Netscape Communicator vulnerabilities
34 known vulnerabilities affecting netscape/communicator.
Total CVEs
34
CISA KEV
0
Public exploits
9
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH7MEDIUM18LOW8
Vulnerabilities
Page 2 of 2
CVE-1999-1002P4MEDIUMCVSS 5.0v4.72000-01-12
CVE-1999-1002 [MEDIUM] CVE-1999-1002: Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
nvd
CVE-2000-0087P4MEDIUMCVSS 5.0v4.72000-01-12
CVE-2000-0087 [MEDIUM] CVE-2000-0087: Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even i
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
nvd
CVE-2002-1204P4MEDIUMCVSS 5.0v4.6v4.7+8 more2002-11-29
CVE-2002-1204 [MEDIUM] CVE-2002-1204: Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including po
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
nvd
CVE-1999-0031P4LOWCVSS 2.6v2.0v3.0+1 more1997-07-08
CVE-1999-0031 [LOW] CVE-1999-0031: JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
nvd
CVE-2000-0034P4MEDIUMCVSS 5.0v4.71999-12-22
CVE-2000-0034 [MEDIUM] CVE-2000-0034: Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even i
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
nvd
CVE-1999-0809P4MEDIUMCVSS 5.0v4.01999-07-09
CVE-1999-0809 [MEDIUM] CVE-1999-0809: Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if t
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".
nvd
CVE-2000-0517P4MEDIUMCVSS 5.0v4.0v4.5+6 more2000-05-26
CVE-2000-0517 [MEDIUM] CVE-2000-0517: Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if th
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
nvd
CVE-2002-2308P4MEDIUMCVSS 5.0v6.2.12002-12-31
CVE-2002-2308 [MEDIUM] CVE-2002-2308: Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself.
nvd
CVE-1999-0762P4LOWCVSS 2.6v4.6v4.x1999-05-24
CVE-1999-0762 [LOW] CVE-1999-0762: When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
nvd
CVE-2001-0921P4LOWCVSS 2.1≤ 4.772001-11-21
CVE-2001-0921 [LOW] CVE-2001-0921: Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain password
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.
nvd
CVE-1999-0892P4MEDIUMCVSS 4.6v4.51999-12-24
CVE-1999-0892 [MEDIUM] CVE-1999-0892: Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less th
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
nvd
CVE-2000-0406P4LOWCVSS 2.6v4.0v4.05+9 more2000-05-10
CVE-2000-0406 [LOW] CVE-2000-0406: Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificat
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
nvd
CVE-1999-0424P4LOWCVSS 2.1v4.51999-03-18
CVE-1999-0424 [LOW] CVE-1999-0424: talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Nets
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
nvd
CVE-1999-0790P4LOWCVSS 2.6v4.02000-04-01
CVE-1999-0790 [LOW] CVE-1999-0790: A remote attacker can read information from a Netscape user's cache via JavaScript.
A remote attacker can read information from a Netscape user's cache via JavaScript.
nvd
← Previous2 / 2