CVE-2000-0409

Published: May 10, 2000Modified: Apr 16, 2026

3.7

Vector

AV:L/AC:H/Au:N/C:P/I:P/A:P

Exploitability: 1.9 / Impact: 6.4

Source: NVD

Description

Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.

Affected (7)

Products: Netscape: Communicator

Netscape

1 product

Communicator

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Netscape Communicator	Version 4.51
Netscape Communicator	Version 4.5
Netscape Communicator	Version 4.61
Netscape Communicator	Version 4.6
Netscape Communicator	Version 4.72
Netscape Communicator	Version 4.73
Netscape Communicator	Version 4.7

References (4)

http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/1201

Source: cve@mitre.org

http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/1201

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.