Vulnerabilites related to netscape - communicator
Vulnerability from fkie_nvd
Published
2000-05-10 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate."
}
],
"id": "CVE-2000-0409",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-10T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1201"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-02-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.05 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.51 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "494AFC1E-67A3-41CA-B920-B8F778B68A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
],
"id": "CVE-1999-0174",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-02-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-12-22 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled \"remember passwords.\""
}
],
"id": "CVE-2000-0034",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-12-22T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 | |
| netscape | communicator | 4.75 | |
| netscape | communicator | 4.76 | |
| netscape | communicator | 4.77 | |
| netscape | communicator | 4.78 | |
| netscape | communicator | 4.79 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*",
"matchCriteriaId": "B4613823-DA14-4BE2-986C-2EED3DB82BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.79:*:*:*:*:*:*:*",
"matchCriteriaId": "5E829621-6981-4413-BF05-E4C9AD79A4AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method."
}
],
"id": "CVE-2002-2248",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103834439321292\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6256"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103834439321292\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10706"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-09-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option."
}
],
"id": "CVE-1999-0685",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "1999-09-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/618"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-18 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes."
}
],
"id": "CVE-1999-0424",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-10 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.05 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.5_beta | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "494AFC1E-67A3-41CA-B920-B8F778B68A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "213EB326-33D1-4329-A6BB-B1AA1C626E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the \"Acros-Suencksen SSL\" vulnerability."
}
],
"id": "CVE-2000-0406",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2000-05-10T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-05.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-028.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-05.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1188"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-07-08 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | internet_explorer | 3.0 | |
| microsoft | internet_explorer | 4.0 | |
| netscape | communicator | 2.0 | |
| netscape | communicator | 3.0 | |
| netscape | communicator | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBF9241-A175-438C-A793-3D245BE2AE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B815D9-BC21-4A17-AF00-B8AD181027D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7144D163-CD3D-4E57-83D9-FB164C65E06E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD558FC-D1D7-4092-9A05-B174CA06675D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user\u0027s web activities, aka the Bell Labs vulnerability."
}
],
"id": "CVE-1999-0031",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "1997-07-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"URL Repurposed"
],
"url": "http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"URL Repurposed"
],
"url": "http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-04-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | internet_explorer | 6.0.2900 | |
| netscape | communicator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*",
"matchCriteriaId": "7B90EA4B-DA10-44B7-BD3D-6AE1197212D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66BDCBFA-2C8E-4D6B-B63F-79C23CC19488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc."
}
],
"id": "CVE-1999-0537",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-04-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0537"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | mozilla | 0.9.2 | |
| mozilla | mozilla | 0.9.2.1 | |
| mozilla | mozilla | 0.9.3 | |
| mozilla | mozilla | 0.9.4 | |
| mozilla | mozilla | 0.9.4.1 | |
| mozilla | mozilla | 0.9.5 | |
| mozilla | mozilla | 0.9.6 | |
| mozilla | mozilla | 0.9.7 | |
| mozilla | mozilla | 0.9.8 | |
| mozilla | mozilla | 0.9.9 | |
| mozilla | mozilla | 1.0 | |
| mozilla | mozilla | 1.0 | |
| mozilla | mozilla | 1.0 | |
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.4 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.08 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 | |
| netscape | communicator | 4.75 | |
| netscape | communicator | 4.76 | |
| netscape | communicator | 4.77 | |
| netscape | navigator | 6.0 | |
| netscape | navigator | 6.0 | |
| netscape | navigator | 6.01 | |
| netscape | navigator | 6.1 | |
| netscape | navigator | 6.2 | |
| netscape | navigator | 6.2.1 | |
| netscape | navigator | 6.2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22F00276-9071-4B96-B49C-2E0898476874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB84CC9B-346B-4AF4-929E-D56D85960103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9420CD82-0E5F-4486-9AF8-9DCD6ED7E037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9C79AB-4ABE-49E6-BAB2-94610AE0316F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04DE7CCB-79B8-4F9B-AC14-E4A100F9E473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1444C77E-FF98-40E5-9CA9-B4C71B3C9304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3B40771F-30CB-45D0-9EDE-1F13852085B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4F64F8-CCC2-47FF-9B9D-41B3BCDD513C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "47315EC4-1EED-4070-A087-8E37C8FE6703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1EB38F-CEB2-40BC-AA5D-CC539F597137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDAEAE6-BA9F-4D40-B264-4A72930239E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A76ACC55-754D-4501-8312-5A4E10D053B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0B711600-425F-4FF9-BC5E-B8D182A2B9F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5421CDE-6C31-42FF-8A06-23A6207D1B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.0:*:mac:*:*:*:*:*",
"matchCriteriaId": "ACAB9169-BC6E-49CF-9A00-3F3054677B32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6469EB31-32FF-415C-82DD-670513911371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F112CED-879B-4A19-993A-16858B4EC16C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D7FA24-4B6F-4D67-95BE-46819033CA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B316E0-4A05-411A-8279-404C82288BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B91D7920-86E6-4842-897A-553F018AD493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message."
