Filtered by vendor Netscape
Subscriptions
Filtered by product Navigator
Subscriptions
Total
44 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4042 | 2 Microsoft, Netscape | 4 Internet Explorer, Windows 2003 Server, Windows Xp and 1 more | 2025-04-09 | N/A |
| Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670. | ||||
| CVE-2009-2542 | 1 Netscape | 1 Navigator | 2025-04-09 | N/A |
| Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | ||||
| CVE-2008-2809 | 3 Mozilla, Netscape, Redhat | 5 Firefox, Geckb, Seamonkey and 2 more | 2025-04-09 | N/A |
| Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site. | ||||
| CVE-2006-6077 | 3 Mozilla, Netscape, Redhat | 3 Firefox, Navigator, Enterprise Linux | 2025-04-09 | N/A |
| The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password. | ||||
| CVE-2007-1377 | 4 Adobe, Mozilla, Netscape and 1 more | 4 Acrobat Reader, Firefox, Navigator and 1 more | 2025-04-09 | N/A |
| AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236. | ||||
| CVE-2007-3924 | 2 Microsoft, Netscape | 2 Internet Explorer, Navigator | 2025-04-09 | N/A |
| Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the navigatorurl URI, which are inserted into the command line that is created when invoking netscape.exe, a related issue to CVE-2007-3670. NOTE: there has been debate about whether the issue is in Internet Explorer or Netscape. As of 20070713, it is CVE's opinion that IE appears to not properly delimit the URL argument when invoking Netscape; this issue could arise with other protocol handlers in IE. | ||||
| CVE-1999-1189 | 1 Netscape | 2 Communicator, Navigator | 2025-04-03 | N/A |
| Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file. | ||||
| CVE-1999-0869 | 2 Microsoft, Netscape | 2 Internet Explorer, Navigator | 2025-04-03 | N/A |
| Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing. | ||||
| CVE-1999-0440 | 2 Netscape, Sun | 3 Communicator, Navigator, Java | 2025-04-03 | N/A |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. | ||||
| CVE-2002-1091 | 4 Mozilla, Netscape, Opera Software and 1 more | 5 Mozilla, Navigator, Opera Web Browser and 2 more | 2025-04-03 | N/A |
| Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. | ||||
| CVE-2002-1308 | 3 Mozilla, Netscape, Redhat | 4 Mozilla, Navigator, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression. | ||||
| CVE-2003-0553 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
| Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename. | ||||
| CVE-2003-1265 | 2 Mozilla, Netscape | 2 Mozilla, Navigator | 2025-04-03 | N/A |
| Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. | ||||
| CVE-2003-1419 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
| Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | ||||
| CVE-2002-0815 | 3 Microsoft, Mozilla, Netscape | 3 Internet Explorer, Mozilla, Navigator | 2025-04-03 | N/A |
| The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain. | ||||
| CVE-1999-0827 | 2 Microsoft, Netscape | 3 Ie, Internet Explorer, Navigator | 2025-04-03 | N/A |
| By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. | ||||
| CVE-2004-0722 | 3 Mozilla, Netscape, Redhat | 3 Mozilla, Navigator, Enterprise Linux | 2025-04-03 | N/A |
| Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code. | ||||
| CVE-2004-0528 | 1 Netscape | 1 Navigator | 2025-04-03 | N/A |
| Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | ||||
| CVE-2004-0905 | 5 Conectiva, Mozilla, Netscape and 2 more | 10 Linux, Firefox, Mozilla and 7 more | 2025-04-03 | N/A |
| Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | ||||
| CVE-2002-0354 | 3 Mozilla, Netscape, Redhat | 3 Mozilla, Navigator, Linux | 2025-04-03 | N/A |
| The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property. | ||||