CVE-2000-0406
Last modified
CVE-2000-0406 is a vulnerability of currently unknown severity. Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.. EPSS estimates a 1.03% chance of exploitation in the next 30 days.
Description
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Netscape | Communicator | 4.0 |
| Netscape | Communicator | 4.05 |
| Netscape | Communicator | 4.5 |
| Netscape | Communicator | 4.5_beta |
| Netscape | Communicator | 4.06 |
| Netscape | Communicator | 4.6 |
| Netscape | Communicator | 4.07 |
| Netscape | Communicator | 4.7 |
| Netscape | Communicator | 4.51 |
| Netscape | Communicator | 4.61 |
| Netscape | Communicator | 4.72 |
References
- http://www.cert.org/advisories/CA-2000-05.htmlThird Party Advisory, US Government Resource
- http://www.cert.org/advisories/CA-2000-05.htmlThird Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2000-0406?
How severe is CVE-2000-0406?
How do I fix CVE-2000-0406?
Are you affected by CVE-2000-0406?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST