Filtered by vendor Netscape
Subscriptions
Total
120 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2000-0034 | 1 Netscape | 1 Communicator | 2024-11-21 | N/A |
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | ||||
CVE-1999-1532 | 1 Netscape | 1 Messaging Server | 2024-11-21 | N/A |
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands. | ||||
CVE-1999-1357 | 1 Netscape | 1 Communicator | 2024-11-21 | N/A |
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters. | ||||
CVE-1999-1262 | 1 Netscape | 1 Communicator | 2024-11-21 | N/A |
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities. | ||||
CVE-1999-1226 | 1 Netscape | 1 Communicator | 2024-11-21 | N/A |
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key. | ||||
CVE-1999-1189 | 1 Netscape | 2 Communicator, Navigator | 2024-11-21 | N/A |
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file. | ||||
CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2024-11-21 | N/A |
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file. | ||||
CVE-1999-1005 | 2 Netscape, Novell | 2 Enterprise Server, Groupwise | 2024-11-21 | N/A |
Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter. | ||||
CVE-1999-1002 | 1 Netscape | 1 Communicator | 2024-11-21 | N/A |
Netscape Navigator uses weak encryption for storing a user's Netscape mail password. | ||||
CVE-1999-0892 | 1 Netscape | 1 Communicator | 2024-11-21 | N/A |
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font. | ||||
CVE-1999-0869 | 2 Microsoft, Netscape | 2 Internet Explorer, Navigator | 2024-11-21 | N/A |
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. | ||||
CVE-1999-0868 | 5 Isc, Nec, Netscape and 2 more | 6 Inn, Goah Intrasv, Goah Networksv and 3 more | 2024-11-21 | N/A |
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. | ||||
CVE-1999-0853 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2024-11-21 | N/A |
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure. | ||||
CVE-1999-0827 | 2 Microsoft, Netscape | 3 Ie, Internet Explorer, Navigator | 2024-11-21 | N/A |
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. | ||||
CVE-1999-0809 | 1 Netscape | 1 Communicator | 2024-11-21 | N/A |
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed". | ||||
CVE-1999-0807 | 1 Netscape | 1 Directory Server | 2024-11-21 | N/A |
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users. | ||||
CVE-1999-0790 | 1 Netscape | 1 Communicator | 2024-11-21 | N/A |
A remote attacker can read information from a Netscape user's cache via JavaScript. | ||||
CVE-1999-0762 | 1 Netscape | 2 Communicator, Navigator | 2024-11-21 | N/A |
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. | ||||
CVE-1999-0758 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2024-11-21 | N/A |
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL. | ||||
CVE-1999-0752 | 1 Netscape | 1 Enterprise Server | 2024-11-21 | N/A |
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake. |