Vulnerabilites related to netscape - communicator
cve-1999-0174
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.740Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:52:16",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0174",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-2308
Vulnerability from cvelistv5
Published
2007-10-26 19:00
Modified
2024-09-16 18:59
Severity ?
EPSS score ?
Summary
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html | mailing-list, x_refsource_FULLDISC | |
| http://www.iss.net/security_center/static/9645.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020720 Netscape Communicator META Refresh Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html"
},
{
"name": "netscape-meta-refresh-dos(9645)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9645.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-26T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020720 Netscape Communicator META Refresh Denial of Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html"
},
{
"name": "netscape-meta-refresh-dos(9645)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9645.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020720 Netscape Communicator META Refresh Denial of Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html"
},
{
"name": "netscape-meta-refresh-dos(9645)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9645.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2308",
"datePublished": "2007-10-26T19:00:00Z",
"dateReserved": "2007-10-26T00:00:00Z",
"dateUpdated": "2024-09-16T18:59:11.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1189
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-01 17:02
Severity ?
EPSS score ?
Summary
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/822 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/7884 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/36608 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/36306 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.765Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "822",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/822"
},
{
"name": "netscape-long-argument-bo(7884)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7884"
},
{
"name": "19991127 Netscape Communicator 4.7 - Navigator Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/36608"
},
{
"name": "19991124 Netscape Communicator 4.7 - Navigator Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/36306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-11-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-07-23T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "822",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/822"
},
{
"name": "netscape-long-argument-bo(7884)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7884"
},
{
"name": "19991127 Netscape Communicator 4.7 - Navigator Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/36608"
},
{
"name": "19991124 Netscape Communicator 4.7 - Navigator Overflows",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/36306"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1189",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "822",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/822"
},
{
"name": "netscape-long-argument-bo(7884)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7884"
},
{
"name": "19991127 Netscape Communicator 4.7 - Navigator Overflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/36608"
},
{
"name": "19991124 Netscape Communicator 4.7 - Navigator Overflows",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/36306"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1189",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.765Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0537
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:41
Severity ?
EPSS score ?
Summary
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cve.org/CVERecord?id=CVE-1999-0537 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:45.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0537"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T08:27:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0537"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cve.org/CVERecord?id=CVE-1999-0537",
"refsource": "MISC",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0537"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0537",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:45.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0655
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
EPSS score ?
Summary
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.redhat.com/support/errata/RHSA-2000-046.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.securityfocus.com/bid/1503 | vdb-entry, x_refsource_BID | |
| http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html | vendor-advisory, x_refsource_TURBO | |
| ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc | vendor-advisory, x_refsource_FREEBSD | |
| http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com | mailing-list, x_refsource_BUGTRAQ | |
| http://www.novell.com/linux/security/advisories/suse_security_announce_60.html | vendor-advisory, x_refsource_SUSE | |
| http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html | mailing-list, x_refsource_BUGTRAQ | |
| http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html | mailing-list, x_refsource_BUGTRAQ | |
| ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc | vendor-advisory, x_refsource_NETBSD |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:40.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2000:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-046.html"
},
{
"name": "1503",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1503"
},
{
"name": "TLSA2000017-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO",
"x_transferred"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html"
},
{
"name": "FreeBSD-SA-00:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000724 JPEG COM Marker Processing Vulnerability in Netscape Browsers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000801 MDKSA-2000:027-1 netscape update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html"
},
{
"name": "20000810 Conectiva Linux Security Announcement - netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html"
},
{
"name": "NetBSD-SA2000-011",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2000:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-046.html"
},
{
"name": "1503",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1503"
},
{
"name": "TLSA2000017-1",
"tags": [
"vendor-advisory",
"x_refsource_TURBO"
],
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html"
},
{
"name": "FreeBSD-SA-00:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000724 JPEG COM Marker Processing Vulnerability in Netscape Browsers",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000801 MDKSA-2000:027-1 netscape update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html"
},
{
"name": "20000810 Conectiva Linux Security Announcement - netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html"
},
{
"name": "NetBSD-SA2000-011",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2000:046",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-046.html"
},
{
"name": "1503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1503"
},
{
"name": "TLSA2000017-1",
"refsource": "TURBO",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html"
},
{
"name": "FreeBSD-SA-00:39",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000724 JPEG COM Marker Processing Vulnerability in Netscape Browsers",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000801 MDKSA-2000:027-1 netscape update",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html"
},
{
"name": "20000810 Conectiva Linux Security Announcement - netscape",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html"
},
{
"name": "NetBSD-SA2000-011",
"refsource": "NETBSD",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0655",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-08-02T00:00:00",
"dateUpdated": "2024-08-08T05:28:40.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0424
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
EPSS score ?
Summary
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:31:52",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0424",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1357
Vulnerability from cvelistv5
Published
2001-09-12 04:00
Modified
2024-08-01 17:11
Severity ?
EPSS score ?
Summary
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=93915331626185&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:03.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19991005 Time to update those CGIs again",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93915331626185\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-10-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a \"\u003c\" sign, and the 0x9b character to a \"\u003e\" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19991005 Time to update those CGIs again",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=93915331626185\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1357",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a \"\u003c\" sign, and the 0x9b character to a \"\u003e\" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19991005 Time to update those CGIs again",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=93915331626185\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1357",
"datePublished": "2001-09-12T04:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:03.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0892
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:55
Severity ?
EPSS score ?
Summary
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:29.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T13:47:36",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0892",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0892",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-12-08T00:00:00",
"dateUpdated": "2024-08-01T16:55:29.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-2013
Vulnerability from cvelistv5
Published
2005-07-14 04:00
Modified
2024-09-16 20:12
Severity ?
EPSS score ?
Summary
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/3925 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/7973.php | vdb-entry, x_refsource_XF | |
| http://alive.znep.com/~marcs/security/mozillacookie/demo.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:16.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3925",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3925"
},
{
"name": "20020121 Mozilla Cookie Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html"
},
{
"name": "mozilla-netscape-steal-cookies(7973)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/7973.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-07-14T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "3925",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3925"
},
{
"name": "20020121 Mozilla Cookie Exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html"
},
{
"name": "mozilla-netscape-steal-cookies(7973)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/7973.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3925",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3925"
},
{
"name": "20020121 Mozilla Cookie Exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html"
},
{
"name": "mozilla-netscape-steal-cookies(7973)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7973.php"
},
{
"name": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html",
"refsource": "MISC",
"url": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2013",
"datePublished": "2005-07-14T04:00:00Z",
"dateReserved": "2005-07-14T00:00:00Z",
"dateUpdated": "2024-09-16T20:12:45.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0676
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
EPSS score ?
Summary
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/1546 | vdb-entry, x_refsource_BID | |
| ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc | vendor-advisory, x_refsource_FREEBSD | |
| http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.novell.com/linux/security/advisories/suse_security_announce_60.html | vendor-advisory, x_refsource_SUSE | |
| http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt | vendor-advisory, x_refsource_CALDERA | |
| http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.cert.org/advisories/CA-2000-15.html | third-party-advisory, x_refsource_CERT | |
| http://www.redhat.com/support/errata/RHSA-2000-054.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:40.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000804 Dangerous Java/Netscape Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
},
{
"name": "1546",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1546"
},
{
"name": "FreeBSD-SA-00:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000810 MDKSA-2000:033 Netscape Java vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000818 Conectiva Linux Security Announcement - netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
},
{
"name": "CSSA-2000-027.1",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"name": "20000821 MDKSA-2000:036 - netscape update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"name": "CA-2000-15",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "RHSA-2000:054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-08-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the \"file\", \"http\", \"https\", and \"ftp\" protocols, as demonstrated by Brown Orifice."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000804 Dangerous Java/Netscape Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
},
{
"name": "1546",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1546"
},
{
"name": "FreeBSD-SA-00:39",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000810 MDKSA-2000:033 Netscape Java vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000818 Conectiva Linux Security Announcement - netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
},
{
"name": "CSSA-2000-027.1",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"name": "20000821 MDKSA-2000:036 - netscape update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"name": "CA-2000-15",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "RHSA-2000:054",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the \"file\", \"http\", \"https\", and \"ftp\" protocols, as demonstrated by Brown Orifice."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000804 Dangerous Java/Netscape Security Hole",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
},
{
"name": "1546",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1546"
},
{
"name": "FreeBSD-SA-00:39",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"name": "20000810 MDKSA-2000:033 Netscape Java vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
},
{
"name": "20000823 Security Hole in Netscape, Versions 4.x, possibly others",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"name": "20000818 Conectiva Linux Security Announcement - netscape",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
},
{
"name": "CSSA-2000-027.1",
"refsource": "CALDERA",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"name": "20000821 MDKSA-2000:036 - netscape update",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"name": "CA-2000-15",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "RHSA-2000:054",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0676",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-08-11T00:00:00",
"dateUpdated": "2024-08-08T05:28:40.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0517
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:21
Severity ?
