Total
35 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0517 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information. | |||||
| CVE-1999-0685 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option. | |||||
| CVE-2002-1204 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name. | |||||
| CVE-2000-0676 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice. | |||||
| CVE-2000-0409 | 1 Netscape | 1 Communicator | 2025-04-03 | 3.7 LOW | N/A |
| Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. | |||||
| CVE-1999-0809 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed". | |||||
| CVE-1999-0031 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2025-04-03 | 2.6 LOW | N/A |
| JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability. | |||||
| CVE-2001-0596 | 1 Netscape | 1 Communicator | 2025-04-03 | 7.5 HIGH | N/A |
| Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript. | |||||
| CVE-2002-0593 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | |||||
| CVE-2002-1766 | 1 Netscape | 1 Communicator | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute. | |||||
| CVE-1999-1226 | 1 Netscape | 1 Communicator | 2025-04-03 | 2.6 LOW | N/A |
| Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key. | |||||
| CVE-2002-2284 | 1 Netscape | 1 Communicator | 2025-04-03 | 6.4 MEDIUM | N/A |
| Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes. | |||||
| CVE-1999-1357 | 1 Netscape | 1 Communicator | 2025-04-03 | 7.5 HIGH | N/A |
| Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters. | |||||
| CVE-1999-0174 | 1 Netscape | 1 Communicator | 2025-04-03 | 6.4 MEDIUM | N/A |
| The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-1999-0425 | 1 Netscape | 1 Communicator | 2025-04-03 | 6.4 MEDIUM | N/A |
| talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes. | |||||
| CVE-1999-0537 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2025-04-03 | 7.5 HIGH | N/A |
| A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. | |||||
| CVE-2000-0034 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | |||||
| CVE-2002-2013 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | |||||
| CVE-2000-1187 | 1 Netscape | 2 Communicator, Navigator | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | |||||
| CVE-1999-1002 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netscape Navigator uses weak encryption for storing a user's Netscape mail password. | |||||