CVE Catalog

CVE-2000-0409

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.31%

22th percentile — higher than 22% of all known CVEs

Summary

Netscape 4.73 and earlier follows symlinks when importing a new certificate, allowing local users to overwrite files of the user importing the certificate.

Risk Assessment

Local users can exploit this vulnerability to modify or delete important files, potentially leading to data loss or system integrity issues.

Recommendation

It is recommended to update the Netscape browser to the latest version to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS