Vulnerability Details : CVE-2000-0676
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
Exploit prediction scoring system (EPSS) score for CVE-2000-0676
Probability of exploitation activity in the next 30 days: 1.07%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 84 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2000-0676
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2000-0676
-
http://www.redhat.com/support/errata/RHSA-2000-054.html
-
http://www.securityfocus.com/bid/1546
Exploit;Patch;Vendor Advisory
-
http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html
-
http://www.cert.org/advisories/CA-2000-15.html
Patch;Third Party Advisory;US Government Resource
-
http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html
- http://www.novell.com/linux/security/advisories/suse_security_announce_60.html
- ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc
-
http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html
-
http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html
-
http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt
Products affected by CVE-2000-0676
- cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*