}
],
"id": "CVE-2002-2338",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228"
},
{
"source": "cve@mitre.org",
"url": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/276628"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9343.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/276946"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/5002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/276628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9343.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/276946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/5002"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-10-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5921E5E6-3D97-4075-B557-968340FB6E7B",
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key."
}
],
"id": "CVE-1999-1226",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "1999-10-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 6.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F52FD289-E9BF-4CD3-8C20-D4559FEEA0B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself."
}
],
"id": "CVE-2002-2308",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9645.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9645.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-11-29 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 | |
| netscape | communicator | 4.75 | |
| netscape | communicator | 4.76 | |
| netscape | communicator | 4.77 | |
| netscape | communicator | 4.78 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*",
"matchCriteriaId": "B4613823-DA14-4BE2-986C-2EED3DB82BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.x allows attackers to use a link to steal a user\u0027s preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name."
},
{
"lang": "es",
"value": "Netscape Communicator 4.x permite a atacantes usar un enlace para robar las preferencias de un usuario, incluyendo informaci\u00f3n potencialmente sensible como historia de URLs, direcciones de correo electr\u00f3nico, y posiblemente sus contrase\u00f1as, mediante la redefinici\u00f3n de la funci\u00f3n user_pref() y accediendo al fichero prefs.js, que est\u00e1 almacenado en un directorio con un nombre predecible."
}
],
"id": "CVE-2002-1204",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-29T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/advisory/11.19.02c.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10655.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/advisory/11.19.02c.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10655.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6215"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-07-25 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | mozilla | m15 | |
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.05 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.5_beta | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.08 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:m15:*:*:*:*:*:*:*",
"matchCriteriaId": "C85C3F06-8FFF-4A6F-BB86-B66A6031647E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "494AFC1E-67A3-41CA-B920-B8F778B68A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "213EB326-33D1-4329-A6BB-B1AA1C626E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1."
}
],
"id": "CVE-2000-0655",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-07-25T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-046.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1503"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-05-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.x | |
| netscape | navigator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:windows_95:*:*:*:*:*",
"matchCriteriaId": "2120677E-C560-408F-93C0-13A9CEEF0565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.x:*:*:*:*:*:*:*",
"matchCriteriaId": "93E61D1F-588C-4B84-B5CA-8AB68AE4DF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2CA2F8-260C-4559-BF24-3E321CEAE93F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the \"about\" protocol to gain access to browser information."
}
],
"id": "CVE-1999-0762",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "1999-05-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-08-01 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.01 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.08 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "3CF253BE-2FCF-40B6-8279-65255833EA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities."
}
],
"id": "CVE-1999-1262",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "1997-08-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/12231"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/12231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1727"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-06-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1EB38F-CEB2-40BC-AA5D-CC539F597137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F009302-6798-4189-BE56-FB8E67C64592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5421CDE-6C31-42FF-8A06-23A6207D1B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6469EB31-32FF-415C-82DD-670513911371",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI."
}
],
"id": "CVE-2002-0593",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-06-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/8039"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/8976.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/8039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/8976.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4637"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 | |
| netscape | communicator | 4.75 | |
| netscape | communicator | 4.76 | |
| netscape | communicator | 4.77 | |
| netscape | communicator | 4.78 | |
| netscape | communicator | 4.79 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*",
"matchCriteriaId": "B4613823-DA14-4BE2-986C-2EED3DB82BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.79:*:*:*:*:*:*:*",
"matchCriteriaId": "5E829621-6981-4413-BF05-E4C9AD79A4AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes."
}
],
"id": "CVE-2002-2284",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103798147613151\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6223"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103798147613151\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10714"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-11-24 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/36306 | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/36608 | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/822 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/7884 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/36306 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/36608 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/822 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/7884 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.7 | |
| netscape | navigator | 4.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2AE46C7-6538-4DE6-B3EA-81AD7F7C43E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file."
}
],
"id": "CVE-1999-1189",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-11-24T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/36306"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/36608"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/822"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/36306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/36608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7884"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | virtual_machine | 2000 | |
| microsoft | virtual_machine | 3100 | |
| microsoft | virtual_machine | 3200 | |
| microsoft | virtual_machine | 3300 | |
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.04 | |
| netscape | communicator | 4.05 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.08 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "A299BA2B-FD34-4FD5-8A4B-EA99DA9BA3EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3100:*:*:*:*:*:*:*",
"matchCriteriaId": "CB67AEF8-DD02-4F20-B920-AC0B26D47C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3200:*:*:*:*:*:*:*",
"matchCriteriaId": "D133B730-EEDA-46E7-8CC4-4D0104D65C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3300:*:*:*:*:*:*:*",
"matchCriteriaId": "962D0B64-8EEE-4589-84B3-D504906AEEC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "94F9EFE4-7853-4809-8D94-03B3EFD739E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "494AFC1E-67A3-41CA-B920-B8F778B68A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim\u0027s system via a malicious applet, as demonstrated by Brown Orifice."
