Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0655

6 documents6 sources
Severity
5.0MEDIUM
EPSS
15.2%
top 5.39%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Mozilla MozillaNetscape Communicator
Timeline
PublishedJul 25
Latest updateMay 3

Description

Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDnetscape/communicator13 versions+12

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-5cwq-wmjx-47pq: Netscape Communicator 42022-05-03
CVEList
CVE-2000-0655: Netscape Communicator 42000-10-13

💥Exploits & PoCs

1
Exploit-DB
Netscape Communicator 4.x - JPEG-Comment Heap Overwrite2000-07-25

📋Vendor Advisories

1
Red Hat
security flaw2000-07-24

💬Community

1
Bugzilla
CVE-2000-0655 security flaw2018-08-16
CVE-2000-0655 (MEDIUM CVSS 5) | Netscape Communicator 4.73 and earl | cvebase.io