Vulnerabilities (CVE)

Filtered by vendor Netscape Subscribe
Filtered by product Navigator
Total 44 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-1308 2 Mozilla, Netscape 2 Mozilla, Navigator 2023-12-10 7.5 HIGH N/A
Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.
CVE-1999-0827 2 Microsoft, Netscape 3 Ie, Internet Explorer, Navigator 2023-12-10 2.6 LOW N/A
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
CVE-2003-1265 2 Mozilla, Netscape 2 Mozilla, Navigator 2023-12-10 2.1 LOW N/A
Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.
CVE-2002-0815 3 Microsoft, Mozilla, Netscape 3 Internet Explorer, Mozilla, Navigator 2023-12-10 7.5 HIGH N/A
The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.