}
],
"id": "CVE-2000-0711",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1545"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000805020429.11774.qmail%40securityfocus.com"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000805020429.11774.qmail%40securityfocus.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.04 | |
| netscape | communicator | 4.05 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.5_beta | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.08 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "94F9EFE4-7853-4809-8D94-03B3EFD739E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "494AFC1E-67A3-41CA-B920-B8F778B68A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "213EB326-33D1-4329-A6BB-B1AA1C626E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the \"file\", \"http\", \"https\", and \"ftp\" protocols, as demonstrated by Brown Orifice."
}
],
"id": "CVE-2000-0676",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1546"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-07-09 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to \"Only accept cookies originating from the same server as the page being viewed\"."
}
],
"id": "CVE-1999-0809",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-07-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-10-05 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | * | |
| netscape | communicator | 4.04 | |
| netscape | communicator | 4.51 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5921E5E6-3D97-4075-B557-968340FB6E7B",
"versionEndIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "94F9EFE4-7853-4809-8D94-03B3EFD739E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a \"\u003c\" sign, and the 0x9b character to a \"\u003e\" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters."
}
],
"id": "CVE-1999-1357",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-10-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=93915331626185\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=93915331626185\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-26 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.cert.org/advisories/CA-2000-08.html | Patch, Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/1260 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/4550 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cert.org/advisories/CA-2000-08.html | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1260 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/4550 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site\u0027s DNS information."
}
],
"id": "CVE-2000-0517",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-26T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-08.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1260"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-08.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-18 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes."
}
],
"id": "CVE-1999-0425",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-04-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
A remote attacker can read information from a Netscape user's cache via JavaScript.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote attacker can read information from a Netscape user\u0027s cache via JavaScript."
}
],
"id": "CVE-1999-0790",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2000-04-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://home.netscape.com/security/notes/jscachebrowsing.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://home.netscape.com/security/notes/jscachebrowsing.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-01-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.7 | |
| netscape | navigator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2CA2F8-260C-4559-BF24-3E321CEAE93F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext."
}
],
"id": "CVE-2000-0087",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-01-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=94790377622943\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/4385.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=94790377622943\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/4385.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-02 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0AFE54-CB3F-4EEE-9081-8D307FA6448D",
"versionEndIncluding": "4.77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript."
}
],
"id": "CVE-2001-0596",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000393"
},
{
"source": "cve@mitre.org",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=98685237415117\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2001/dsa-051"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5579"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-046.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/2637"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=98685237415117\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2001/dsa-051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/2637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-11-21 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:macos:*:*:*:*:*",
"matchCriteriaId": "EE64CA52-9DDD-4584-97BD-CFCFACB08590",
"versionEndIncluding": "4.77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext."
}
],
"id": "CVE-2001-0921",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-11-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=100638816318705\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5524"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3565"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=100638816318705\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7593"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | mozilla | 0.9.2 | |
| mozilla | mozilla | 0.9.2.1 | |
| mozilla | mozilla | 0.9.3 | |
| mozilla | mozilla | 0.9.4 | |
| mozilla | mozilla | 0.9.4.1 | |
| mozilla | mozilla | 0.9.5 | |
| mozilla | mozilla | 0.9.6 | |
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.4 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.5_beta | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.08 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 | |
| netscape | communicator | 4.75 | |
| netscape | communicator | 4.76 | |
| netscape | communicator | 4.77 | |
| netscape | communicator | 4.78 | |
| netscape | navigator | 4.77 | |
| netscape | navigator | 6.0 | |
| netscape | navigator | 6.01 | |
| netscape | navigator | 6.1 | |
| netscape | navigator | 6.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22F00276-9071-4B96-B49C-2E0898476874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB84CC9B-346B-4AF4-929E-D56D85960103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9420CD82-0E5F-4486-9AF8-9DCD6ED7E037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9C79AB-4ABE-49E6-BAB2-94610AE0316F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04DE7CCB-79B8-4F9B-AC14-E4A100F9E473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1444C77E-FF98-40E5-9CA9-B4C71B3C9304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3B40771F-30CB-45D0-9EDE-1F13852085B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0B711600-425F-4FF9-BC5E-B8D182A2B9F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "213EB326-33D1-4329-A6BB-B1AA1C626E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*",
"matchCriteriaId": "B4613823-DA14-4BE2-986C-2EED3DB82BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4FBB90-8A52-41B4-B08A-53A86CF56898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5421CDE-6C31-42FF-8A06-23A6207D1B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6469EB31-32FF-415C-82DD-670513911371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F112CED-879B-4A19-993A-16858B4EC16C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D7FA24-4B6F-4D67-95BE-46819033CA6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain."
}
],
"id": "CVE-2002-2013",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.iss.net/security_center/static/7973.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/3925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.iss.net/security_center/static/7973.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/3925"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of Mozilla as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.\n",
"lastModified": "2006-08-30T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-12-24 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font."
}
],
"id": "CVE-1999-0892",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-12-24T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-01-12 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Navigator uses weak encryption for storing a user\u0027s Netscape mail password."
}
],
"id": "CVE-1999-1002",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-01-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=94536309217214\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=94570673523998\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.rstcorp.com/news/bad-crypto.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=94536309217214\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=94570673523998\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.rstcorp.com/news/bad-crypto.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | * | |
| netscape | navigator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8BCED1-674C-4050-9230-D233EFD2FD20",
"versionEndIncluding": "4.75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B287C2-FD02-4927-BC55-991FEDDD16BD",
"versionEndIncluding": "4.75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field."
