Arbitrary command execution via IMAP buffer overflow in authenticate command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| university_of_washington | imap | 10.234 |
| netscape | messaging_server | 3.55 |
Information from SSL-encrypted sessions via PKCS #1.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-327,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| c2net | stonghold_web_server | 2.0.1 |
| microsoft | internet_information_server | 3.0 |
| ssleay | ssleay | 0.6.6 |
| netscape | directory_server | 3.1 |
| c2net | stonghold_web_server | 2.2 |
| netscape | directory_server | 1.3 |
| ssleay | ssleay | 0.8.1 |
| netscape | collabra_server | 3.5.2 |
| c2net | stonghold_web_server | 2.3 |
| microsoft | exchange_server | 5.5 |
| netscape | enterprise_server | 3.0.1b |
| microsoft | internet_information_server | 4.0 |
| netscape | enterprise_server | 2.0 |
| hp | open_market_secure_webserver | 2.1 |
| netscape | directory_server | 3.12 |
| microsoft | site_server | 3.0 |
| netscape | proxy_server | 3.5.1 |
| netscape | enterprise_server | 3.5.1 |
| netscape | messaging_server | 3.54 |
| ssleay | ssleay | 0.9 |
| netscape | certificate_server | 1.0 |
| netscape | fasttrack_server | 3.01b |
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,CWE-290,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | fasttrack_server | 3.01 |
| netscape | enterprise_server | 3.0 |
| microsoft | frontpage | * |
| microsoft | internet_information_server | 4.0 |
| microsoft | personal_web_server | 4.0 |
| netscape | fasttrack_server | 2.01 |
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.0 |
| netscape | communicator | 3.0 |
| microsoft | internet_explorer | 3.0 |
| microsoft | internet_explorer | 4.0 |
| netscape | communicator | 2.0 |
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux | 4.1 |
| isc | inn | 1.4unoff4 |
| bsdi | bsd_os | 2.1 |
| isc | inn | 1.4sec2 |
| isc | inn | 1.5 |
| nec | goah_networksv | 2.2 |
| isc | inn | 1.4sec |
| nec | goah_networksv | 1.2 |
| redhat | linux | 4.0 |
| netscape | news_server | 1.1 |
| nec | goah_networksv | 3.1 |
| isc | inn | 1.4unoff3 |
| nec | goah_intrasv | 1.1 |
| caldera | openlinux | 1.0 |
List of arbitrary files on Web host via nph-test-cgi script.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| apache | http_server | 0.8.14 |
| netscape | commerce_server | 1.12 |
| apache | http_server | 1.0.5 |
| netscape | enterprise_server | 2.0a |
| apache | http_server | 1.0 |
| apache | http_server | 1.1 |
| apache | http_server | 0.8.11 |
| apache | http_server | 1.0.2 |
| netscape | communications_server | 1.1 |
| netscape | communications_server | 1.12 |
| apache | http_server | 1.0.3 |
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 2.02 |
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | java | * |
| netscape | navigator | * |
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.0 |
| netscape | communicator | 4.07 |
| netscape | communicator | 4.05 |
| netscape | communicator | 4.06 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.6 |
Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-178,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | fasttrack_server | 3.01 |
Netscape Enterprise servers may list files through the PageServices query.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | * |
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.5 |
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.5 |
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 4.08 |
| netscape | navigator | 4.04 |
| netscape | navigator | 4.01 |
| netscape | navigator | 4.5 |
| netscape | communicator | 4.5 |
| sun | java | * |
| netscape | navigator | 4.03 |
| netscape | navigator | 4.0 |
| netscape | navigator | 4.07 |
| netscape | navigator | 4.06 |
| netscape | navigator | 4.61 |
| netscape | navigator | 4.05 |
| netscape | navigator | 4.02 |
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.6 |
| hp | hp-ux | 10.24 |
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | * |
| microsoft | internet_explorer | 6.0.2900 |
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.06 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.61 |
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.24 |
| netscape | enterprise_server | * |
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | fasttrack_server | * |
| netscape | enterprise_server | * |
Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.6 |
| netscape | enterprise_server | 3.5.1 |
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | * |
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | fasttrack_server | 3.01 |
| netscape | enterprise_server | 3.5.1 |
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.x |
| netscape | communicator | 4.6 |
| netscape | navigator | * |
A remote attacker can read information from a Netscape user's cache via JavaScript.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.0 |
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | directory_server | * |
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.0 |
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| microsoft | internet_explorer | 3.2 |
| microsoft | internet_explorer | 5.0 |
| microsoft | internet_explorer | 4.1 |
| microsoft | internet_explorer | 3.1 |
| microsoft | internet_explorer | 3.0 |
| microsoft | internet_explorer | 3.0.2 |
| microsoft | internet_explorer | 4.0 |
| microsoft | ie | 4.0 |
| microsoft | internet_explorer | 4.5 |
| microsoft | internet_explorer | 4.0.1 |
| netscape | navigator | * |
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.6 |
| netscape | fasttrack_server | 3.01 |
| netscape | enterprise_server | 3.5.1 |
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux | 4.1 |
| nec | goah_intrasv | r1.1 |
| redhat | linux | 4.0 |
| sun | sparc | * |
| netscape | news_server | 1.1 |
| nec | goah_networksv | r1.2 |
| nec | goah_networksv | r3.1 |
| isc | inn | 1.5.1 |
| nec | goah_networksv | r2.2 |
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| microsoft | internet_explorer | 3.2 |
| microsoft | internet_explorer | 3.0.1 |
| microsoft | internet_explorer | 3.0 |
| microsoft | internet_explorer | 3.0.2 |
| microsoft | internet_explorer | 4.0 |
| microsoft | internet_explorer | 4.0.1 |
| netscape | navigator | * |
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.5 |
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.7 |
Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.0.7a |
| novell | groupwise | 5.5 |
| novell | groupwise | 5.2 |
Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | * |
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 4.7 |
| netscape | communicator | 4.7 |
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | * |
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.07 |
| netscape | communicator | 4.01 |
| netscape | communicator | 4.06 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.08 |
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.04 |
| netscape | communicator | * |
| netscape | communicator | 4.51 |
Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | messaging_server | 3.54 |
| netscape | messaging_server | 3.55 |
| netscape | messaging_server | 3.6 |
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.7 |
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.7 |
| netscape | navigator | * |
Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.6 |
| netscape | enterprise_server | 3.0 |
| netscape | enterprise_server | 3.5.1 |
Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.6 |
| netscape | enterprise_server | 3.5 |
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | unixware | * |
| netscape | enterprise_server | 2.0 |
| netscape | fasttrack_server | 2.0 |
| sco | unixware | 7.0 |
| netscape | proxy_server | 2.5 |
| netscape | fasttrack_server | 2.01 |
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.0 |
| netscape | communicator | 4.07 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.05 |
| netscape | communicator | 4.06 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.7 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.61 |
| netscape | communicator | 4.5_beta |
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.72 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.7 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.61 |
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.0 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.7 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.61 |
Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | professional_services_ftpserver | 1.3.6 |
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 5.0 |
| novell | netware | 5.1 |
| netscape | enterprise_server | 4.1.1 |
| novell | netware | 5.0 |
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.0 |
| netscape | communicator | 4.07 |
| netscape | communicator | 4.5 |
| mozilla | mozilla | m15 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.5_beta |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.05 |
| netscape | communicator | 4.06 |
| netscape | communicator | 4.7 |
| netscape | communicator | 4.08 |
| netscape | communicator | 4.61 |
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.74 |
| netscape | communicator | 4.0 |
| netscape | communicator | 4.07 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.5_beta |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.05 |
| netscape | communicator | 4.06 |
| netscape | communicator | 4.04 |
| netscape | communicator | 4.08 |
| netscape | communicator | 4.61 |
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.74 |
| netscape | communicator | 4.0 |
| netscape | communicator | 4.07 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.6 |
| microsoft | virtual_machine | 3300 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.05 |
| netscape | communicator | 4.06 |
| netscape | communicator | 4.04 |
| netscape | communicator | 4.7 |
| microsoft | virtual_machine | 3200 |
| netscape | communicator | 4.08 |
| microsoft | virtual_machine | 2000 |
| netscape | communicator | 4.61 |
| microsoft | virtual_machine | 3100 |
The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect user names versus incorrect passwords, which allows remote attackers to determine valid users on the system and harvest email addresses for spam abuse.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | messaging_server | 4.15 |
Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | messaging_server | 4.0 |
| netscape | netscape_messaging_server_multiplexor | 4.0 |
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | iplanet_ical | 2.1 |
iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | iplanet_ical | 2.1 |
csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | iplanet_ical | 2.1 |
csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | iplanet_ical | 2.1 |
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | directory_server | 4.12 |
| sun | iplanet_certificate_management_system | 4.2 |
Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | directory_server | 4.12 |
| sun | iplanet_certificate_management_system | 4.2 |
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | * |
| netscape | navigator | * |
PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | publishingxpert | * |
Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | directory_server | * |
The caching module in Netscape Fasttrack Server 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | fasttrack_server | 4.0.1 |
The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.0 |
| netscape | enterprise_server | 4.0 |
The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.0 |
Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers (malicious web pages) to execute arbitrary commands via a long URL.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | smartdownload | 1.3 |
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | * |
Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | collabra_server | * |
Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | collabra_server | * |
Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | messanger | 4.7x |
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | * |
The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 6.1 |
| mozilla | mozilla | 0.9.7 |
| netscape | navigator | 6.2 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 1.0 |
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 6.0 |
| netscape | communicator | 6.1 |
| netscape | navigator | 6.01 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 1.0 |
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 6.0 |
| netscape | navigator | 6.1 |
| galeon | galeon_browser | 1.2 |
| galeon | galeon_browser | 1.2.1 |
| netscape | navigator | 6.2.1 |
| netscape | navigator | 6.2.2 |
| netscape | navigator | 6.01 |
| netscape | navigator | 6.2 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 1.0 |
The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| microsoft | internet_explorer | 6.0.2900 |
| mozilla | mozilla | * |
| netscape | navigator | * |
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | iplanet_web_server | 4.1 |
| netscape | enterprise_server | 3.6 |
| sun | one_application_server | 6.0 |
| sun | one_web_server | 6.0 |
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.7 |
| opera_software | opera_web_browser | 6.0.1 |
| netscape | navigator | 6.2.2 |
| opera_software | opera_web_browser | 6.0 |
| mozilla | mozilla | 0.9.5 |
| mozilla | mozilla | 0.9.6 |
| netscape | navigator | 6.2.3 |
| netscape | navigator | 6.2.1 |
| mozilla | mozilla | 0.9.8 |
| netscape | navigator | 6.2 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 1.0 |
| opera_software | opera_web_browser | 5.12 |
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.74 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.77 |
| netscape | communicator | 4.78 |
| netscape | communicator | 4.7 |
| netscape | communicator | 4.75 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.61 |
| netscape | communicator | 4.76 |
Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 0.9.7 |
| netscape | navigator | 6.2.2 |
| mozilla | mozilla | 1.1 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 0.9.6 |
| netscape | navigator | 6.2.3 |
| netscape | navigator | 6.2.1 |
| mozilla | mozilla | 0.9.8 |
| netscape | navigator | 6.2 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 1.0 |
| netscape | navigator | 7.0 |
iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 2.0 |
