Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
NetscapeCommunicator4.73

10 matches found

CVE
CVEadded 2000/10/13 4:0 a.m.47 views

CVE-2000-0517

Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.

5CVSS6.5AI score0.00954EPSS
CVE
CVEadded 2000/10/20 4:0 a.m.46 views

CVE-2000-0711

Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.

7.5CVSS7AI score0.06754EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.44 views

CVE-2000-0655

Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.

5CVSS8AI score0.15249EPSS
CVE
CVEadded 2005/07/14 4:0 a.m.40 views

CVE-2002-2013

Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.

5CVSS6.6AI score0.00477EPSS
CVE
CVEadded 2000/07/12 4:0 a.m.39 views

CVE-2000-0409

Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.

3.7CVSS6.7AI score0.00086EPSS
CVE
CVEadded 2002/11/29 5:0 a.m.39 views

CVE-2002-1204

Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a dir...

5CVSS6.5AI score0.00585EPSS
CVE
CVEadded 2007/10/18 10:0 a.m.37 views

CVE-2002-2284

Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.

6.4CVSS8.1AI score0.00321EPSS
CVE
CVEadded 2007/10/29 7:0 p.m.37 views

CVE-2002-2338

The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.

5CVSS6.6AI score0.05291EPSS
CVE
CVEadded 2000/10/20 4:0 a.m.30 views

CVE-2000-0676

Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.

5CVSS6.7AI score0.25173EPSS
CVE
CVEadded 2007/10/14 8:0 p.m.27 views

CVE-2002-2248

Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.

10CVSS8.4AI score0.04871EPSS