}
],
"id": "CVE-2000-1187",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-01-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000344"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=97500270012529\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7207"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-109.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=97500270012529\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-109.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5542"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.77 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute."
}
],
"id": "CVE-2002-1766",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/276876"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5010"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/276876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9355"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-01 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 | |
| netscape | navigator | 4.0 | |
| netscape | navigator | 4.01 | |
| netscape | navigator | 4.02 | |
| netscape | navigator | 4.03 | |
| netscape | navigator | 4.04 | |
| netscape | navigator | 4.05 | |
| netscape | navigator | 4.5 | |
| netscape | navigator | 4.06 | |
| netscape | navigator | 4.07 | |
| netscape | navigator | 4.08 | |
| netscape | navigator | 4.61 | |
| sun | java | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05CFEB93-B230-473E-A6D0-73CA0C48CB9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "60AA08F1-9932-404D-830E-E6D126FC732B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.02:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FBC98E-49CF-48F1-9206-DDE8166AA8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E57BB283-31F4-487A-87CA-A251BFC5133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D5F1E-DD1B-4CCE-B16D-05AB2DEBCB18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "E20267FF-FCF8-42BF-9CF1-127FF856C6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EC6F62-37FF-46DD-997C-A4D77182BBEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D5904FD1-9806-4C73-A4E8-98C1F8F078EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "431D7EED-1152-4245-92B9-023A4AC88EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "04BBF8B2-8378-4CA3-B8D4-4ED5D7B8A674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3EFA3B-5DE7-40D0-960D-283491163E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDA9F90-5D16-4E04-B285-D32C362279C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages."
}
],
"id": "CVE-1999-0440",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1939"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2000-0406 (GCVE-0-2000-0406)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt"
},
{
"name": "RHSA-2000:028",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-028.html"
},
{
"name": "CA-2000-05",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2000-05.html"
},
{
"name": "1188",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1188"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the \"Acros-Suencksen SSL\" vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt"
},
{
"name": "RHSA-2000:028",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-028.html"
},
{
"name": "CA-2000-05",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2000-05.html"
},
{
"name": "1188",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1188"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the \"Acros-Suencksen SSL\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt",
"refsource": "MISC",
"url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt"
},
{
"name": "RHSA-2000:028",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-028.html"
},
{
"name": "CA-2000-05",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-05.html"
},
{
"name": "1188",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1188"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0406",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0424 (GCVE-0-1999-0424)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:31:52",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0424",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1204 (GCVE-0-2002-1204)
Vulnerability from cvelistv5
Published
2002-11-21 05:00
Modified
2024-08-08 03:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021119 iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/advisory/11.19.02c.txt"
},
{
"name": "netscape-preferences-file(10655)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10655.php"
},
{
"name": "6215",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6215"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.x allows attackers to use a link to steal a user\u0027s preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-10T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021119 iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/advisory/11.19.02c.txt"
},
{
"name": "netscape-preferences-file(10655)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10655.php"
},
{
"name": "6215",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6215"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.x allows attackers to use a link to steal a user\u0027s preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021119 iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html"
},
{
"name": "http://www.idefense.com/advisory/11.19.02c.txt",
"refsource": "MISC",
"url": "http://www.idefense.com/advisory/11.19.02c.txt"
},
{
"name": "netscape-preferences-file(10655)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10655.php"
},
{
"name": "6215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6215"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1204",
"datePublished": "2002-11-21T05:00:00",
"dateReserved": "2002-10-14T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0676 (GCVE-0-2000-0676)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:40.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000804 Dangerous Java/Netscape Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
},
{
"name": "1546",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1546"
},
{
"name": "FreeBSD-SA-00:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000810 MDKSA-2000:033 Netscape Java vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000818 Conectiva Linux Security Announcement - netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
},
{
"name": "CSSA-2000-027.1",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"name": "20000821 MDKSA-2000:036 - netscape update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"name": "CA-2000-15",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "RHSA-2000:054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-08-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the \"file\", \"http\", \"https\", and \"ftp\" protocols, as demonstrated by Brown Orifice."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000804 Dangerous Java/Netscape Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
},
{
"name": "1546",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1546"
},
{
"name": "FreeBSD-SA-00:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000810 MDKSA-2000:033 Netscape Java vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000818 Conectiva Linux Security Announcement - netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
},
{
"name": "CSSA-2000-027.1",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"name": "20000821 MDKSA-2000:036 - netscape update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"name": "CA-2000-15",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "RHSA-2000:054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the \"file\", \"http\", \"https\", and \"ftp\" protocols, as demonstrated by Brown Orifice."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000804 Dangerous Java/Netscape Security Hole",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
},
{
"name": "1546",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1546"
},
{
"name": "FreeBSD-SA-00:39",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000810 MDKSA-2000:033 Netscape Java vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000818 Conectiva Linux Security Announcement - netscape",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
},
{
"name": "CSSA-2000-027.1",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"name": "20000821 MDKSA-2000:036 - netscape update",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"name": "CA-2000-15",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "RHSA-2000:054",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0676",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-08-11T00:00:00",
"dateUpdated": "2024-08-08T05:28:40.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0711 (GCVE-0-2000-0711)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:40.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000816 JDK 1.1.x Listening Socket Vulnerability (was Re: BrownOrifice can break firewalls!)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp"
},
{
"name": "1545",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1545"
},
{
