Vulnerabilities > CVE-2000-0406 - Unspecified vulnerability in Netscape Communicator

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

high complexity

netscape

NVD

Published: 2000-05-10

Updated: 2008-09-10

Summary

Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Netscape Netscape Communicator 4.0 Netscape Communicator 4.05 Netscape Communicator 4.5 Netscape Communicator 4.5_Beta Netscape Communicator 4.06 Netscape Communicator 4.6 Netscape Communicator 4.07 Netscape Communicator 4.7 Netscape Communicator 4.51 Netscape Communicator 4.61 Netscape Communicator 4.72	11

Redhat

advisories

rhsa

id	RHSA-2000:028

Summary

Vulnerable Configurations

Redhat

References