Filtered by vendor Netscape
Subscribe
Total
120 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1074 | 1 Netscape | 1 Iplanet Ical | 2023-12-10 | 10.0 HIGH | N/A |
| csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory. | |||||
| CVE-2000-0409 | 1 Netscape | 1 Communicator | 2023-12-10 | 3.7 LOW | N/A |
| Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. | |||||
| CVE-2004-1753 | 2 Mozilla, Netscape | 3 Firefox, Mozilla, Navigator | 2023-12-10 | 2.6 LOW | N/A |
| The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs. | |||||
| CVE-1999-0269 | 1 Netscape | 1 Enterprise Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Netscape Enterprise servers may list files through the PageServices query. | |||||
| CVE-1999-0005 | 2 Netscape, University Of Washington | 2 Messaging Server, Imap | 2023-12-10 | 10.0 HIGH | N/A |
| Arbitrary command execution via IMAP buffer overflow in authenticate command. | |||||
| CVE-2000-0237 | 1 Netscape | 1 Enterprise Server | 2023-12-10 | 6.4 MEDIUM | N/A |
| Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories. | |||||
| CVE-1999-1357 | 1 Netscape | 1 Communicator | 2023-12-10 | 7.5 HIGH | N/A |
| Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters. | |||||
| CVE-1999-0868 | 5 Isc, Nec, Netscape and 2 more | 6 Inn, Goah Intrasv, Goah Networksv and 3 more | 2023-12-10 | 7.2 HIGH | N/A |
| ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. | |||||
| CVE-2001-0250 | 1 Netscape | 1 Enterprise Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command. | |||||
| CVE-2004-0826 | 4 Hp, Mozilla, Netscape and 1 more | 10 Hp-ux, Network Security Services, Certificate Server and 7 more | 2023-12-10 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | |||||
| CVE-2000-1076 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2023-12-10 | 10.0 HIGH | N/A |
| Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | |||||
| CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. | |||||
| CVE-1999-0853 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure. | |||||
| CVE-1999-0174 | 1 Netscape | 1 Communicator | 2023-12-10 | 6.4 MEDIUM | N/A |
| The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-1999-0758 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL. | |||||
| CVE-2003-1560 | 1 Netscape | 1 Navigator | 2023-12-10 | 5.0 MEDIUM | N/A |
| Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | |||||
| CVE-2000-0961 | 1 Netscape | 2 Messaging Server, Netscape Messaging Server Multiplexor | 2023-12-10 | 10.0 HIGH | N/A |
| Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command. | |||||
| CVE-2002-0593 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2023-12-10 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | |||||
| CVE-1999-0809 | 1 Netscape | 1 Communicator | 2023-12-10 | 5.0 MEDIUM | N/A |
| Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed". | |||||
| CVE-2001-0596 | 1 Netscape | 1 Communicator | 2023-12-10 | 7.5 HIGH | N/A |
| Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript. | |||||