"name": "CA-2000-15",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "20000805 Dangerous Java/Netscape Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000805020429.11774.qmail%40securityfocus.com"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-08-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim\u0027s system via a malicious applet, as demonstrated by Brown Orifice."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000816 JDK 1.1.x Listening Socket Vulnerability (was Re: BrownOrifice can break firewalls!)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp"
},
{
"name": "1545",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1545"
},
{
"name": "CA-2000-15",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "20000805 Dangerous Java/Netscape Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000805020429.11774.qmail%40securityfocus.com"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim\u0027s system via a malicious applet, as demonstrated by Brown Orifice."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000816 JDK 1.1.x Listening Socket Vulnerability (was Re: BrownOrifice can break firewalls!)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=3999922128E.EE84TAKAGI@java-house.etl.go.jp"
},
{
"name": "1545",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1545"
},
{
"name": "CA-2000-15",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "20000805 Dangerous Java/Netscape Security Hole",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000805020429.11774.qmail@securityfocus.com"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0711",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-09-19T00:00:00",
"dateUpdated": "2024-08-08T05:28:40.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0425 (GCVE-0-1999-0425)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:32:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0425",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0790 (GCVE-0-1999-0790)
Vulnerability from cvelistv5
Published
2000-04-18 04:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A remote attacker can read information from a Netscape user's cache via JavaScript.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://home.netscape.com/security/notes/jscachebrowsing.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote attacker can read information from a Netscape user\u0027s cache via JavaScript."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://home.netscape.com/security/notes/jscachebrowsing.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote attacker can read information from a Netscape user\u0027s cache via JavaScript."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://home.netscape.com/security/notes/jscachebrowsing.html",
"refsource": "MISC",
"url": "http://home.netscape.com/security/notes/jscachebrowsing.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0790",
"datePublished": "2000-04-18T04:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:38.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0440 (GCVE-0-1999-0440)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1939",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1939"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"name": "19990405 Security Hole in Java 2 (and JDK 1.1.x)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1939",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1939"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"name": "19990405 Security Hole in Java 2 (and JDK 1.1.x)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0440",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1939",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1939"
},
{
"name": "http://java.sun.com/pr/1999/03/pr990329-01.html",
"refsource": "CONFIRM",
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"name": "19990405 Security Hole in Java 2 (and JDK 1.1.x)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0440",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0409 (GCVE-0-2000-0409)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1201",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1201"
},
{
"name": "20000510 Possible symlink problems with Netscape 4.73",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1201",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1201"
},
{
"name": "20000510 Possible symlink problems with Netscape 4.73",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1201",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1201"
},
{
"name": "20000510 Possible symlink problems with Netscape 4.73",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0409",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1357 (GCVE-0-1999-1357)
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19991005 Time to update those CGIs again",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93915331626185\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-10-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a \"\u003c\" sign, and the 0x9b character to a \"\u003e\" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19991005 Time to update those CGIs again",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93915331626185\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a \"\u003c\" sign, and the 0x9b character to a \"\u003e\" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19991005 Time to update those CGIs again",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=93915331626185\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1357",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2338 (GCVE-0-2002-2338)
Vulnerability from cvelistv5
Published
2007-10-29 19:00
Modified
2024-09-16 20:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020614 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/276946"
},
{
"name": "20020612 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/276628"
},
{
"name": "MDKSA-2002:074",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228"
},
{
"name": "5002",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5002"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html"
},
{
"name": "mozilla-netscape-pop3-dos(9343)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9343.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-29T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020614 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/276946"
},
{
"name": "20020612 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/276628"
},
{
"name": "MDKSA-2002:074",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228"
},
{
"name": "5002",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5002"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html"
},
{
"name": "mozilla-netscape-pop3-dos(9343)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9343.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2338",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020614 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/276946"
},
{
"name": "20020612 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/276628"
},
{
"name": "MDKSA-2002:074",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228"
},
{
"name": "5002",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5002"
},
{
"name": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html",
"refsource": "CONFIRM",
"url": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html"
},
{
"name": "mozilla-netscape-pop3-dos(9343)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9343.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2338",
"datePublished": "2007-10-29T19:00:00Z",
"dateReserved": "2007-10-29T00:00:00Z",
"dateUpdated": "2024-09-16T20:06:54.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0921 (GCVE-0-2001-0921)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:07.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5524",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5524"
},
{
"name": "20011121 Mac Netscape password fields",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100638816318705\u0026w=2"
},
{
"name": "3565",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3565"
},
{
"name": "macos-netscape-print-passwords(7593)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7593"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-06T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5524",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5524"
},
{
"name": "20011121 Mac Netscape password fields",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100638816318705\u0026w=2"
},
{
"name": "3565",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3565"
},
{
"name": "macos-netscape-print-passwords(7593)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7593"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0921",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5524",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5524"
},
{
"name": "20011121 Mac Netscape password fields",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=100638816318705\u0026w=2"
},
{
"name": "3565",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3565"
},
{
