Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Communicator
(Netscape)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 35 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 1999-03-18 | CVE-1999-0425 | talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes. | Communicator | N/A | ||
| 1999-03-18 | CVE-1999-0424 | talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. | Communicator | N/A | ||
| 1999-05-24 | CVE-1999-0762 | When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. | Communicator, Navigator | N/A | ||
| 1999-07-09 | CVE-1999-0809 | Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed". | Communicator | N/A | ||
| 1999-12-22 | CVE-2000-0034 | Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | Communicator | N/A | ||
| 2002-12-31 | CVE-2002-2338 | The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | Mozilla, Communicator, Navigator | N/A | ||
| 2002-12-31 | CVE-2002-2308 | Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself. | Communicator | N/A | ||
| 2002-12-31 | CVE-2002-2284 | Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes. | Communicator | N/A | ||
| 2002-12-31 | CVE-2002-2248 | Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | Communicator | N/A | ||
| 2002-12-31 | CVE-2002-2013 | Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | Mozilla, Communicator, Navigator | N/A |