Vulnerabilities > CVE-2000-0517 - Unspecified vulnerability in Netscape Communicator

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

netscape

NVD

Published: 2000-05-26

Updated: 2017-10-10

Summary

Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.

Vulnerable Configurations

Part	Description	Count
Application	Netscape Netscape Communicator 4.0 Netscape Communicator 4.5 Netscape Communicator 4.6 Netscape Communicator 4.7 Netscape Communicator 4.51 Netscape Communicator 4.61 Netscape Communicator 4.72 Netscape Communicator 4.73	8

References

http://www.cert.org/advisories/CA-2000-08.html
http://www.securityfocus.com/bid/1260
https://exchange.xforce.ibmcloud.com/vulnerabilities/4550