| netscape | enterprise_server | 3.6 |
| iplanet | iplanet_web_server | 6.0 |
| netscape | enterprise_server | 3.2 |
| netscape | enterprise_server | 3.0 |
| netscape | enterprise_server | 3.4 |
| netscape | enterprise_server | 3.5 |
| netscape | enterprise_server | 3.1 |
| iplanet | iplanet_web_server | enterprise_4.0 |
| netscape | enterprise_server | 3.3 |
| iplanet | iplanet_web_server | enterprise_4.1 |
The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.6 |
| netscape | enterprise_server | 3.2 |
| netscape | enterprise_server | 3.0 |
| netscape | enterprise_server | 3.4 |
| netscape | enterprise_server | 3.5 |
| netscape | enterprise_server | 3.1 |
| iplanet | iplanet_web_server | enterprise_4.0 |
| netscape | enterprise_server | 3.3 |
| iplanet | iplanet_web_server | enterprise_4.1 |
Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.77 |
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.74 |
| netscape | communicator | 4.0 |
| netscape | communicator | 4.07 |
| netscape | communicator | 4.5 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.5 |
| netscape | communicator | 4.75 |
| netscape | communicator | 4.6 |
| mozilla | mozilla | 0.9.4 |
| mozilla | mozilla | 0.9.3 |
| netscape | communicator | 4.4 |
| netscape | navigator | 4.77 |
| netscape | communicator | 4.77 |
| netscape | navigator | 6.2 |
| netscape | communicator | 4.08 |
| netscape | communicator | 4.61 |
| netscape | navigator | 6.0 |
| netscape | navigator | 6.1 |
| netscape | communicator | 4.78 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.5_beta |
| netscape | communicator | 4.76 |
| mozilla | mozilla | 0.9.2.1 |
| mozilla | mozilla | 0.9.6 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.06 |
| netscape | navigator | 6.01 |
| netscape | communicator | 4.7 |
| mozilla | mozilla | 0.9.2 |
Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 6.2.3 |
| mozilla | mozilla | * |
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.74 |
| netscape | communicator | 4.0 |
| netscape | communicator | 4.78 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.75 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.76 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.77 |
| netscape | communicator | 4.79 |
| netscape | communicator | 4.7 |
| netscape | communicator | 4.61 |
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.74 |
| netscape | communicator | 4.0 |
| netscape | communicator | 4.78 |
| netscape | communicator | 4.5 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.75 |
| netscape | communicator | 4.6 |
| netscape | communicator | 4.76 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.77 |
| netscape | communicator | 4.79 |
| netscape | communicator | 4.7 |
| netscape | communicator | 4.61 |
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 6.2.1 |
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | communicator | 4.74 |
| netscape | communicator | 4.0 |
| netscape | communicator | 4.07 |
| mozilla | mozilla | 0.9.7 |
| netscape | communicator | 4.5 |
| mozilla | mozilla | 0.9.4.1 |
| mozilla | mozilla | 0.9.5 |
| netscape | communicator | 4.75 |
| netscape | communicator | 4.6 |
| mozilla | mozilla | 0.9.4 |
| mozilla | mozilla | 0.9.3 |
| netscape | communicator | 4.4 |
| netscape | communicator | 4.77 |
| netscape | navigator | 6.2 |
| netscape | communicator | 4.08 |
| netscape | communicator | 4.61 |
| mozilla | mozilla | 1.0 |
| netscape | navigator | 6.0 |
| netscape | navigator | 6.1 |
| netscape | navigator | 6.2.2 |
| netscape | communicator | 4.51 |
| netscape | communicator | 4.76 |
| mozilla | mozilla | 0.9.2.1 |
| mozilla | mozilla | 0.9.6 |
| netscape | communicator | 4.72 |
| netscape | communicator | 4.73 |
| netscape | communicator | 4.06 |
| netscape | navigator | 6.2.1 |
| netscape | navigator | 6.01 |
| netscape | communicator | 4.7 |
| mozilla | mozilla | 0.9.8 |
| mozilla | mozilla | 0.9.9 |
| mozilla | mozilla | 0.9.2 |
Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.0.2 |
Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 5.0 |
| netscape | navigator | 7.0 |
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.0 |
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.0.2 |
| mozilla | firefox | * |
Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 4 |
Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.1 |
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.1 |
| mozilla | mozilla | 1.6 |
| firebirdsql | firebird | 0.7 |
Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.1 |
| mozilla | mozilla | 1.6 |
| netscape | navigator | 7.0 |
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | java_enterprise_system | 2004q2 |
| mozilla | network_security_services | 3.2 |
| mozilla | network_security_services | 3.3 |
| mozilla | network_security_services | 3.7 |
