Exploitation Summary
EIP tracks 1 public exploit for CVE-2000-0676. PoCs published by Dan Brumleve.
AI-analyzed exploit summary The vulnerability in Netscape Communicator's Java implementation allows malicious applets to bypass SecurityManager checks using netscape.net.URLConnection and netscape.net.URLInputStream classes, enabling unauthorized local file reads and firewall bypass via URL-based resource access.
Description
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
Exploits (1)
The vulnerability in Netscape Communicator's Java implementation allows malicious applets to bypass SecurityManager checks using netscape.net.URLConnection and netscape.net.URLInputStream classes, enabling unauthorized local file reads and firewall bypass via URL-based resource access.