"name": "macos-netscape-print-passwords(7593)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7593"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0921",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:37:07.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1262 (GCVE-0-1999-1262)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:02.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990202 Unsecured server in applets under Netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/12231"
},
{
"name": "java-socket-open(1727)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990202 Unsecured server in applets under Netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/12231"
},
{
"name": "java-socket-open(1727)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990202 Unsecured server in applets under Netscape",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/12231"
},
{
"name": "java-socket-open(1727)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1262",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:02.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0685 (GCVE-0-1999-0685)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "618",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/618"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "618",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/618"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "618",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/618"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0685",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0809 (GCVE-0-1999-0809)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to \"Only accept cookies originating from the same server as the page being viewed\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:59:26",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to \"Only accept cookies originating from the same server as the page being viewed\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0809",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:38.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1226 (GCVE-0-1999-1226)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscape-huge-key-dos(3436)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2001-11-28T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscape-huge-key-dos(3436)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscape-huge-key-dos(3436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
},
{
"name": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1226",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2308 (GCVE-0-2002-2308)
Vulnerability from cvelistv5
Published
2007-10-26 19:00
Modified
2024-09-16 18:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020720 Netscape Communicator META Refresh Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html"
},
{
"name": "netscape-meta-refresh-dos(9645)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9645.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-26T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020720 Netscape Communicator META Refresh Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html"
},
{
"name": "netscape-meta-refresh-dos(9645)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9645.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020720 Netscape Communicator META Refresh Denial of Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html"
},
{
"name": "netscape-meta-refresh-dos(9645)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9645.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2308",
"datePublished": "2007-10-26T19:00:00Z",
"dateReserved": "2007-10-26T00:00:00Z",
"dateUpdated": "2024-09-16T18:59:11.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0892 (GCVE-0-1999-0892)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:29.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T13:47:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0892",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-12-08T00:00:00",
"dateUpdated": "2024-08-01T16:55:29.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0031 (GCVE-0-1999-0031)
Vulnerability from cvelistv5
Published
2000-06-02 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX9707-065",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user\u0027s web activities, aka the Bell Labs vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX9707-065",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user\u0027s web activities, aka the Bell Labs vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX9707-065",
"refsource": "HP",
"url": "http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0031",
"datePublished": "2000-06-02T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:56.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0537 (GCVE-0-1999-0537)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:45.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0537"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T08:27:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0537"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cve.org/CVERecord?id=CVE-1999-0537",
"refsource": "MISC",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0537"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0537",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:45.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0596 (GCVE-0-2001-0596)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:05.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2001:393",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000393"
},
{
"name": "RHSA-2001:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-046.html"
},
{
"name": "20010409 Netscape 4.76 gif comment flaw",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98685237415117\u0026w=2"
},
{
"name": "2637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2637"
},
{
"name": "5579",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5579"
},
{
"name": "netscape-javascript-access-data(6344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344"
},
{
"name": "IMNX-2001-70-014-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX",
"x_transferred"
],
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01"
},
{
"name": "DSA-051",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2001/dsa-051"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2001:393",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000393"
},
{
"name": "RHSA-2001:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-046.html"
},
{
"name": "20010409 Netscape 4.76 gif comment flaw",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98685237415117\u0026w=2"
},
{
"name": "2637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2637"
},
{
"name": "5579",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5579"
},
{
"name": "netscape-javascript-access-data(6344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344"
},
{
"name": "IMNX-2001-70-014-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX"
],
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01"
},
{
"name": "DSA-051",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2001/dsa-051"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0596",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2001:393",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000393"
},
{
"name": "RHSA-2001:046",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-046.html"
},
{
"name": "20010409 Netscape 4.76 gif comment flaw",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98685237415117\u0026w=2"
},
{
"name": "2637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2637"
},
{
"name": "5579",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5579"
},
{
"name": "netscape-javascript-access-data(6344)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344"
},
{
"name": "IMNX-2001-70-014-01",
"refsource": "IMMUNIX",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01"
},
{
"name": "DSA-051",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2001/dsa-051"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0596",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-07-27T00:00:00",
"dateUpdated": "2024-08-08T04:30:05.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1766 (GCVE-0-2002-1766)
Vulnerability from cvelistv5
Published
2005-06-21 04:00
Modified
2024-08-08 03:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:56.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020613 Microsoft FrontPage vs Composer Netscape...",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/276876"
},
{
"name": "5010",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5010"
},
{
"name": "netscape-composer-font-bo(9355)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9355"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020613 Microsoft FrontPage vs Composer Netscape...",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/276876"
},
{
"name": "5010",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5010"
},
{
"name": "netscape-composer-font-bo(9355)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9355"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1766",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020613 Microsoft FrontPage vs Composer Netscape...",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/276876"
},
{
"name": "5010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5010"
