2.6

CVE-2000-0406

EPSS 0.74%
Veröffentlicht 10.05.2000 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Netscape ≫ Communicator Version4.0

Netscape ≫ Communicator Version4.05

Netscape ≫ Communicator Version4.5

Netscape ≫ Communicator Version4.5_beta

Netscape ≫ Communicator Version4.06

Netscape ≫ Communicator Version4.6

Netscape ≫ Communicator Version4.07

Netscape ≫ Communicator Version4.7

Netscape ≫ Communicator Version4.51

Netscape ≫ Communicator Version4.61

Netscape ≫ Communicator Version4.72

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.74%	0.706

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:P/I:N/A:N

http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt

http://www.cert.org/advisories/CA-2000-05.html

Third Party Advisory

US Government Resource

http://www.redhat.com/support/errata/RHSA-2000-028.html

http://www.securityfocus.com/bid/1188

https://nvd.nist.gov/vuln/detail/CVE-2000-0406

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2000-0406

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2000-0406

EUVD