Filtered by vendor Netscape
Subscriptions
Total
120 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-1999-0869 | 2 Microsoft, Netscape | 2 Internet Explorer, Navigator | 2025-04-03 | N/A |
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. | ||||
CVE-1999-0892 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font. | ||||
CVE-1999-1189 | 1 Netscape | 2 Communicator, Navigator | 2025-04-03 | N/A |
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file. | ||||
CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2025-04-03 | N/A |
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. | ||||
CVE-2000-1071 | 1 Netscape | 1 Iplanet Ical | 2025-04-03 | N/A |
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges. | ||||
CVE-2000-1072 | 1 Netscape | 1 Iplanet Ical | 2025-04-03 | N/A |
iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse. | ||||
CVE-2000-1073 | 1 Netscape | 1 Iplanet Ical | 2025-04-03 | N/A |
csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory. | ||||
CVE-2000-1074 | 1 Netscape | 1 Iplanet Ical | 2025-04-03 | N/A |
csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory. | ||||
CVE-2002-1091 | 4 Mozilla, Netscape, Opera Software and 1 more | 5 Mozilla, Navigator, Opera Web Browser and 2 more | 2025-04-03 | N/A |
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. | ||||
CVE-2001-0175 | 1 Netscape | 1 Fasttrack Server | 2025-04-03 | N/A |
The caching module in Netscape Fasttrack Server 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs. | ||||
CVE-2001-0251 | 1 Netscape | 1 Enterprise Server | 2025-04-03 | N/A |
The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command. | ||||
CVE-2001-0684 | 1 Netscape | 1 Collabra Server | 2025-04-03 | N/A |
Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. | ||||
CVE-2002-1204 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name. | ||||
CVE-2002-0815 | 3 Microsoft, Mozilla, Netscape | 3 Internet Explorer, Mozilla, Navigator | 2025-04-03 | N/A |
The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain. | ||||
CVE-2002-1042 | 2 Netscape, Sun | 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more | 2025-04-03 | N/A |
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | ||||
CVE-2003-1419 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | ||||
CVE-2002-1654 | 2 Iplanet, Netscape | 2 Iplanet Web Server, Enterprise Server | 2025-04-03 | N/A |
iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection. | ||||
CVE-2003-1560 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | ||||
CVE-2004-0528 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | ||||
CVE-2003-0553 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename. |