Filtered by vendor Netscape Subscriptions
Total 120 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-4253 4 K-meleon Project, Mozilla, Netscape and 1 more 4 K-meleon, Firefox, Navigator and 1 more 2025-04-03 N/A
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.
CVE-1999-0758 1 Netscape 2 Enterprise Server, Fasttrack Server 2025-04-03 N/A
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.
CVE-1999-1357 1 Netscape 1 Communicator 2025-04-03 N/A
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
CVE-2000-0406 1 Netscape 1 Communicator 2025-04-03 N/A
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
CVE-2000-0600 2 Netscape, Novell 2 Enterprise Server, Netware 2025-04-03 N/A
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.
CVE-2001-0164 1 Netscape 1 Directory Server 2025-04-03 N/A
Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.
CVE-2001-0921 1 Netscape 1 Communicator 2025-04-03 N/A
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.
CVE-2002-2248 1 Netscape 1 Communicator 2025-04-03 N/A
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
CVE-2004-1753 2 Mozilla, Netscape 3 Firefox, Mozilla, Navigator 2025-04-03 N/A
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.
CVE-2000-0655 2 Mozilla, Netscape 2 Mozilla, Communicator 2025-04-03 N/A
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
CVE-2002-2338 2 Mozilla, Netscape 3 Mozilla, Communicator, Navigator 2025-04-03 N/A
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
CVE-1999-0685 1 Netscape 1 Communicator 2025-04-03 N/A
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
CVE-1999-0686 2 Hp, Netscape 2 Hp-ux, Enterprise Server 2025-04-03 N/A
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
CVE-1999-0744 1 Netscape 2 Enterprise Server, Fasttrack Server 2025-04-03 N/A
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
CVE-1999-0752 1 Netscape 1 Enterprise Server 2025-04-03 N/A
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
CVE-1999-0807 1 Netscape 1 Directory Server 2025-04-03 N/A
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.
CVE-1999-0809 1 Netscape 1 Communicator 2025-04-03 N/A
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".
CVE-1999-0853 1 Netscape 2 Enterprise Server, Fasttrack Server 2025-04-03 N/A
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure.
CVE-2000-0034 1 Netscape 1 Communicator 2025-04-03 N/A
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
CVE-1999-0142 2 Netscape, Sun 2 Navigator, Java 2025-04-03 N/A
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.