CVE-2000-0676 — Vulnetix

Try Vulnetix Request Demo

CVE-2000-0676 PUBLISHED CVSS 5 MEDIUM

Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.

EPSS 29.14% · 96.5th percentile

Risk Scores

CVSS v2.0

5

EPSS Score

29.14%

96.5th percentile

Affected Products

Vendor	Product	Versions
netscape	communicator	4.74, 4.0, 4.04
n/a	n/a	n/a

Timeline

Oct 13, 2000 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

20000804 Dangerous Java/Netscape Security Hole mailing-list
1546 vdb
FreeBSD-SA-00:39 vendor-advisory
20000810 MDKSA-2000:033 Netscape Java vulnerability mailing-list
20000823 Security Hole in Netscape, Versions 4.x, possibly others vendor-advisory
20000818 Conectiva Linux Security Announcement - netscape mailing-list
CSSA-2000-027.1 vendor-advisory
20000821 MDKSA-2000:036 - netscape update mailing-list
CA-2000-15 third-party-advisory
RHSA-2000:054 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2000-0676 advisory

Open in Interactive Console →