Netscape: >> Communicator >> 4.5 Security Vulnerabilities
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
CVSS Score
2.6
EPSS Score
0.007
Published
2000-05-10
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
CVSS Score
3.7
EPSS Score
0.001
Published
2000-05-10
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
CVSS Score
4.6
EPSS Score
0.002
Published
1999-12-24
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
CVSS Score
2.6
EPSS Score
0.005
Published
1999-10-28
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
CVSS Score
7.5
EPSS Score
0.012
Published
1999-10-05
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
CVSS Score
5.1
EPSS Score
0.03
Published
1999-09-02
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
CVSS Score
2.1
EPSS Score
0.001
Published
1999-03-18
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
CVSS Score
6.4
EPSS Score
0.004
Published
1999-03-18
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
CVSS Score
7.5
EPSS Score
0.016
Published
1999-03-01
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
CVSS Score
7.5
EPSS Score
0.009
Published
1998-04-01