CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
84.2%
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the “file”, “http”, “https”, and “ftp” protocols, as demonstrated by Brown Orifice.
Vendor | Product | Version | CPE |
---|---|---|---|
netscape | communicator | 4.0 | cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:* |
netscape | communicator | 4.04 | cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:* |
netscape | communicator | 4.05 | cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:* |
netscape | communicator | 4.5 | cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:* |
netscape | communicator | 4.5_beta | cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:* |
netscape | communicator | 4.06 | cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:* |
netscape | communicator | 4.6 | cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:* |
netscape | communicator | 4.07 | cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:* |
netscape | communicator | 4.08 | cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:* |
netscape | communicator | 4.51 | cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:* |
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc
archives.neohapsis.com/archives/bugtraq/2000-08/0019.html
archives.neohapsis.com/archives/bugtraq/2000-08/0115.html
archives.neohapsis.com/archives/bugtraq/2000-08/0236.html
archives.neohapsis.com/archives/bugtraq/2000-08/0265.html
www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt
www.cert.org/advisories/CA-2000-15.html
www.novell.com/linux/security/advisories/suse_security_announce_60.html
www.redhat.com/support/errata/RHSA-2000-054.html
www.securityfocus.com/bid/1546