Filtered by vendor Netscape
Subscribe
Total
120 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1073 | 1 Netscape | 1 Iplanet Ical | 2025-04-03 | 7.2 HIGH | N/A |
|
csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory.
|
|||||
| CVE-1999-0424 | 1 Netscape | 1 Communicator | 2025-04-03 | 2.1 LOW | N/A |
|
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
|
|||||
| CVE-2002-2308 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself.
|
|||||
| CVE-2002-0593 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
|
|||||
| CVE-2000-0577 | 1 Netscape | 1 Professional Services Ftpserver | 2025-04-03 | 10.0 HIGH | N/A |
|
Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
|
|||||
| CVE-2000-1074 | 1 Netscape | 1 Iplanet Ical | 2025-04-03 | 10.0 HIGH | N/A |
|
csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory.
|
|||||
| CVE-1999-0479 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.
|
|||||
| CVE-2002-2248 | 1 Netscape | 1 Communicator | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
|
|||||
| CVE-2000-0961 | 1 Netscape | 2 Messaging Server, Netscape Messaging Server Multiplexor | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command.
|
|||||
| CVE-1999-0762 | 1 Netscape | 2 Communicator, Navigator | 2025-04-03 | 2.6 LOW | N/A |
|
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
|
|||||
| CVE-1999-0758 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.
|
|||||
| CVE-1999-1189 | 1 Netscape | 2 Communicator, Navigator | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
|
|||||
| CVE-2000-0308 | 2 Netscape, Sco | 4 Enterprise Server, Fasttrack Server, Proxy Server and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
|
|||||
| CVE-1999-0005 | 2 Netscape, University Of Washington | 2 Messaging Server, Imap | 2025-04-03 | 10.0 HIGH | N/A |
|
Arbitrary command execution via IMAP buffer overflow in authenticate command.
|
|||||
| CVE-2002-1091 | 3 Mozilla, Netscape, Opera Software | 3 Mozilla, Navigator, Opera Web Browser | 2025-04-03 | 7.5 HIGH | N/A |
|
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
|
|||||
| CVE-2003-1492 | 2 Mozilla, Netscape | 2 Firefox, Navigator | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.
|
|||||
| CVE-2003-1419 | 1 Netscape | 1 Navigator | 2025-04-03 | 4.3 MEDIUM | N/A |
|
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function.
|
|||||
| CVE-1999-0537 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2025-04-03 | 7.5 HIGH | N/A |
|
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
|
|||||
| CVE-1999-0045 | 2 Apache, Netscape | 4 Http Server, Commerce Server, Communications Server and 1 more | 2025-04-03 | 7.5 HIGH | N/A |
|
List of arbitrary files on Web host via nph-test-cgi script.
|
|||||
| CVE-1999-0141 | 1 Netscape | 1 Navigator | 2025-04-03 | 3.7 LOW | N/A |
|
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.
|
|||||
| CVE-1999-0007 | 5 C2net, Hp, Microsoft and 2 more | 13 Stonghold Web Server, Open Market Secure Webserver, Exchange Server and 10 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Information from SSL-encrypted sessions via PKCS #1.
|
|||||
| CVE-2000-0600 | 2 Netscape, Novell | 2 Enterprise Server, Netware | 2025-04-03 | 7.5 HIGH | N/A |
|
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.
|
|||||
| CVE-1999-0031 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2025-04-03 | 2.6 LOW | N/A |
|
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
|
|||||
| CVE-1999-0269 | 1 Netscape | 1 Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Netscape Enterprise servers may list files through the PageServices query.
|
|||||
| CVE-2002-0354 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.
|
|||||
| CVE-1999-0744 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2025-04-03 | 7.5 HIGH | N/A |
|
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
|
|||||
| CVE-1999-0752 | 1 Netscape | 1 Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
|
|||||
| CVE-1999-1130 | 1 Netscape | 1 Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file.
|
|||||
| CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2025-04-03 | 7.5 HIGH | N/A |
|
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
|
|||||
| CVE-1999-0827 | 2 Microsoft, Netscape | 3 Ie, Internet Explorer, Navigator | 2025-04-03 | 2.6 LOW | N/A |
|
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
|
|||||
| CVE-2004-0722 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2025-04-03 | 10.0 HIGH | N/A |
|
Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
|
|||||
| CVE-1999-0686 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
|
|||||
| CVE-2002-1654 | 2 Iplanet, Netscape | 2 Iplanet Web Server, Enterprise Server | 2025-04-03 | 7.5 HIGH | N/A |
|
iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection.
|
|||||
| CVE-2000-1196 | 1 Netscape | 1 Publishingxpert | 2025-04-03 | 5.0 MEDIUM | N/A |
|
PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter.
|
|||||
| CVE-2000-0517 | 1 Netscape | 1 Communicator | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
|
|||||
| CVE-2002-2061 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2025-04-03 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.
|
|||||
| CVE-2002-2013 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
|
|||||
| CVE-1999-0853 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure.
|
|||||
| CVE-2006-1942 | 3 K-meleon Project, Mozilla, Netscape | 3 K-meleon, Firefox, Navigator | 2025-04-03 | 5.1 MEDIUM | N/A |
|
Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page."
|
|||||
| CVE-2000-1072 | 1 Netscape | 1 Iplanet Ical | 2025-04-03 | 7.2 HIGH | N/A |
|
iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse.
|
|||||