EPSS score ?
Summary
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/4550 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/1260 | vdb-entry, x_refsource_BID | |
| http://www.cert.org/advisories/CA-2000-08.html | third-party-advisory, x_refsource_CERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:21:30.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscape-ssl-certificate(4550)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
},
{
"name": "1260",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1260"
},
{
"name": "CA-2000-08",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2000-08.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site\u0027s DNS information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscape-ssl-certificate(4550)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
},
{
"name": "1260",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1260"
},
{
"name": "CA-2000-08",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2000-08.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site\u0027s DNS information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscape-ssl-certificate(4550)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
},
{
"name": "1260",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1260"
},
{
"name": "CA-2000-08",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-08.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0517",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-07-11T00:00:00",
"dateUpdated": "2024-08-08T05:21:30.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0711
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:28
Severity ?
EPSS score ?
Summary
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/templates/archive.pike?list=1&msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/1545 | vdb-entry, x_refsource_BID | |
| http://www.cert.org/advisories/CA-2000-15.html | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000805020429.11774.qmail%40securityfocus.com | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:28:40.763Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000816 JDK 1.1.x Listening Socket Vulnerability (was Re: BrownOrifice can break firewalls!)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp"
},
{
"name": "1545",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1545"
},
{
"name": "CA-2000-15",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "20000805 Dangerous Java/Netscape Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000805020429.11774.qmail%40securityfocus.com"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-08-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim\u0027s system via a malicious applet, as demonstrated by Brown Orifice."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000816 JDK 1.1.x Listening Socket Vulnerability (was Re: BrownOrifice can break firewalls!)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp"
},
{
"name": "1545",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1545"
},
{
"name": "CA-2000-15",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "20000805 Dangerous Java/Netscape Security Hole",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000805020429.11774.qmail%40securityfocus.com"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim\u0027s system via a malicious applet, as demonstrated by Brown Orifice."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000816 JDK 1.1.x Listening Socket Vulnerability (was Re: BrownOrifice can break firewalls!)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=3999922128E.EE84TAKAGI@java-house.etl.go.jp"
},
{
"name": "1545",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1545"
},
{
"name": "CA-2000-15",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"name": "20000805 Dangerous Java/Netscape Security Hole",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000805020429.11774.qmail@securityfocus.com"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0711",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-09-19T00:00:00",
"dateUpdated": "2024-08-08T05:28:40.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1226
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:02
Severity ?
EPSS score ?
Summary
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/3436 | vdb-entry, x_refsource_XF | |
| http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:02:53.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscape-huge-key-dos(3436)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-10-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2001-11-28T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscape-huge-key-dos(3436)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1226",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscape-huge-key-dos(3436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
},
{
"name": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1226",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:02:53.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0406
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt | x_refsource_MISC | |
| http://www.redhat.com/support/errata/RHSA-2000-028.html | vendor-advisory, x_refsource_REDHAT | |
| http://www.cert.org/advisories/CA-2000-05.html | third-party-advisory, x_refsource_CERT | |
| http://www.securityfocus.com/bid/1188 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt"
},
{
"name": "RHSA-2000:028",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-028.html"
},
{
"name": "CA-2000-05",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2000-05.html"
},
{
"name": "1188",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1188"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the \"Acros-Suencksen SSL\" vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt"
},
{
"name": "RHSA-2000:028",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-028.html"
},
{
"name": "CA-2000-05",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2000-05.html"
},
{
"name": "1188",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1188"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0406",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the \"Acros-Suencksen SSL\" vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt",
"refsource": "MISC",
"url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt"
},
{
"name": "RHSA-2000:028",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-028.html"
},
{
"name": "CA-2000-05",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2000-05.html"
},
{
"name": "1188",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1188"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0406",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0685
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
EPSS score ?
