CVE Vulnerabilities

CVE-2000-0409

Published: May 10, 2000 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.7 LOW
AV:L/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.

Affected Software

Name Vendor Start Version End Version
Communicator Netscape 4.5 4.5
Communicator Netscape 4.6 4.6
Communicator Netscape 4.7 4.7
Communicator Netscape 4.51 4.51
Communicator Netscape 4.61 4.61
Communicator Netscape 4.72 4.72
Communicator Netscape 4.73 4.73

References