Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim’s system via a malicious applet, as demonstrated by Brown Orifice.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Virtual_machine | Microsoft | 2000 | 2000 |
| Virtual_machine | Microsoft | 3100 | 3100 |
| Virtual_machine | Microsoft | 3200 | 3200 |
| Virtual_machine | Microsoft | 3300 | 3300 |
| Communicator | Netscape | 4.0 | 4.0 |
| Communicator | Netscape | 4.04 | 4.04 |
| Communicator | Netscape | 4.05 | 4.05 |
| Communicator | Netscape | 4.5 | 4.5 |
| Communicator | Netscape | 4.06 | 4.06 |
| Communicator | Netscape | 4.6 | 4.6 |
| Communicator | Netscape | 4.07 | 4.07 |
| Communicator | Netscape | 4.7 | 4.7 |
| Communicator | Netscape | 4.08 | 4.08 |
| Communicator | Netscape | 4.51 | 4.51 |
| Communicator | Netscape | 4.61 | 4.61 |
| Communicator | Netscape | 4.72 | 4.72 |
| Communicator | Netscape | 4.73 | 4.73 |
| Communicator | Netscape | 4.74 | 4.74 |