Netscape: >> Communicator >> 2.0 Security Vulnerabilities
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
CVSS Score
7.5
EPSS Score
0.184
Published
2001-08-02
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
CVSS Score
7.5
EPSS Score
0.014
Published
2001-01-09
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
CVSS Score
2.6
EPSS Score
0.005
Published
1999-10-28
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
CVSS Score
7.5
EPSS Score
0.012
Published
1999-10-05
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
CVSS Score
7.5
EPSS Score
0.009
Published
1998-04-01
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
CVSS Score
2.6
EPSS Score
0.029
Published
1997-07-08