CVE-1999-1262
published 1997-08-01CVE-1999-1262: Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the…
PriorityP415medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
1.62%
73.1th percentile
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
| netscape | communicator | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Netscape Navigator up to 4.5 Java Socket privileges management (XFDB-1727)
vuldb·2026-04-17·CVSS 5.1
CVE-1999-1262 [MEDIUM] Netscape Navigator up to 4.5 Java Socket privileges management (XFDB-1727)
A vulnerability has been found in Netscape Navigator 4.01/4.06/4.07/4.08/4.5 and classified as critical. This affects an unknown part of the component Java Socket Handler. The manipulation leads to improper privilege management.
This vulnerability is documented as CVE-1999-1262. The attack can be initiated remotely. There is not any exploit available.
The affected component should be upgraded.
GHSA
GHSA-2ccq-2xr5-3q62: Java in Netscape 4
ghsa_unreviewed·2022-04-30
CVE-1999-1262 [MEDIUM] GHSA-2ccq-2xr5-3q62: Java in Netscape 4
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
1997-08-01
Published