| netscape | certificate_server | 4.2 |
| netscape | personalization_engine | * |
| netscape | enterprise_server | 4.0 |
| netscape | enterprise_server | 4.1.1 |
| netscape | enterprise_server | 3.5.1 |
| mozilla | network_security_services | 3.7.1 |
| mozilla | network_security_services | 3.5 |
| sun | one_web_server | 4.1 |
| mozilla | network_security_services | 3.4.1 |
| mozilla | network_security_services | 3.6 |
| netscape | directory_server | 3.1 |
| netscape | enterprise_server | 3.4 |
| mozilla | network_security_services | 3.3.2 |
| hp | hp-ux | 11.11 |
| netscape | enterprise_server | 3.5 |
| mozilla | network_security_services | 3.7.2 |
| netscape | enterprise_server | 3.1 |
| mozilla | network_security_services | 3.7.3 |
| netscape | enterprise_server | 3.0.1 |
| mozilla | network_security_services | 3.7.5 |
| netscape | directory_server | 3.12 |
| netscape | directory_server | 4.1 |
| sun | java_enterprise_system | 2003q4 |
| hp | hp-ux | 11.00 |
| netscape | enterprise_server | 3.6 |
| sun | java_system_application_server | 7.1 |
| netscape | enterprise_server | 5.0 |
| netscape | enterprise_server | 3.2 |
| netscape | enterprise_server | 3.0 |
| netscape | directory_server | 4.11 |
| netscape | directory_server | 1.3 |
| mozilla | network_security_services | 3.7.7 |
| netscape | directory_server | 4.13 |
| sun | one_application_server | 6.0 |
| mozilla | network_security_services | 3.8 |
| mozilla | network_security_services | 3.4 |
| netscape | enterprise_server | 4.1 |
| mozilla | network_security_services | 3.9 |
| sun | one_web_server | 6.0 |
| netscape | certificate_server | 1.0 |
| mozilla | network_security_services | 3.2.1 |
| mozilla | network_security_services | 3.4.2 |
| netscape | enterprise_server | 2.0.1c |
| netscape | enterprise_server | 3.0.1b |
| mozilla | network_security_services | 3.6.1 |
| netscape | enterprise_server | 2.0a |
| netscape | enterprise_server | 2.0 |
| netscape | enterprise_server | 3.0.7a |
| sun | one_web_server | 6.1 |
| hp | hp-ux | 11.23 |
| netscape | enterprise_server | 3.0l |
| mozilla | network_security_services | 3.3.1 |
| sun | java_system_application_server | 7.0 |
| netscape | enterprise_server | 3.3 |
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux_advanced_workstation | 2.1 |
| redhat | enterprise_linux | 2.1 |
| conectiva | linux | 9.0 |
| conectiva | linux | 10.0 |
| mozilla | thunderbird | 0.7 |
| mozilla | thunderbird | 0.7.3 |
| redhat | fedora_core | core_1.0 |
| mozilla | firefox | 0.9.1 |
| redhat | enterprise_linux | 3.0 |
| mozilla | firefox | 0.8 |
| redhat | enterprise_linux_desktop | 3.0 |
| netscape | navigator | 7.2 |
| redhat | linux | 7.3 |
| netscape | navigator | 7.0.2 |
| mozilla | firefox | 0.9.2 |
| redhat | linux | 9.0 |
| mozilla | thunderbird | 0.7.1 |
| mozilla | thunderbird | 0.6 |
| netscape | navigator | 7.1 |
| mozilla | mozilla | 1.7.2 |
| mozilla | thunderbird | 0.7.2 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.7.1 |
| mozilla | firefox | 0.9.3 |
| netscape | navigator | 7.0 |
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| redhat | linux_advanced_workstation | 2.1 |
| redhat | enterprise_linux | 2.1 |
| mozilla | mozilla | 1.4 |
| conectiva | linux | 9.0 |
| conectiva | linux | 10.0 |
| mozilla | mozilla | 1.0.2 |
| suse | suse_linux | 9.0 |
| redhat | fedora_core | core_1.0 |
| suse | suse_linux | 1.0 |
| mozilla | firefox | 0.9.1 |
| redhat | enterprise_linux | 3.0 |
| mozilla | firefox | 0.8 |
| suse | suse_linux | 8.2 |
| mozilla | mozilla | 1.0 |
| mozilla | mozilla | 1.6 |
| redhat | enterprise_linux_desktop | 3.0 |
| netscape | navigator | 7.2 |
| redhat | linux | 7.3 |
| netscape | navigator | 7.0.2 |
| mozilla | firefox | 0.9.2 |
| mozilla | mozilla | 1.4.2 |
| suse | suse_linux | 8 |
| mozilla | mozilla | 1.2 |
| mozilla | mozilla | 1.3 |
| suse | suse_linux | 9.1 |
| mozilla | mozilla | 1.1 |
| redhat | linux | 9.0 |
| mozilla | mozilla | 1.0.1 |
| mozilla | mozilla | 1.3.1 |
| netscape | navigator | 7.1 |
| mozilla | mozilla | 1.2.1 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.2 |
| mozilla | mozilla | 1.7 |
| suse | suse_linux | 8.1 |
| mozilla | firefox | 0.9 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7.1 |
| mozilla | firefox | 0.9.3 |
| netscape | navigator | 7.0 |
Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.0.2 |
| netscape | navigator | 7.1 |
| netscape | navigator | 7.0 |
| netscape | navigator | 7.2 |
Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | directory_server | 3.6 |
The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 7.1 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.9.3 |
| netscape | navigator | 7.2 |
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0.1 |
| netscape | navigator | 7.2 |
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| netscape | navigator | 7.2 |
