Vulnerability in Netscape Communicator
CVE-2000-0409
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
EPSS: 0.003 (22.3th percentile) — read the EPSS interpretation.
Affected products
- Netscape Communicator — versions 4.5, 4.6, 4.7
- N/a — versions n/a
References
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)