Filtered by vendor Netscape
Subscriptions
Total
120 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2006-4253 | 4 K-meleon Project, Mozilla, Netscape and 1 more | 4 K-meleon, Firefox, Navigator and 1 more | 2025-04-03 | N/A |
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected. | ||||
CVE-1999-0758 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2025-04-03 | N/A |
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL. | ||||
CVE-1999-1357 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters. | ||||
CVE-2000-0406 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability. | ||||
CVE-2000-0600 | 2 Netscape, Novell | 2 Enterprise Server, Netware | 2025-04-03 | N/A |
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL. | ||||
CVE-2001-0164 | 1 Netscape | 1 Directory Server | 2025-04-03 | N/A |
Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field. | ||||
CVE-2001-0921 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext. | ||||
CVE-2002-2248 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | ||||
CVE-2004-1753 | 2 Mozilla, Netscape | 3 Firefox, Mozilla, Navigator | 2025-04-03 | N/A |
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs. | ||||
CVE-2000-0655 | 2 Mozilla, Netscape | 2 Mozilla, Communicator | 2025-04-03 | N/A |
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1. | ||||
CVE-2002-2338 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2025-04-03 | N/A |
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | ||||
CVE-1999-0685 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option. | ||||
CVE-1999-0686 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2025-04-03 | N/A |
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL. | ||||
CVE-1999-0744 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2025-04-03 | N/A |
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request. | ||||
CVE-1999-0752 | 1 Netscape | 1 Enterprise Server | 2025-04-03 | N/A |
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake. | ||||
CVE-1999-0807 | 1 Netscape | 1 Directory Server | 2025-04-03 | N/A |
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users. | ||||
CVE-1999-0809 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed". | ||||
CVE-1999-0853 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2025-04-03 | N/A |
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure. | ||||
CVE-2000-0034 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | ||||
CVE-1999-0142 | 2 Netscape, Sun | 2 Navigator, Java | 2025-04-03 | N/A |
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts. |