Netscape: >> Communicator >> 4.75 Security Vulnerabilities
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
CVSS Score
5.0
EPSS Score
0.005
Published
2002-12-31
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
CVSS Score
10.0
EPSS Score
0.049
Published
2002-12-31
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.
CVSS Score
6.4
EPSS Score
0.003
Published
2002-12-31
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
CVSS Score
5.0
EPSS Score
0.053
Published
2002-12-31
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
CVSS Score
5.0
EPSS Score
0.006
Published
2002-11-29
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
CVSS Score
7.5
EPSS Score
0.184
Published
2001-08-02
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
CVSS Score
7.5
EPSS Score
0.014
Published
2001-01-09
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
CVSS Score
7.5
EPSS Score
0.009
Published
1998-04-01