Netscape Communicator vulnerabilities
34 known vulnerabilities affecting netscape/communicator.
Total CVEs
34
CISA KEV
0
Public exploits
9
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH7MEDIUM18LOW8
Vulnerabilities
Page 1 of 2
CVE-2000-0711P3HIGHCVSS 7.5PoCv4.0v4.04+12 more2000-10-20
CVE-2000-0711 [HIGH] CVE-2000-0711: Netscape Communicator does not properly prevent a ServerSocket object from being created by untruste
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
nvd
CVE-2001-0596P3HIGHCVSS 7.5PoC≤ 4.772001-08-02
CVE-2001-0596 [HIGH] CVE-2001-0596: Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
nvd
CVE-2000-0676P4MEDIUMCVSS 5.0PoCv4.0v4.04+12 more2000-10-20
CVE-2000-0676 [MEDIUM] CVE-2000-0676: Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary file
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
nvd
CVE-1999-0174P4MEDIUMCVSS 6.4PoCv4.0v4.05+5 more1997-02-01
CVE-1999-0174 [MEDIUM] CVE-1999-0174: The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attac
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
nvd
CVE-2000-0655P4MEDIUMCVSS 5.0PoCv4.0v4.05+11 more2000-07-25
CVE-2000-0655 [MEDIUM] CVE-2000-0655: Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execu
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
nvd
CVE-1999-0685P4MEDIUMCVSS 5.1PoCv4.5v4.06+3 more1999-09-02
CVE-1999-0685 [MEDIUM] CVE-1999-0685: Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
nvd
CVE-2002-1766P4MEDIUMCVSS 4.6PoCv4.772002-12-31
CVE-2002-1766 [MEDIUM] CVE-2002-1766: Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and exec
Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute.
nvd
CVE-2002-2338P4MEDIUMCVSS 5.0PoCv4.0v4.4+14 more2002-12-31
CVE-2002-2338 [MEDIUM] CWE-20 CVE-2002-2338: The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows r
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
nvd
CVE-2002-2248P4CRITICALCVSS 10.0v4.0v4.5+12 more2002-12-31
CVE-2002-2248 [CRITICAL] CWE-119 CVE-2002-2248: Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
nvd
CVE-2000-1187P4HIGHCVSS 7.5≤ 4.752001-01-09
CVE-2000-1187 [HIGH] CVE-2000-1187: Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
nvd
CVE-2002-0593P4HIGHCVSS 7.5v6.12002-06-18
CVE-2002-0593 [HIGH] CVE-2002-0593: Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a den
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
nvd
CVE-2000-0409P4LOWCVSS 3.7PoCv4.5v4.6+5 more2000-05-10
CVE-2000-0409 [LOW] CVE-2000-0409: Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local use
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
nvd
CVE-2002-2284P4MEDIUMCVSS 6.4v4.0v4.5+12 more2002-12-31
CVE-2002-2284 [MEDIUM] CVE-2002-2284: Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute ar
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.
nvd
CVE-1999-0440P4HIGHCVSS 7.5v4.51999-03-01
CVE-1999-0440 [HIGH] CVE-1999-0440: The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through m
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
nvd
CVE-1999-1189P4HIGHCVSS 7.5v4.71999-11-24
CVE-1999-1189 [HIGH] CVE-1999-1189: Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote a
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
nvd
CVE-1999-1357P4HIGHCVSS 7.5≤ 4.7v4.04+1 more1999-10-05
CVE-1999-1357 [HIGH] CVE-1999-1357: Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating syste
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
nvd
CVE-2002-2013P4MEDIUMCVSS 5.0v4.0v4.4+16 more2002-12-31
CVE-2002-2013 [MEDIUM] CVE-2002-2013: Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
nvd
CVE-1999-1262P4MEDIUMCVSS 5.1v4.01v4.5+3 more1997-08-01
CVE-1999-1262 [MEDIUM] CVE-1999-1262: Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the o
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
nvd
CVE-1999-0425P4MEDIUMCVSS 6.4v4.51999-03-18
CVE-1999-0425 [MEDIUM] CVE-1999-0425: talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Nets
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
nvd
CVE-1999-1226P4LOWCVSS 2.6≤ 4.71999-10-28
CVE-1999-1226 [LOW] CVE-1999-1226: Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and poss
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
nvd
1 / 2Next →