Search Results (120 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2338 2 Mozilla, Netscape 3 Mozilla, Communicator, Navigator 2026-04-16 N/A
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
CVE-2000-0034 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
CVE-2000-0087 1 Netscape 2 Communicator, Navigator 2026-04-16 N/A
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
CVE-2000-0961 1 Netscape 2 Messaging Server, Netscape Messaging Server Multiplexor 2026-04-16 N/A
Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command.
CVE-2000-1075 2 Netscape, Sun 2 Directory Server, Iplanet Certificate Management System 2026-04-16 N/A
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.
CVE-2003-0553 1 Netscape 1 Navigator 2026-04-16 N/A
Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename.
CVE-2004-0904 4 Conectiva, Mozilla, Netscape and 1 more 10 Linux, Firefox, Mozilla and 7 more 2026-04-16 N/A
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
CVE-2002-0594 4 Galeon, Mozilla, Netscape and 1 more 5 Galeon Browser, Mozilla, Navigator and 2 more 2026-04-16 N/A
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
CVE-2005-1156 3 Mozilla, Netscape, Redhat 4 Firefox, Mozilla, Navigator and 1 more 2026-04-16 N/A
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1."
CVE-1999-1005 2 Netscape, Novell 2 Enterprise Server, Groupwise 2026-04-16 N/A
Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.
CVE-1999-1002 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
CVE-2001-0251 1 Netscape 1 Enterprise Server 2026-04-16 N/A
The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command.
CVE-2002-2013 2 Mozilla, Netscape 3 Mozilla, Communicator, Navigator 2026-04-16 N/A
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
CVE-1999-0744 1 Netscape 2 Enterprise Server, Fasttrack Server 2026-04-16 N/A
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
CVE-2002-2248 1 Netscape 1 Communicator 2026-04-16 N/A
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
CVE-2002-2308 1 Netscape 1 Communicator 2026-04-16 N/A
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself.
CVE-1999-0479 2 Hp, Netscape 2 Hp-ux, Enterprise Server 2026-04-16 N/A
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.
CVE-1999-0440 2 Netscape, Sun 3 Communicator, Navigator, Java 2026-04-16 N/A
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
CVE-2002-1654 2 Iplanet, Netscape 2 Iplanet Web Server, Enterprise Server 2026-04-16 N/A
iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection.
CVE-2003-1265 2 Mozilla, Netscape 2 Mozilla, Navigator 2026-04-16 N/A
Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.