Unrated severityNVD Advisory· Published Oct 20, 2000· Updated Apr 16, 2026
CVE-2000-0676
CVE-2000-0676
Description
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
Affected products
14cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.cert.org/advisories/CA-2000-15.htmlnvdPatchThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/1546nvdExploitPatchVendor Advisory
- ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.ascnvd
- archives.neohapsis.com/archives/bugtraq/2000-08/0019.htmlnvd
- archives.neohapsis.com/archives/bugtraq/2000-08/0115.htmlnvd
- archives.neohapsis.com/archives/bugtraq/2000-08/0236.htmlnvd
- archives.neohapsis.com/archives/bugtraq/2000-08/0265.htmlnvd
- www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txtnvd
- www.novell.com/linux/security/advisories/suse_security_announce_60.htmlnvd
- www.redhat.com/support/errata/RHSA-2000-054.htmlnvd
News mentions
0No linked articles in our index yet.