CVE-1999-1357

Published: Oct 5, 1999Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.

Affected (3)

Products: Netscape: Communicator

Netscape

1 product

Communicator

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Netscape Communicator	Up to 4.7
Netscape Communicator	Version 4.04
Netscape Communicator	Version 4.51

References (2)

http://marc.info/?l=bugtraq&m=93915331626185&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=93915331626185&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.