Unrated severityNVD Advisory· Published May 10, 2000· Updated Apr 16, 2026

CVE-2000-0409

Description

Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.

Affected products

Netscape/Communicator7 versions
cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2000-05/0126.htmlnvd
www.securityfocus.com/bid/1201nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000