← Back

Netscape

netscape

120 CVEs • 21 products

Products (21)

Click to collapse
Toggle
Navigator
navigator
44 CVEs
Communicator
communicator
35 CVEs
Enterprise Server
enterprise_server
24 CVEs
Fasttrack Server
fasttrack_server
8 CVEs
Directory Server
directory_server
7 CVEs
Messaging Server
messaging_server
5 CVEs
Iplanet Ical
iplanet_ical
4 CVEs
Collabra Server
collabra_server
3 CVEs
Proxy Server
proxy_server
2 CVEs
Certificate Server
certificate_server
2 CVEs
News Server
news_server
2 CVEs
Professional Services Ftpserver
professional_services_ftpserver
1 CVE
Netscape Messaging Server Multiplexor
netscape_messaging_server_multiplexor
1 CVE
Smartdownload
smartdownload
1 CVE
Publishingxpert
publishingxpert
1 CVE
Messanger
messanger
1 CVE
Personalization Engine
personalization_engine
1 CVE
Portable Runtime Api
portable_runtime_api
1 CVE
Certificate Management System
certificate_management_system
1 CVE
Commerce Server
commerce_server
1 CVE
Communications Server
communications_server
1 CVE

CVEs (120)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2004-0904
4Conectiva
MozillaNetscape+1 more
10Enterprise Linux
Enterprise Linux DesktopFedora Core+7 more
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
10.0 HIGH· v2
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that tr...Show more
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.Show less
CVE-2004-0826
4Hp
MozillaNetscape+1 more
10Certificate Server
Directory ServerEnterprise Server+7 more
Apr 16, 2026
Dec 31, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVE-2004-0905
5Conectiva
MozillaNetscape+2 more
10Enterprise Linux
Enterprise Linux DesktopFedora Core+7 more
Apr 16, 2026
Sep 14, 2004
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and...Show more
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.Show less
CVE-2004-0722
2Mozilla
Netscape
2Mozilla
Navigator
Apr 16, 2026
Aug 18, 2004
N/A· v4
N/A· v3
10.0 HIGH· v2
Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
CVE-2004-0528
1Netscape
1Navigator
Apr 16, 2026
Aug 6, 2004
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the...Show more
Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.Show less
CVE-2004-0718
3Firebirdsql
MozillaNetscape
3Firebird
MozillaNavigator
Apr 16, 2026
Jul 27, 2004
N/A· v4
N/A· v3
7.5 HIGH· v2
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitate...Show more
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.Show less
CVE-2003-1560
1Netscape
1Navigator
Apr 16, 2026
Dec 31, 2003
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
CVE-2003-1492
2Mozilla
Netscape
2Firefox
Navigator
Apr 16, 2026
Dec 31, 2003
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.
CVE-2003-1419
1Netscape
1Navigator
Apr 16, 2026
Dec 31, 2003
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function.
CVE-2003-1265
2Mozilla
Netscape
2Mozilla
Navigator
Apr 16, 2026
Dec 31, 2003
N/A· v4
N/A· v3
2.1 LOW· v2
Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.
CVE-2003-0553
1Netscape
1Navigator
Apr 16, 2026
Aug 18, 2003
N/A· v4
N/A· v3
7.5 HIGH· v2
Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename.
CVE-2002-2338
2Mozilla
Netscape
3Communicator
MozillaNavigator
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which i...Show more
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.Show less
CVE-2002-2308
1Netscape
1Communicator
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself.
CVE-2002-2284
1Netscape
1Communicator
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.
CVE-2002-2248
1Netscape
1Communicator
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
10.0 HIGH· v2
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a l...Show more
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.Show less
CVE-2002-2061
2Mozilla
Netscape
2Mozilla
Navigator
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
7.5 HIGH· v2
Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-b...Show more
Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.Show less
CVE-2002-2013
2Mozilla
Netscape
3Communicator
MozillaNavigator
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
CVE-2002-1766
1Netscape
1Communicator
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
4.6 MEDIUM· v2
Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute.
CVE-2002-1655
2Iplanet
Netscape
2Enterprise Server
Iplanet Web Server
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request.
CVE-2002-1654
2Iplanet
Netscape
2Enterprise Server
Iplanet Web Server
Apr 16, 2026
Dec 31, 2002
N/A· v4
N/A· v3
7.5 HIGH· v2
iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack...Show more
iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection.Show less