Summary
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/618 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "618",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/618"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "618",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/618"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "618",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/618"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0685",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0425
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:41
Severity ?
EPSS score ?
Summary
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:32:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0425",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0087
Vulnerability from cvelistv5
Published
2002-06-25 04:00
Modified
2024-08-08 05:05
Severity ?
EPSS score ?
Summary
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=94790377622943&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.iss.net/security_center/static/4385.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000113 Misleading sense of security in Netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94790377622943\u0026w=2"
},
{
"name": "netscape-mail-notify-plaintext(4385)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/4385.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000113 Misleading sense of security in Netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94790377622943\u0026w=2"
},
{
"name": "netscape-mail-notify-plaintext(4385)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/4385.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000113 Misleading sense of security in Netscape",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=94790377622943\u0026w=2"
},
{
"name": "netscape-mail-notify-plaintext(4385)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/4385.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0087",
"datePublished": "2002-06-25T04:00:00",
"dateReserved": "2000-01-22T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-2284
Vulnerability from cvelistv5
Published
2007-10-18 10:00
Modified
2024-08-08 03:59
Severity ?
EPSS score ?
Summary
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/6223 | vdb-entry, x_refsource_BID | |
| http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/10714 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=103798147613151&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6223",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6223"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf"
},
{
"name": "netscape-java-insecure-classes(10714)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10714"
},
{
"name": "20021121 [LSD] Java and JVM security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103798147613151\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6223",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6223"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf"
},
{
"name": "netscape-java-insecure-classes(10714)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10714"
},
{
"name": "20021121 [LSD] Java and JVM security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103798147613151\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2284",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6223",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6223"
},
{
"name": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf",
"refsource": "MISC",
"url": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf"
},
{
"name": "netscape-java-insecure-classes(10714)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10714"
},
{
"name": "20021121 [LSD] Java and JVM security vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103798147613151\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2284",
"datePublished": "2007-10-18T10:00:00",
"dateReserved": "2007-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:59:11.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0031
Vulnerability from cvelistv5
Published
2000-06-02 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:56.711Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX9707-065",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user\u0027s web activities, aka the Bell Labs vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX9707-065",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user\u0027s web activities, aka the Bell Labs vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX9707-065",
"refsource": "HP",
"url": "http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0031",
"datePublished": "2000-06-02T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:56.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0762
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
EPSS score ?
Summary
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:37.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the \"about\" protocol to gain access to browser information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:56:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the \"about\" protocol to gain access to browser information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0762",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:37.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0409
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1201 | vdb-entry, x_refsource_BID | |
| http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1201",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1201"
},
{
"name": "20000510 Possible symlink problems with Netscape 4.73",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1201",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1201"
},
{
"name": "20000510 Possible symlink problems with Netscape 4.73",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1201",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1201"
},
{
"name": "20000510 Possible symlink problems with Netscape 4.73",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0409",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-06-14T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-0921
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:37
Severity ?
EPSS score ?
Summary
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/5524 | vdb-entry, x_refsource_OSVDB | |
| http://marc.info/?l=bugtraq&m=100638816318705&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/3565 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/7593 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:37:07.082Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5524",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5524"
},
{
"name": "20011121 Mac Netscape password fields",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100638816318705\u0026w=2"
},
{
"name": "3565",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/3565"
},
{
"name": "macos-netscape-print-passwords(7593)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7593"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-06T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5524",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5524"
},
{
"name": "20011121 Mac Netscape password fields",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100638816318705\u0026w=2"
},
{
"name": "3565",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/3565"
},
{
"name": "macos-netscape-print-passwords(7593)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7593"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0921",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5524",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5524"
},
{
"name": "20011121 Mac Netscape password fields",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=100638816318705\u0026w=2"
},
{
"name": "3565",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3565"
},
{
"name": "macos-netscape-print-passwords(7593)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7593"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0921",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-01-31T00:00:00",
"dateUpdated": "2024-08-08T04:37:07.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1262
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 17:11
Severity ?
EPSS score ?
