Filtered by vendor Netscape
Subscriptions
Total
120 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-1999-0012 | 2 Microsoft, Netscape | 5 Frontpage, Internet Information Server, Personal Web Server and 2 more | 2025-04-09 | 7 High |
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. | ||||
CVE-2008-2809 | 3 Mozilla, Netscape, Redhat | 5 Firefox, Geckb, Seamonkey and 2 more | 2025-04-09 | N/A |
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site. | ||||
CVE-2008-1676 | 2 Netscape, Redhat | 2 Certificate Management System, Certificate System | 2025-04-09 | N/A |
Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate. | ||||
CVE-2007-1377 | 4 Adobe, Mozilla, Netscape and 1 more | 4 Acrobat Reader, Firefox, Navigator and 1 more | 2025-04-09 | N/A |
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236. | ||||
CVE-2009-2542 | 1 Netscape | 1 Navigator | 2025-04-09 | N/A |
Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | ||||
CVE-2006-4842 | 2 Netscape, Sun | 2 Portable Runtime Api, Solaris | 2025-04-09 | N/A |
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files. | ||||
CVE-2007-4042 | 2 Microsoft, Netscape | 4 Internet Explorer, Windows 2003 Server, Windows Xp and 1 more | 2025-04-09 | N/A |
Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670. | ||||
CVE-2007-3924 | 2 Microsoft, Netscape | 2 Internet Explorer, Navigator | 2025-04-09 | N/A |
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the navigatorurl URI, which are inserted into the command line that is created when invoking netscape.exe, a related issue to CVE-2007-3670. NOTE: there has been debate about whether the issue is in Internet Explorer or Netscape. As of 20070713, it is CVE's opinion that IE appears to not properly delimit the URL argument when invoking Netscape; this issue could arise with other protocol handlers in IE. | ||||
CVE-2006-6077 | 3 Mozilla, Netscape, Redhat | 3 Firefox, Navigator, Enterprise Linux | 2025-04-09 | N/A |
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password. | ||||
CVE-1999-0537 | 2 Microsoft, Netscape | 2 Internet Explorer, Communicator | 2025-04-03 | N/A |
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. | ||||
CVE-1999-0868 | 5 Isc, Nec, Netscape and 2 more | 6 Inn, Goah Intrasv, Goah Networksv and 3 more | 2025-04-03 | N/A |
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. | ||||
CVE-1999-0853 | 1 Netscape | 2 Enterprise Server, Fasttrack Server | 2025-04-03 | N/A |
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure. | ||||
CVE-1999-0892 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font. | ||||
CVE-1999-1002 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape Navigator uses weak encryption for storing a user's Netscape mail password. | ||||
CVE-1999-0479 | 2 Hp, Netscape | 2 Hp-ux, Enterprise Server | 2025-04-03 | N/A |
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. | ||||
CVE-1999-0239 | 1 Netscape | 1 Fasttrack Server | 2025-04-03 | 7.5 High |
Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET. | ||||
CVE-1999-0809 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed". | ||||
CVE-1999-1262 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities. | ||||
CVE-1999-0751 | 1 Netscape | 1 Enterprise Server | 2025-04-03 | N/A |
Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch. | ||||
CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2025-04-03 | N/A |
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. |