2.6

CVE-2000-0406

EPSS 0.74%
Published 10.05.2000 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Netscape ≫ Communicator Version4.0

Netscape ≫ Communicator Version4.05

Netscape ≫ Communicator Version4.5

Netscape ≫ Communicator Version4.5_beta

Netscape ≫ Communicator Version4.06

Netscape ≫ Communicator Version4.6

Netscape ≫ Communicator Version4.07

Netscape ≫ Communicator Version4.7

Netscape ≫ Communicator Version4.51

Netscape ≫ Communicator Version4.61

Netscape ≫ Communicator Version4.72

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.74%	0.706

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:P/I:N/A:N

http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt

http://www.cert.org/advisories/CA-2000-05.html

Third Party Advisory

US Government Resource

http://www.redhat.com/support/errata/RHSA-2000-028.html

http://www.securityfocus.com/bid/1188

https://nvd.nist.gov/vuln/detail/CVE-2000-0406

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2000-0406

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2000-0406

EUVD