Summary
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/12231 | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/1727 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:11:02.870Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990202 Unsecured server in applets under Netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/12231"
},
{
"name": "java-socket-open(1727)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1727"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990202 Unsecured server in applets under Netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/12231"
},
{
"name": "java-socket-open(1727)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1727"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990202 Unsecured server in applets under Netscape",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/12231"
},
{
"name": "java-socket-open(1727)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1727"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1262",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T17:11:02.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0790
Vulnerability from cvelistv5
Published
2000-04-18 04:00
Modified
2024-08-01 16:48
Severity ?
EPSS score ?
Summary
A remote attacker can read information from a Netscape user's cache via JavaScript.
References
| ▼ | URL | Tags |
|---|---|---|
| http://home.netscape.com/security/notes/jscachebrowsing.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://home.netscape.com/security/notes/jscachebrowsing.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote attacker can read information from a Netscape user\u0027s cache via JavaScript."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://home.netscape.com/security/notes/jscachebrowsing.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote attacker can read information from a Netscape user\u0027s cache via JavaScript."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://home.netscape.com/security/notes/jscachebrowsing.html",
"refsource": "MISC",
"url": "http://home.netscape.com/security/notes/jscachebrowsing.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0790",
"datePublished": "2000-04-18T04:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:38.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0440
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-01 16:41
Severity ?
EPSS score ?
Summary
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1939 | vdb-entry, x_refsource_BID | |
| http://java.sun.com/pr/1999/03/pr990329-01.html | x_refsource_CONFIRM | |
| http://marc.info/?l=bugtraq&m=92333596624452&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:41:44.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1939",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1939"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"name": "19990405 Security Hole in Java 2 (and JDK 1.1.x)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1939",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1939"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"name": "19990405 Security Hole in Java 2 (and JDK 1.1.x)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0440",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1939",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1939"
},
{
"name": "http://java.sun.com/pr/1999/03/pr990329-01.html",
"refsource": "CONFIRM",
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"name": "19990405 Security Hole in Java 2 (and JDK 1.1.x)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0440",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:41:44.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-1002
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:55
Severity ?
EPSS score ?
Summary
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=94570673523998&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.rstcorp.com/news/bad-crypto.html | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=94536309217214&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:29.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19991220 Netscape password scrambling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94570673523998\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rstcorp.com/news/bad-crypto.html"
},
{
"name": "19991216 Reinventing the wheel (aka \"Decoding Netscape Mail passwords\")",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94536309217214\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Navigator uses weak encryption for storing a user\u0027s Netscape mail password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19991220 Netscape password scrambling",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94570673523998\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rstcorp.com/news/bad-crypto.html"
},
{
"name": "19991216 Reinventing the wheel (aka \"Decoding Netscape Mail passwords\")",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=94536309217214\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Navigator uses weak encryption for storing a user\u0027s Netscape mail password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19991220 Netscape password scrambling",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=94570673523998\u0026w=2"
},
{
"name": "http://www.rstcorp.com/news/bad-crypto.html",
"refsource": "MISC",
"url": "http://www.rstcorp.com/news/bad-crypto.html"
},
{
"name": "19991216 Reinventing the wheel (aka \"Decoding Netscape Mail passwords\")",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=94536309217214\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1002",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-12-21T00:00:00",
"dateUpdated": "2024-08-01T16:55:29.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-1187
Vulnerability from cvelistv5
Published
2001-01-22 05:00
Modified
2024-08-08 05:45
Severity ?
EPSS score ?
