CVE-2000-0406

5 documents5 sources
Severity
2.6LOW
EPSS
0.7%
top 26.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netscape Communicator
Timeline
PublishedMay 10
Latest updateApr 30

Description

Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

โ–ถNVDnetscape/communicator11 versions+10

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-4x6c-6ppx-5vjq: Netscape Communicator before version 4โ†—2022-04-30
โ–ถ
CVEList
CVE-2000-0406: Netscape Communicator before version 4โ†—2000-07-12
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Red Hat
security flawโ†—2000-05-12
โ–ถ

๐Ÿ’ฌCommunity

1
Bugzilla
CVE-2000-0406 security flawโ†—2018-08-16
โ–ถ
CVE-2000-0406 (LOW CVSS 2.6) | Netscape Communicator before versio | cvebase.io