Navigator

navigator

Vendor: Netscape • 44 CVEs

CVEs (44)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2004-0718 3Firebirdsql MozillaNetscape 3Firebird MozillaNavigator Apr 16, 2026 Jul 27, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitate...Show more The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.Show less
CVE-2003-1560 1Netscape 1Navigator Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
CVE-2003-1492 2Mozilla Netscape 2Firefox Navigator Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.
CVE-2003-1419 1Netscape 1Navigator Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function.
CVE-2003-1265 2Mozilla Netscape 2Mozilla Navigator Apr 16, 2026 Dec 31, 2003 N/A· v4 N/A· v3 2.1 LOW· v2 Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.
CVE-2003-0553 1Netscape 1Navigator Apr 16, 2026 Aug 18, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename.
CVE-2002-2338 2Mozilla Netscape 3Communicator MozillaNavigator Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which i...Show more The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.Show less
CVE-2002-2061 2Mozilla Netscape 2Mozilla Navigator Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-b...Show more Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.Show less
CVE-2002-2013 2Mozilla Netscape 3Communicator MozillaNavigator Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
CVE-2002-1308 2Mozilla Netscape 2Mozilla Navigator Apr 16, 2026 Nov 29, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.
CVE-2002-1091 3Mozilla NetscapeOpera Software 3Mozilla NavigatorOpera Web Browser Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
CVE-2002-0815 3Microsoft MozillaNetscape 3Internet Explorer MozillaNavigator Apr 16, 2026 Aug 12, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malic...Show more The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.Show less
CVE-2002-0354 2Mozilla Netscape 2Mozilla Navigator Apr 16, 2026 Jun 25, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the...Show more The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.Show less
CVE-2002-0594 3Galeon MozillaNetscape 3Galeon Browser MozillaNavigator Apr 16, 2026 Jun 18, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
CVE-2002-0593 2Mozilla Netscape 3Communicator MozillaNavigator Apr 16, 2026 Jun 18, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
CVE-2000-1187 1Netscape 2Communicator Navigator Apr 16, 2026 Jan 9, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
CVE-2000-0087 1Netscape 2Communicator Navigator Apr 16, 2026 Jan 12, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames...Show more Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.Show less
CVE-1999-1189 1Netscape 2Communicator Navigator Apr 16, 2026 Nov 24, 1999 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? characte...Show more Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.Show less
CVE-1999-0827 2Microsoft Netscape 3Ie Internet ExplorerNavigator Apr 16, 2026 Nov 1, 1999 N/A· v4 N/A· v3 2.6 LOW· v2 By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
CVE-1999-0762 1Netscape 2Communicator Navigator Apr 16, 2026 May 24, 1999 N/A· v4 N/A· v3 2.6 LOW· v2 When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.

Previous 123 Next