Search Results (120 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2000-0308 2 Netscape, Sco 4 Enterprise Server, Fasttrack Server, Proxy Server and 1 more 2026-04-16 N/A
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
CVE-2002-0815 3 Microsoft, Mozilla, Netscape 3 Internet Explorer, Mozilla, Navigator 2026-04-16 N/A
The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.
CVE-2005-1156 3 Mozilla, Netscape, Redhat 4 Firefox, Mozilla, Navigator and 1 more 2026-04-16 N/A
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1."
CVE-2004-1753 2 Mozilla, Netscape 3 Firefox, Mozilla, Navigator 2026-04-16 N/A
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.
CVE-1999-0141 1 Netscape 1 Navigator 2026-04-16 N/A
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.
CVE-1999-1189 1 Netscape 2 Communicator, Navigator 2026-04-16 N/A
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
CVE-1999-0425 1 Netscape 1 Communicator 2026-04-16 N/A
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
CVE-1999-0751 1 Netscape 1 Enterprise Server 2026-04-16 N/A
Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.
CVE-2004-0528 1 Netscape 1 Navigator 2026-04-16 N/A
Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.
CVE-1999-0827 2 Microsoft, Netscape 3 Ie, Internet Explorer, Navigator 2026-04-16 N/A
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
CVE-2004-0826 4 Hp, Mozilla, Netscape and 1 more 10 Hp-ux, Network Security Services, Certificate Server and 7 more 2026-04-16 N/A
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVE-2002-0354 3 Mozilla, Netscape, Redhat 3 Mozilla, Navigator, Linux 2026-04-16 N/A
The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.
CVE-2002-1042 2 Netscape, Sun 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more 2026-04-16 N/A
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
CVE-1999-0752 1 Netscape 1 Enterprise Server 2026-04-16 N/A
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
CVE-2003-1492 2 Mozilla, Netscape 2 Firefox, Navigator 2026-04-16 N/A
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.
CVE-1999-1532 1 Netscape 1 Messaging Server 2026-04-16 N/A
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.
CVE-2000-0034 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
CVE-2000-0237 1 Netscape 1 Enterprise Server 2026-04-16 N/A
Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories.
CVE-2000-0406 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
CVE-2000-0676 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.