2000-08/0019.html

archives.neohapsis.com/archives/bugtraq/2000-08/0115.html

archives.neohapsis.com/archives/bugtraq/2000-08/0236.html

archives.neohapsis.com/archives/bugtraq/2000-08/0265.html

www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt

www.cert.org/advisories/CA-2000-15.html

www.novell.com/linux/security/advisories/suse_security_announce_60.html

www.redhat.com/support/errata/RHSA-2000-054.html

www.securityfocus.com/bid/1546

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

High

EPSS

0.011

Percentile

84.2%

JSON

Related for CVE-2000-0676