Vulnerabilities > CVE-2000-0409 - Unspecified vulnerability in Netscape Communicator

CVSS 3.7 - LOW

Attack vector

LOCAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

high complexity

netscape

exploit available

NVD

Published: 2000-05-10

Updated: 2008-09-10

Summary

Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.

Vulnerable Configurations

Part	Description	Count
Application	Netscape Netscape Communicator 4.5 Netscape Communicator 4.6 Netscape Communicator 4.7 Netscape Communicator 4.51 Netscape Communicator 4.61 Netscape Communicator 4.72 Netscape Communicator 4.73	7

Exploit-Db

description	Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 /tmp Symlink Vulnerability. CVE-2000-0409. Local exploits for multiple platform
id	EDB-ID:19912
last seen	2016-02-02
modified	2000-05-10
published	2000-05-10
reporter	foo
source	https://www.exploit-db.com/download/19912/
title	Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 /tmp Symlink Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References