},
{
"name": "netscape-composer-font-bo(9355)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9355"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1766",
"datePublished": "2005-06-21T04:00:00",
"dateReserved": "2005-06-21T00:00:00",
"dateUpdated": "2024-08-08T03:34:56.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1002 (GCVE-0-1999-1002)
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:29.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19991220 Netscape password scrambling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94570673523998\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rstcorp.com/news/bad-crypto.html"
},
{
"name": "19991216 Reinventing the wheel (aka \"Decoding Netscape Mail passwords\")",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94536309217214\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Navigator uses weak encryption for storing a user\u0027s Netscape mail password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19991220 Netscape password scrambling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94570673523998\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rstcorp.com/news/bad-crypto.html"
},
{
"name": "19991216 Reinventing the wheel (aka \"Decoding Netscape Mail passwords\")",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94536309217214\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Navigator uses weak encryption for storing a user\u0027s Netscape mail password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19991220 Netscape password scrambling",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=94570673523998\u0026w=2"
},
{
"name": "http://www.rstcorp.com/news/bad-crypto.html",
"refsource": "MISC",
"url": "http://www.rstcorp.com/news/bad-crypto.html"
},
{
"name": "19991216 Reinventing the wheel (aka \"Decoding Netscape Mail passwords\")",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=94536309217214\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1002",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-12-21T00:00:00",
"dateUpdated": "2024-08-01T16:55:29.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-1187 (GCVE-0-2000-1187)
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:45:37.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-00:66",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc"
},
{
"name": "SuSE-SA:2000:48",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html"
},
{
"name": "netscape-client-html-bo(5542)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5542"
},
{
"name": "20001121 Immunix OS Security update for netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97500270012529\u0026w=2"
},
{
"name": "7207",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7207"
},
{
"name": "CLSA-2000:344",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000344"
},
{
"name": "RHSA-2000:109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-109.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-00:66",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc"
},
{
"name": "SuSE-SA:2000:48",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html"
},
{
"name": "netscape-client-html-bo(5542)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5542"
},
{
"name": "20001121 Immunix OS Security update for netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97500270012529\u0026w=2"
},
{
"name": "7207",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7207"
},
{
"name": "CLSA-2000:344",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000344"
},
{
"name": "RHSA-2000:109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-109.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-00:66",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc"
},
{
"name": "SuSE-SA:2000:48",
"refsource": "SUSE",
"url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html"
},
{
"name": "netscape-client-html-bo(5542)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5542"
},
{
"name": "20001121 Immunix OS Security update for netscape",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=97500270012529\u0026w=2"
},
{
"name": "7207",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7207"
},
{
"name": "CLSA-2000:344",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000344"
},
{
"name": "RHSA-2000:109",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-109.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1187",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-12-14T00:00:00",
"dateUpdated": "2024-08-08T05:45:37.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0593 (GCVE-0-2002-0593)
Vulnerability from cvelistv5
Published
2002-06-11 04:00
Modified
2024-08-08 02:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:37.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8039",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8039"
},
{
"name": "mozilla-netscape-irc-bo(8976)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8976.php"
},
{
"name": "CLA-2002:490",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "4637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4637"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/270249"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8039",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8039"
},
{
"name": "mozilla-netscape-irc-bo(8976)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8976.php"
},
{
"name": "CLA-2002:490",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "4637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4637"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/270249"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8039",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8039"
},
{
"name": "mozilla-netscape-irc-bo(8976)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8976.php"
},
{
"name": "CLA-2002:490",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "4637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4637"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/270249"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0593",
"datePublished": "2002-06-11T04:00:00",
"dateReserved": "2002-06-11T00:00:00",
"dateUpdated": "2024-08-08T02:56:37.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0034 (GCVE-0-2000-0034)
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-12-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled \"remember passwords.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T08:19:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled \"remember passwords.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0034",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-01-11T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0762 (GCVE-0-1999-0762)
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the \"about\" protocol to gain access to browser information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:56:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the \"about\" protocol to gain access to browser information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0762",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-0174 (GCVE-0-1999-0174)
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.740Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:52:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0174",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0517 (GCVE-0-2000-0517)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:30.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscape-ssl-certificate(4550)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
},
{
"name": "1260",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1260"
},
{
"name": "CA-2000-08",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2000-08.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site\u0027s DNS information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscape-ssl-certificate(4550)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
},
{
"name": "1260",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1260"
},
{
"name": "CA-2000-08",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2000-08.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site\u0027s DNS information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscape-ssl-certificate(4550)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
},
{
"name": "1260",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1260"
},
{
"name": "CA-2000-08",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-08.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0517",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:30.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2248 (GCVE-0-2002-2248)
Vulnerability from cvelistv5
Published
2007-10-14 20:00
Modified
2024-08-08 03:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscape-applet-canconvert-bo(10706)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10706"
},
{
"name": "20021126 Netscape 4 Java buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103834439321292\u0026w=2"
},
{
"name": "6256",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscape-applet-canconvert-bo(10706)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10706"
},
{
