322 matches found
CVE-2000-0676
CVE-2000-0676 affects Netscape Communicator/Navigator 4.04–4.74. An unsigned Java applet could read local files (e.g., file://) and connect to remote resources via file/http/https/ftp URLs, enabling data exfiltration via Brown Orifice. Root cause is an implementation error in the JRE bundled with...
CVE-2000-0711
Vulnerability summary (CVE-2000-0711) : Netscape Communicator fails to prevent a ServerSocket object from being created by untrusted entities, enabling a remote attacker to start a server on the victim’s system via a malicious applet (as demonstrated by Brown Orifice). The underlying issue is a f...
CVE-2000-0655
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1...
CVE-2000-0676
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice...
CVE-2000-0711
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice...
[SECURITY] New version of Netscape Communicator/Navigator released
Package: netscape communicator, navigator Vulnerability: remote exploit Debian-specific: no Existing Netscape Communicator/Navigator packages contain the following vulnerabilities: 1. Netscape Communicator JPEG-Comment Heap Overwrite Vulnerability - executes arbitrary code in the comment field of...
[SECURITY] New version of Netscape Communicator/Navigator released
---------------------------------------------------------------------------- Debian Security Advisory [email protected] http://www.debian.org/security/ Michael Stone September 1, 2000 - ---------------------------------------------------------------------------- Package: netscape communicator,...
Linux News 21.08.00
Linux 2.2.17pre19 Вышла новая pre-версия следующего стабильного ядра Linux: 2.2.17pre19. Подробнее: http://linuxtoday.com/newsstory.php3?ltsn=2000-08-18-012-04-NW-KN FreeAmp 2.1beta6 Вышла новая beta версия популярного mp3 проигрывателя FreeAmp - FreeAmp 2.1beta6. В этой версии пофиксено некоторо...
Netscape Communicator 4.x - URL Read
Netscape Communicator 4.x - URL Read source: https://www.securityfocus.com/bid/1546/info A flaw in Netscape Communicator's implementation of Java allows malicious applets to read any resource reachable via a URL from the local machine by using the netscape.net.URLConnection and...
Netscape Communicator 4.x - URL Read
source: https://www.securityfocus.com/bid/1546/info A flaw in Netscape Communicator's implementation of Java allows malicious applets to read any resource reachable via a URL from the local machine by using the netscape.net.URLConnection and netscape.net.URLInputSteam classes. This allows malicio...
CVE-2000-0655
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1...
Netscape Communicator 4.x - JPEG-Comment Heap Overwrite
Netscape Communicator 4.x - JPEG-Comment Heap Overwrite source: https://www.securityfocus.com/bid/1503/info Netscape Browsers use the Independent JPEG Group's decoder library to process JPEG encoded images. The library functions skip JPEG comments; however, the browser uses a custom function to...
Netscape Communicator 4.x - JPEG-Comment Heap Overwrite
source: https://www.securityfocus.com/bid/1503/info Netscape Browsers use the Independent JPEG Group's decoder library to process JPEG encoded images. The library functions skip JPEG comments; however, the browser uses a custom function to process these comments and store them in memory. The...
CVE-2000-0406
The CVE-2000-0406 entry describes: Netscape Communicator before 4.73 and Navigator 4.07 do not properly validate SSL certificates, enabling remote attackers to redirect traffic to a malicious server (Acros-Suencksen SSL) and potentially steal data. No remediation or exploit details are provided i...
CVE-2000-0406
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability...
CVE-2000-0406
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability...
Netscape Communicator 4.54.514.64.614.74.724.73 - tmp Symlink
Netscape Communicator 4.54.514.64.614.74.724.73 - tmp Symlink source: https://www.securityfocus.com/bid/1201/info Netscape Communicator version 4.73 and prior may be susceptible to a /tmp file race condition when importing certificates. Netscape creates a /tmp file which is world readable and...
Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink
source: https://www.securityfocus.com/bid/1201/info Netscape Communicator version 4.73 and prior may be susceptible to a /tmp file race condition when importing certificates. Netscape creates a /tmp file which is world readable and writable in /tmp, without calling stat or fstat on the file. As...
CVE-1999-0685
CVE-1999-0685 describes a buffer overflow in Netscape Communicator triggered by EMBED tags in the pluginspage option. The affected product is Netscape Communicator; the vulnerability concerns the plugin-related EMBED handling path, with the root cause identified as a buffer overflow. Practical im...
CVE-1999-0762
The CVE-1999-0762 issue involves Netscape Communicator where JavaScript embedded in the TITLE tag can cause the browser to leak information via the about protocol, enabling a remote attacker to access browser information. The description and connected records consistently describe this vulnerabil...