Filtered by vendor Netscape
Subscribe
Total
120 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1204 | 1 Netscape | 1 Communicator | 2024-11-20 | 5.0 MEDIUM | N/A |
| Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name. | |||||
| CVE-2002-1091 | 3 Mozilla, Netscape, Opera Software | 3 Mozilla, Navigator, Opera Web Browser | 2024-11-20 | 7.5 HIGH | N/A |
| Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. | |||||
| CVE-2002-1042 | 2 Netscape, Sun | 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more | 2024-11-20 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | |||||
| CVE-2002-0815 | 3 Microsoft, Mozilla, Netscape | 3 Internet Explorer, Mozilla, Navigator | 2024-11-20 | 7.5 HIGH | N/A |
| The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain. | |||||
| CVE-2002-0594 | 3 Galeon, Mozilla, Netscape | 3 Galeon Browser, Mozilla, Navigator | 2024-11-20 | 5.0 MEDIUM | N/A |
| Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect. | |||||
| CVE-2002-0593 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | |||||
| CVE-2002-0354 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2024-11-20 | 5.0 MEDIUM | N/A |
| The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property. | |||||
| CVE-2001-0921 | 1 Netscape | 1 Communicator | 2024-11-20 | 2.1 LOW | N/A |
| Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext. | |||||
| CVE-2001-0745 | 1 Netscape | 1 Messanger | 2024-11-20 | 5.0 MEDIUM | N/A |
| Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property. | |||||
| CVE-2001-0684 | 1 Netscape | 1 Collabra Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. | |||||
| CVE-2001-0683 | 1 Netscape | 1 Collabra Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238. | |||||
| CVE-2001-0596 | 1 Netscape | 1 Communicator | 2024-11-20 | 7.5 HIGH | N/A |
| Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript. | |||||
| CVE-2001-0262 | 1 Netscape | 1 Smartdownload | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers (malicious web pages) to execute arbitrary commands via a long URL. | |||||
| CVE-2001-0251 | 1 Netscape | 1 Enterprise Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command. | |||||
| CVE-2001-0250 | 1 Netscape | 1 Enterprise Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command. | |||||
| CVE-2001-0175 | 1 Netscape | 1 Fasttrack Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| The caching module in Netscape Fasttrack Server 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs. | |||||
| CVE-2001-0164 | 1 Netscape | 1 Directory Server | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field. | |||||
| CVE-2000-1196 | 1 Netscape | 1 Publishingxpert | 2024-11-20 | 5.0 MEDIUM | N/A |
| PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter. | |||||
| CVE-2000-1187 | 1 Netscape | 2 Communicator, Navigator | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | |||||
| CVE-2000-1076 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2024-11-20 | 10.0 HIGH | N/A |
| Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | |||||