Netscape: >> Communicator >> 4.72 Security Vulnerabilities
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
CVSS Score
5.0
EPSS Score
0.01
Published
2000-05-26
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
CVSS Score
2.6
EPSS Score
0.007
Published
2000-05-10
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
CVSS Score
3.7
EPSS Score
0.001
Published
2000-05-10
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
CVSS Score
7.5
EPSS Score
0.009
Published
1998-04-01
Page 2