| ID |
CVE-1999-1262
|
| Summary |
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:netscape:communicator:4.01:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.01:*:*:*:*:*:*:*
-
cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*
-
cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*
-
cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*
-
cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*
cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 5.1 (as of 10-10-2017 - 01:29) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
HIGH |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
| refmap
via4
|
| bugtraq | 19990202 Unsecured server in applets under Netscape | | xf | java-socket-open(1727) |
|
| Last major update |
10-10-2017 - 01:29 |
| Published |
01-08-1997 - 04:00 |
| Last modified |
10-10-2017 - 01:29 |
