Netscape: Security Vulnerabilities
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
CVSS Score
7.0
EPSS Score
0.004
Published
1998-02-06
Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.
CVSS Score
7.5
EPSS Score
0.041
Published
1998-01-01
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
CVSS Score
5.1
EPSS Score
0.006
Published
1997-08-01
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
CVSS Score
2.6
EPSS Score
0.029
Published
1997-07-08
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
CVSS Score
7.2
EPSS Score
0.002
Published
1997-02-20
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVSS Score
6.4
EPSS Score
0.081
Published
1997-02-01
List of arbitrary files on Web host via nph-test-cgi script.
CVSS Score
7.5
EPSS Score
0.132
Published
1996-12-10
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
CVSS Score
9.8
EPSS Score
0.016
Published
1996-12-04
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.
CVSS Score
3.7
EPSS Score
0.001
Published
1996-03-29
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.
CVSS Score
7.5
EPSS Score
0.005
Published
1996-03-01