"name": "20021126 Netscape 4 Java buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103834439321292\u0026w=2"
},
{
"name": "6256",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2248",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscape-applet-canconvert-bo(10706)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10706"
},
{
"name": "20021126 Netscape 4 Java buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103834439321292\u0026w=2"
},
{
"name": "6256",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2248",
"datePublished": "2007-10-14T20:00:00",
"dateReserved": "2007-10-14T00:00:00",
"dateUpdated": "2024-08-08T03:59:11.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2013 (GCVE-0-2002-2013)
Vulnerability from cvelistv5
Published
2005-07-14 04:00
Modified
2024-09-16 20:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:16.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3925",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3925"
},
{
"name": "20020121 Mozilla Cookie Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html"
},
{
"name": "mozilla-netscape-steal-cookies(7973)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7973.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-07-14T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3925",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3925"
},
{
"name": "20020121 Mozilla Cookie Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html"
},
{
"name": "mozilla-netscape-steal-cookies(7973)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7973.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3925",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3925"
},
{
"name": "20020121 Mozilla Cookie Exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html"
},
{
"name": "mozilla-netscape-steal-cookies(7973)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7973.php"
},
{
"name": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html",
"refsource": "MISC",
"url": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2013",
"datePublished": "2005-07-14T04:00:00Z",
"dateReserved": "2005-07-14T00:00:00Z",
"dateUpdated": "2024-09-16T20:12:45.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1189 (GCVE-0-1999-1189)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-01 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "822",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/822"
},
{
"name": "netscape-long-argument-bo(7884)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7884"
},
{
"name": "19991127 Netscape Communicator 4.7 - Navigator Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/36608"
},
{
"name": "19991124 Netscape Communicator 4.7 - Navigator Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/36306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-11-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-07-23T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "822",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/822"
},
{
"name": "netscape-long-argument-bo(7884)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7884"
},
{
"name": "19991127 Netscape Communicator 4.7 - Navigator Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/36608"
},
{
"name": "19991124 Netscape Communicator 4.7 - Navigator Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/36306"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "822",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/822"
},
{
"name": "netscape-long-argument-bo(7884)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7884"
},
{
"name": "19991127 Netscape Communicator 4.7 - Navigator Overflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/36608"
},
{
"name": "19991124 Netscape Communicator 4.7 - Navigator Overflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/36306"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1189",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0087 (GCVE-0-2000-0087)
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 05:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000113 Misleading sense of security in Netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94790377622943\u0026w=2"
},
{
"name": "netscape-mail-notify-plaintext(4385)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/4385.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000113 Misleading sense of security in Netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94790377622943\u0026w=2"
},
{
"name": "netscape-mail-notify-plaintext(4385)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/4385.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000113 Misleading sense of security in Netscape",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=94790377622943\u0026w=2"
},
{
"name": "netscape-mail-notify-plaintext(4385)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/4385.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0087",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2000-01-22T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2284 (GCVE-0-2002-2284)
Vulnerability from cvelistv5
Published
2007-10-18 10:00
Modified
2024-08-08 03:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6223",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6223"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf"
},
{
"name": "netscape-java-insecure-classes(10714)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10714"
},
{
"name": "20021121 [LSD] Java and JVM security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103798147613151\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6223",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6223"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf"
},
{
"name": "netscape-java-insecure-classes(10714)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10714"
},
{
"name": "20021121 [LSD] Java and JVM security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103798147613151\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2284",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6223",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6223"
},
{
"name": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf",
"refsource": "MISC",
"url": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf"
},
{
"name": "netscape-java-insecure-classes(10714)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10714"
},
{
"name": "20021121 [LSD] Java and JVM security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103798147613151\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2284",
"datePublished": "2007-10-18T10:00:00",
"dateReserved": "2007-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:59:11.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0655 (GCVE-0-2000-0655)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:40.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2000:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-046.html"
},
{
"name": "1503",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1503"
},
{
"name": "TLSA2000017-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html"
},
{
"name": "FreeBSD-SA-00:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000724 JPEG COM Marker Processing Vulnerability in Netscape Browsers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000801 MDKSA-2000:027-1 netscape update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html"
},
{
"name": "20000810 Conectiva Linux Security Announcement - netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html"
},
{
"name": "NetBSD-SA2000-011",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2000:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-046.html"
},
{
"name": "1503",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1503"
},
{
"name": "TLSA2000017-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html"
},
{
"name": "FreeBSD-SA-00:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000724 JPEG COM Marker Processing Vulnerability in Netscape Browsers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000801 MDKSA-2000:027-1 netscape update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html"
},
{
"name": "20000810 Conectiva Linux Security Announcement - netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html"
},
{
"name": "NetBSD-SA2000-011",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2000:046",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-046.html"
},
{
"name": "1503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1503"
},
{
"name": "TLSA2000017-1",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html"
},
{
"name": "FreeBSD-SA-00:39",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000724 JPEG COM Marker Processing Vulnerability in Netscape Browsers",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000801 MDKSA-2000:027-1 netscape update",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html"
},
{
"name": "20000810 Conectiva Linux Security Announcement - netscape",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html"
},
{
"name": "NetBSD-SA2000-011",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0655",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-08-02T00:00:00",
"dateUpdated": "2024-08-08T05:28:40.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}