CVE-2000-0517 - CVE Details

Description

Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

netscape - communicator

Affected Versions:

netscape - communicator

Affected Versions:

netscape - communicator

Affected Versions:

netscape - communicator

Affected Versions:

netscape - communicator

Affected Versions:

4.51

netscape - communicator

Affected Versions:

4.61

netscape - communicator

Affected Versions:

4.72

netscape - communicator

Affected Versions:

4.73

References

http://www.cert.org/advisories/CA-2000-08.html
PatchThird Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/1260
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/4550
http://www.cert.org/advisories/CA-2000-08.html
PatchThird Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/1260
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/4550