CVE-2000-0676
published 2000-10-20CVE-2000-0676: Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL…
PriorityP431medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
20.48%
97.2th percentile
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
security flaw
vendor_redhat·2000-08-03·CVSS 5.0
CVE-2000-0676 [MEDIUM] security flaw
security flaw
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
Statement: This issue was fixed in the following product:
- Red Hat Linux 6.2 - RHSA-2000:054 (2000-08-18)
GHSA
GHSA-whp4-v3p7-5mch: Netscape Communicator and Navigator 4
ghsa_unreviewed·2022-05-03
CVE-2000-0676 [MEDIUM] GHSA-whp4-v3p7-5mch: Netscape Communicator and Navigator 4
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
No detection rules found.
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.aschttp://archives.neohapsis.com/archives/bugtraq/2000-08/0019.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0115.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0236.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0265.htmlhttp://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txthttp://www.cert.org/advisories/CA-2000-15.htmlhttp://www.novell.com/linux/security/advisories/suse_security_announce_60.htmlhttp://www.redhat.com/support/errata/RHSA-2000-054.htmlhttp://www.securityfocus.com/bid/1546ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.aschttp://archives.neohapsis.com/archives/bugtraq/2000-08/0019.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0115.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0236.htmlhttp://archives.neohapsis.com/archives/bugtraq/2000-08/0265.htmlhttp://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txthttp://www.cert.org/advisories/CA-2000-15.htmlhttp://www.novell.com/linux/security/advisories/suse_security_announce_60.htmlhttp://www.redhat.com/support/errata/RHSA-2000-054.htmlhttp://www.securityfocus.com/bid/1546
2000-10-20
Published