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute malicious script, aka "Firesearching 2."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 0.10 |
| mozilla | mozilla | 1.4 |
| mozilla | mozilla | 1.3 |
| mozilla | mozilla | 1.7.3 |
| mozilla | mozilla | 1.7.5 |
| mozilla | mozilla | 1.5 |
| mozilla | mozilla | 1.7.2 |
| mozilla | firefox | 0.10.1 |
| mozilla | mozilla | 1.7 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 0.9.1 |
| mozilla | mozilla | 1.4.1 |
| mozilla | mozilla | 1.7.1 |
| mozilla | mozilla | 1.7.6 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0.2 |
| mozilla | firefox | 1.0 |
| mozilla | mozilla | 1.5.1 |
| mozilla | mozilla | 1.6 |
| mozilla | firefox | 1.0.1 |
| netscape | navigator | 7.2 |
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| k-meleon_project | k-meleon | 0.7_service_pack_1 |
| netscape | navigator | 7.1 |
| k-meleon_project | k-meleon | 0.8.2 |
| mozilla | firefox | * |
| k-meleon_project | k-meleon | 0.7 |
| k-meleon_project | k-meleon | * |
| k-meleon_project | k-meleon | 0.8.1 |
| k-meleon_project | k-meleon | 0.8 |
| netscape | navigator | * |
| netscape | navigator | 7.2 |
| mozilla | mozilla_suite | * |
Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.2 |
| k-meleon_project | k-meleon | 0.9.13 |
| netscape | navigator | 8.1 |
| netscape | navigator | 8.0.40 |
| netscape | navigator | 7.2 |
Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1, and possibly other versions and products, allows remote user-assisted attackers to obtain information such as the installation path by causing exceptions to be thrown and checking the message contents.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | firefox | 1.5.0.2 |
| netscape | navigator | 8.1 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | mozilla_suite | 1.7.13 |
| mozilla | firefox | 1.5.0.3 |
| netscape | navigator | 7.2 |
Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mozilla | seamonkey | 1.0.2 |
| mozilla | firefox | * |
| mozilla | mozilla_suite | 1.7.13 |
| mozilla | seamonkey | * |
| mozilla | firefox | 1.5.0.4 |
| netscape | navigator | * |
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxdie. Mozilla confirmed to CVE that ffoxdie and ffoxdie3 trigger the same underlying vulnerability. NOTE: it was later reported that Firefox 2.0 RC2 and 1.5.0.7 are also affected.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 8.1 |
| mozilla | firefox | 0.10 |
| mozilla | firefox | 1.0.8 |
| mozilla | firefox | 1.0.3 |
| k-meleon_project | k-meleon | 1.0.1 |
| mozilla | firefox | 1.0.6 |
| mozilla | firefox | 1.5.0.2 |
| mozilla | firefox | 1.5.0.1 |
| mozilla | firefox | 0.9.1 |
| mozilla | firefox | 0.8 |
| mozilla | firefox | 1.0 |
| mozilla | firefox | 1.0.7 |
| mozilla | firefox | 1.5.0.4 |
| mozilla | firefox | 1.0.5 |
| mozilla | firefox | 1.0.1 |
| mozilla | firefox | 0.9.2 |
| mozilla | firefox | 1.0.4 |
| mozilla | firefox | 1.5.0.5 |
| mozilla | firefox | 1.5 |
| mozilla | firefox | 1.5.0.3 |
| mozilla | firefox | 0.10.1 |
| mozilla | firefox | 0.9 |
| mozilla | firefox | 1.5.0.6 |
| mozilla | firefox | 0.9.3 |
| mozilla | firefox | 1.0.2 |
Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the navigatorurl URI, which are inserted into the command line that is created when invoking netscape.exe, a related issue to CVE-2007-3670. NOTE: there has been debate about whether the issue is in Internet Explorer or Netscape. As of 20070713, it is CVE's opinion that IE appears to not properly delimit the URL argument when invoking Netscape; this issue could arise with other protocol handlers in IE.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | navigator | 9.0 |
| microsoft | internet_explorer | * |
Red Hat PKI Common Framework (rhpki-common) in Red Hat Certificate System (aka Certificate Server or RHCS) 7.1 through 7.3, and Netscape Certificate Management System 6.x, does not recognize Certificate Authority profile constraints on Extensions, which might allow remote attackers to bypass intended restrictions and conduct man-in-the-middle attacks by submitting a certificate signing request (CSR) and using the resulting certificate.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | certificate_management_system | 6.1 |
| netscape | certificate_management_system | 6.01 |
| netscape | certificate_management_system | * |
| netscape | certificate_management_system | 6.0 |
servlet/SnoopServlet (a servlet installed by default) in Netscape Enterprise 3.63 has reflected XSS via an arbitrary parameter=[XSS] in the query string. A remote unauthenticated attacker could potentially exploit this vulnerability to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser. NOTE: this product is discontinued.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netscape | enterprise_server | 3.63 |