Total
44 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-2061 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel. | |||||
CVE-2000-0087 | 1 Netscape | 2 Communicator, Navigator | 2023-12-10 | 5.0 MEDIUM | N/A |
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext. | |||||
CVE-2002-2338 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2023-12-10 | 5.0 MEDIUM | N/A |
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | |||||
CVE-2004-0528 | 1 Netscape | 1 Navigator | 2023-12-10 | 5.0 MEDIUM | N/A |
Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | |||||
CVE-2000-1187 | 1 Netscape | 2 Communicator, Navigator | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | |||||
CVE-2003-1492 | 2 Mozilla, Netscape | 2 Firefox, Navigator | 2023-12-10 | 5.0 MEDIUM | N/A |
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end. | |||||
CVE-2004-1753 | 2 Mozilla, Netscape | 3 Firefox, Mozilla, Navigator | 2023-12-10 | 2.6 LOW | N/A |
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs. | |||||
CVE-2003-1560 | 1 Netscape | 1 Navigator | 2023-12-10 | 5.0 MEDIUM | N/A |
Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | |||||
CVE-2002-0593 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | |||||
CVE-1999-0869 | 2 Microsoft, Netscape | 2 Internet Explorer, Navigator | 2023-12-10 | 2.6 LOW | N/A |
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. | |||||
CVE-2002-1091 | 3 Mozilla, Netscape, Opera Software | 3 Mozilla, Navigator, Opera Web Browser | 2023-12-10 | 7.5 HIGH | N/A |
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. | |||||
CVE-2004-0722 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2023-12-10 | 10.0 HIGH | N/A |
Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code. | |||||
CVE-1999-1189 | 1 Netscape | 2 Communicator, Navigator | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file. | |||||
CVE-2004-0718 | 3 Firebirdsql, Mozilla, Netscape | 3 Firebird, Mozilla, Navigator | 2023-12-10 | 7.5 HIGH | N/A |
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
CVE-1999-0142 | 2 Netscape, Sun | 2 Navigator, Java | 2023-12-10 | 7.5 HIGH | N/A |
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts. | |||||
CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2023-12-10 | 7.5 HIGH | N/A |
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. | |||||
CVE-2002-0594 | 3 Galeon, Mozilla, Netscape | 3 Galeon Browser, Mozilla, Navigator | 2023-12-10 | 5.0 MEDIUM | N/A |
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect. | |||||
CVE-2003-0553 | 1 Netscape | 1 Navigator | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename. | |||||
CVE-2003-1419 | 1 Netscape | 1 Navigator | 2023-12-10 | 4.3 MEDIUM | N/A |
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | |||||
CVE-1999-0762 | 1 Netscape | 2 Communicator, Navigator | 2023-12-10 | 2.6 LOW | N/A |
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. |