Vulnerability Name: | CVE-1999-1262 (CCN-1727) | ||||||||
Assigned: | 1997-08-01 | ||||||||
Published: | 1997-08-01 | ||||||||
Updated: | 2017-10-10 | ||||||||
Summary: | Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities. | ||||||||
CVSS v3 Severity: | 5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: CCN Type: BugTraq Mailing List, Tue, 2 Feb 1999 13:42:32 -0800 Unsecured server in applets under Netscape Source: MITRE Type: CNA CVE-1999-1262 Source: CCN Type: OSVDB ID: 9344 Netscape Java Applet Host Connection Restriction Bypass Source: BUGTRAQ Type: UNKNOWN 19990202 Unsecured server in applets under Netscape Source: XF Type: UNKNOWN java-socket-open(1727) Source: XF Type: UNKNOWN java-socket-open(1727) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
BACK |