Navigator@7.1 Security Vulnerabilities and Issues — Navigator@7.1 CVE List

Lucene search

NetscapeNavigator7.1

8 matches found

CVE•added 2004/12/31 5:0 a.m.•74 views

CVE-2004-0904

Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.

10CVSS7.7AI score0.20716EPSS

CVE•added 2004/07/27 4:0 a.m.•73 views

CVE-2004-0718

The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

7.5CVSS6AI score0.0191EPSS

CVE•added 2005/12/09 3:3 p.m.•67 views

CVE-2005-4134

Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: desp...

5CVSS6.5AI score0.27694EPSS

CVE•added 2004/08/18 4:0 a.m.•64 views

CVE-2004-0722

Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.

10CVSS7.4AI score0.23108EPSS

CVE•added 2004/09/24 4:0 a.m.•56 views

CVE-2004-0905

Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.

4.6CVSS6.8AI score0.05741EPSS

CVE•added 2005/01/10 5:0 a.m.•51 views

CVE-2004-1160

Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window inject...

7.5CVSS6.7AI score0.01048EPSS

CVE•added 2004/08/06 4:0 a.m.•47 views

CVE-2004-0528

Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.

5CVSS7AI score0.03062EPSS

CVE•added 2005/02/26 5:0 a.m.•42 views

CVE-2004-1753

The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.

2.6CVSS6.5AI score0.00868EPSS