Filtered by vendor Netscape
Subscriptions
Total
120 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2002-0593 | 3 Mozilla, Netscape, Redhat | 5 Mozilla, Communicator, Navigator and 2 more | 2025-04-03 | N/A |
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | ||||
CVE-2002-0815 | 3 Microsoft, Mozilla, Netscape | 3 Internet Explorer, Mozilla, Navigator | 2025-04-03 | N/A |
The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain. | ||||
CVE-2002-1091 | 4 Mozilla, Netscape, Opera Software and 1 more | 5 Mozilla, Navigator, Opera Web Browser and 2 more | 2025-04-03 | N/A |
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. | ||||
CVE-2002-1308 | 3 Mozilla, Netscape, Redhat | 4 Mozilla, Navigator, Enterprise Linux and 1 more | 2025-04-03 | N/A |
Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression. | ||||
CVE-2002-2061 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2025-04-03 | N/A |
Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel. | ||||
CVE-2002-2248 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | ||||
CVE-2002-2284 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes. | ||||
CVE-2002-2308 | 1 Netscape | 1 Communicator | 2025-04-03 | N/A |
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself. | ||||
CVE-2002-2338 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2025-04-03 | N/A |
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | ||||
CVE-2003-0553 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename. | ||||
CVE-2003-1265 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2025-04-03 | N/A |
Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. | ||||
CVE-2003-1419 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | ||||
CVE-2003-1492 | 2 Mozilla, Netscape | 2 Firefox, Navigator | 2025-04-03 | N/A |
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end. | ||||
CVE-2003-1560 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | ||||
CVE-2004-0722 | 3 Mozilla, Netscape, Redhat | 3 Mozilla, Navigator, Enterprise Linux | 2025-04-03 | N/A |
Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code. | ||||
CVE-2004-0826 | 4 Hp, Mozilla, Netscape and 1 more | 10 Hp-ux, Network Security Services, Certificate Server and 7 more | 2025-04-03 | N/A |
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | ||||
CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2025-04-03 | N/A |
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | ||||
CVE-2004-1160 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. | ||||
CVE-2004-1236 | 2 Netscape, Redhat | 2 Directory Server, Directory Server | 2025-04-03 | N/A |
Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code. | ||||
CVE-2002-1655 | 2 Iplanet, Netscape | 2 Iplanet Web Server, Enterprise Server | 2025-04-03 | N/A |
The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request. |