Filtered by vendor Netscape Subscriptions
Total 120 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-1308 3 Mozilla, Netscape, Redhat 4 Mozilla, Navigator, Enterprise Linux and 1 more 2024-11-21 N/A
Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.
CVE-2002-1204 1 Netscape 1 Communicator 2024-11-21 N/A
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
CVE-2002-1091 4 Mozilla, Netscape, Opera Software and 1 more 5 Mozilla, Navigator, Opera Web Browser and 2 more 2024-11-21 N/A
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
CVE-2002-1042 2 Netscape, Sun 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more 2024-11-21 N/A
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
CVE-2002-0815 3 Microsoft, Mozilla, Netscape 3 Internet Explorer, Mozilla, Navigator 2024-11-21 N/A
The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.
CVE-2002-0594 4 Galeon, Mozilla, Netscape and 1 more 5 Galeon Browser, Mozilla, Navigator and 2 more 2024-11-21 N/A
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
CVE-2002-0593 3 Mozilla, Netscape, Redhat 5 Mozilla, Communicator, Navigator and 2 more 2024-11-21 N/A
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
CVE-2002-0354 3 Mozilla, Netscape, Redhat 3 Mozilla, Navigator, Linux 2024-11-21 N/A
The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.
CVE-2001-0921 1 Netscape 1 Communicator 2024-11-21 N/A
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.
CVE-2001-0745 1 Netscape 1 Messanger 2024-11-21 N/A
Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property.
CVE-2001-0684 1 Netscape 1 Collabra Server 2024-11-21 N/A
Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239.
CVE-2001-0683 1 Netscape 1 Collabra Server 2024-11-21 N/A
Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238.
CVE-2001-0596 2 Netscape, Redhat 2 Communicator, Linux 2024-11-21 N/A
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
CVE-2001-0262 1 Netscape 1 Smartdownload 2024-11-21 N/A
Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers (malicious web pages) to execute arbitrary commands via a long URL.
CVE-2001-0251 1 Netscape 1 Enterprise Server 2024-11-21 N/A
The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command.
CVE-2001-0250 1 Netscape 1 Enterprise Server 2024-11-21 N/A
The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.
CVE-2001-0175 1 Netscape 1 Fasttrack Server 2024-11-21 N/A
The caching module in Netscape Fasttrack Server 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs.
CVE-2001-0164 1 Netscape 1 Directory Server 2024-11-21 N/A
Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.
CVE-2000-1196 1 Netscape 1 Publishingxpert 2024-11-21 N/A
PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter.
CVE-2000-1187 1 Netscape 2 Communicator, Navigator 2024-11-21 N/A
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.