Vulnerabilities (CVE)

Filtered by vendor Netscape Subscribe
Total 120 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-1999-0744 1 Netscape 2 Enterprise Server, Fasttrack Server 2024-11-20 7.5 HIGH N/A
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
CVE-1999-0686 2 Hp, Netscape 2 Hp-ux, Enterprise Server 2024-11-20 5.0 MEDIUM N/A
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
CVE-1999-0685 1 Netscape 1 Communicator 2024-11-20 5.1 MEDIUM N/A
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
CVE-1999-0537 2 Microsoft, Netscape 2 Internet Explorer, Communicator 2024-11-20 7.5 HIGH N/A
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
CVE-1999-0479 2 Hp, Netscape 2 Hp-ux, Enterprise Server 2024-11-20 5.0 MEDIUM N/A
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.
CVE-1999-0440 2 Netscape, Sun 3 Communicator, Navigator, Java 2024-11-20 7.5 HIGH N/A
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
CVE-1999-0425 1 Netscape 1 Communicator 2024-11-20 6.4 MEDIUM N/A
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
CVE-1999-0424 1 Netscape 1 Communicator 2024-11-20 2.1 LOW N/A
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
CVE-1999-0269 1 Netscape 1 Enterprise Server 2024-11-20 5.0 MEDIUM N/A
Netscape Enterprise servers may list files through the PageServices query.
CVE-1999-0239 1 Netscape 1 Fasttrack Server 2024-11-20 5.0 MEDIUM 7.5 HIGH
Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.
CVE-1999-0174 1 Netscape 1 Communicator 2024-11-20 6.4 MEDIUM N/A
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-1999-0142 2 Netscape, Sun 2 Navigator, Java 2024-11-20 7.5 HIGH N/A
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.
CVE-1999-0141 1 Netscape 1 Navigator 2024-11-20 3.7 LOW N/A
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.
CVE-1999-0045 2 Apache, Netscape 4 Http Server, Commerce Server, Communications Server and 1 more 2024-11-20 7.5 HIGH N/A
List of arbitrary files on Web host via nph-test-cgi script.
CVE-1999-0043 6 Bsdi, Caldera, Isc and 3 more 7 Bsd Os, Openlinux, Inn and 4 more 2024-11-20 10.0 HIGH 9.8 CRITICAL
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
CVE-1999-0031 2 Microsoft, Netscape 2 Internet Explorer, Communicator 2024-11-20 2.6 LOW N/A
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
CVE-1999-0012 2 Microsoft, Netscape 5 Frontpage, Internet Information Server, Personal Web Server and 2 more 2024-11-20 5.0 MEDIUM N/A
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
CVE-1999-0007 5 C2net, Hp, Microsoft and 2 more 13 Stonghold Web Server, Open Market Secure Webserver, Exchange Server and 10 more 2024-11-20 5.0 MEDIUM N/A
Information from SSL-encrypted sessions via PKCS #1.
CVE-1999-0005 2 Netscape, University Of Washington 2 Messaging Server, Imap 2024-11-20 10.0 HIGH N/A
Arbitrary command execution via IMAP buffer overflow in authenticate command.
CVE-2018-18940 1 Netscape 1 Enterprise Server 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
servlet/SnoopServlet (a servlet installed by default) in Netscape Enterprise 3.63 has reflected XSS via an arbitrary parameter=[XSS] in the query string. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser. NOTE: this product is discontinued.