Netscape

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2002-1308 2Mozilla Netscape 2Mozilla Navigator Apr 16, 2026 Nov 29, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.
CVE-2002-1204 1Netscape 1Communicator Apr 16, 2026 Nov 29, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the...Show more Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.Show less
CVE-2002-1091 3Mozilla NetscapeOpera Software 3Mozilla NavigatorOpera Web Browser Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
CVE-2002-1042 2Netscape Sun 4Enterprise Server Iplanet Web ServerOne Application Server+1 more Apr 16, 2026 Oct 4, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via .....Show more Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.Show less
CVE-2002-0815 3Microsoft MozillaNetscape 3Internet Explorer MozillaNavigator Apr 16, 2026 Aug 12, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malic...Show more The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.Show less
CVE-2002-0354 2Mozilla Netscape 2Mozilla Navigator Apr 16, 2026 Jun 25, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the...Show more The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.Show less
CVE-2002-0594 3Galeon MozillaNetscape 3Galeon Browser MozillaNavigator Apr 16, 2026 Jun 18, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
CVE-2002-0593 2Mozilla Netscape 3Communicator MozillaNavigator Apr 16, 2026 Jun 18, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
CVE-2001-0921 1Netscape 1Communicator Apr 16, 2026 Nov 21, 2001 N/A· v4 N/A· v3 2.1 LOW· v2 Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.
CVE-2001-0745 1Netscape 1Messanger Apr 16, 2026 Oct 18, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property.
CVE-2001-0684 1Netscape 1Collabra Server Apr 16, 2026 Sep 20, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239.
CVE-2001-0683 1Netscape 1Collabra Server Apr 16, 2026 Sep 20, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238.
CVE-2000-1196 1Netscape 1Publishingxpert Apr 16, 2026 Aug 31, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter.
CVE-2001-0596 1Netscape 1Communicator Apr 16, 2026 Aug 2, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
CVE-2001-0262 1Netscape 1Smartdownload Apr 16, 2026 Jul 2, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers (malicious web pages) to execute arbitrary commands via a long URL.
CVE-2001-0251 1Netscape 1Enterprise Server Apr 16, 2026 Jun 2, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command.
CVE-2001-0250 1Netscape 1Enterprise Server Apr 16, 2026 Jun 2, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.
CVE-2001-0164 1Netscape 1Directory Server Apr 16, 2026 Jun 2, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.
CVE-2001-0175 1Netscape 1Fasttrack Server Apr 16, 2026 Mar 26, 2001 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The caching module in Netscape Fasttrack Server 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs.
CVE-2000-0308 2Netscape Sco 4Enterprise Server Fasttrack ServerProxy Server+1 more Apr 16, 2026 Mar 12, 2001 N/A· v4 N/A· v3 10.0 HIGH· v2 Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.

Previous 1 234 5 6 Next