Summary
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
References
| ▼ | URL | Tags |
|---|---|---|
| ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc | vendor-advisory, x_refsource_FREEBSD | |
| http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html | vendor-advisory, x_refsource_SUSE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5542 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=97500270012529&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/7207 | vdb-entry, x_refsource_OSVDB | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000344 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.redhat.com/support/errata/RHSA-2000-109.html | vendor-advisory, x_refsource_REDHAT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:45:37.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FreeBSD-SA-00:66",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc"
},
{
"name": "SuSE-SA:2000:48",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html"
},
{
"name": "netscape-client-html-bo(5542)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5542"
},
{
"name": "20001121 Immunix OS Security update for netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97500270012529\u0026w=2"
},
{
"name": "7207",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/7207"
},
{
"name": "CLSA-2000:344",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000344"
},
{
"name": "RHSA-2000:109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-109.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-09-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FreeBSD-SA-00:66",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc"
},
{
"name": "SuSE-SA:2000:48",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html"
},
{
"name": "netscape-client-html-bo(5542)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5542"
},
{
"name": "20001121 Immunix OS Security update for netscape",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=97500270012529\u0026w=2"
},
{
"name": "7207",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/7207"
},
{
"name": "CLSA-2000:344",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000344"
},
{
"name": "RHSA-2000:109",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-109.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-1187",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FreeBSD-SA-00:66",
"refsource": "FREEBSD",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc"
},
{
"name": "SuSE-SA:2000:48",
"refsource": "SUSE",
"url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html"
},
{
"name": "netscape-client-html-bo(5542)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5542"
},
{
"name": "20001121 Immunix OS Security update for netscape",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=97500270012529\u0026w=2"
},
{
"name": "7207",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/7207"
},
{
"name": "CLSA-2000:344",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000344"
},
{
"name": "RHSA-2000:109",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2000-109.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-1187",
"datePublished": "2001-01-22T05:00:00",
"dateReserved": "2000-12-14T00:00:00",
"dateUpdated": "2024-08-08T05:45:37.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-2248
Vulnerability from cvelistv5
Published
2007-10-14 20:00
Modified
2024-08-08 03:59
Severity ?
EPSS score ?
Summary
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/10706 | vdb-entry, x_refsource_XF | |
| http://marc.info/?l=bugtraq&m=103834439321292&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/6256 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.425Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "netscape-applet-canconvert-bo(10706)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10706"
},
{
"name": "20021126 Netscape 4 Java buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103834439321292\u0026w=2"
},
{
"name": "6256",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "netscape-applet-canconvert-bo(10706)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10706"
},
{
"name": "20021126 Netscape 4 Java buffer overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103834439321292\u0026w=2"
},
{
"name": "6256",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2248",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "netscape-applet-canconvert-bo(10706)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10706"
},
{
"name": "20021126 Netscape 4 Java buffer overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103834439321292\u0026w=2"
},
{
"name": "6256",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2248",
"datePublished": "2007-10-14T20:00:00",
"dateReserved": "2007-10-14T00:00:00",
"dateUpdated": "2024-08-08T03:59:11.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1766
Vulnerability from cvelistv5
Published
2005-06-21 04:00
Modified
2024-08-08 03:34
Severity ?
EPSS score ?
Summary
Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute.
References
| ▼ | URL | Tags |
|---|---|---|
| http://online.securityfocus.com/archive/1/276876 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/5010 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/9355 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:56.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020613 Microsoft FrontPage vs Composer Netscape...",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/276876"
},
{
"name": "5010",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5010"
},
{
"name": "netscape-composer-font-bo(9355)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9355"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-06-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020613 Microsoft FrontPage vs Composer Netscape...",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/276876"
},
{
"name": "5010",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5010"
},
{
"name": "netscape-composer-font-bo(9355)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9355"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1766",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020613 Microsoft FrontPage vs Composer Netscape...",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/276876"
},
{
"name": "5010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5010"
},
{
"name": "netscape-composer-font-bo(9355)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9355"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1766",
"datePublished": "2005-06-21T04:00:00",
"dateReserved": "2005-06-21T00:00:00",
"dateUpdated": "2024-08-08T03:34:56.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2001-0596
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 04:30
Severity ?
EPSS score ?
Summary
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
References
| ▼ | URL | Tags |
|---|---|---|
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000393 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.redhat.com/support/errata/RHSA-2001-046.html | vendor-advisory, x_refsource_REDHAT | |
| http://marc.info/?l=bugtraq&m=98685237415117&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/2637 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/5579 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/6344 | vdb-entry, x_refsource_XF | |
| http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01 | vendor-advisory, x_refsource_IMMUNIX | |
| http://www.debian.org/security/2001/dsa-051 | vendor-advisory, x_refsource_DEBIAN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:30:05.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2001:393",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000393"
},
{
"name": "RHSA-2001:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-046.html"
},
{
"name": "20010409 Netscape 4.76 gif comment flaw",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98685237415117\u0026w=2"
},
{
"name": "2637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2637"
},
{
"name": "5579",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5579"
},
{
"name": "netscape-javascript-access-data(6344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344"
},
{
"name": "IMNX-2001-70-014-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX",
"x_transferred"
],
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01"
},
{
"name": "DSA-051",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2001/dsa-051"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-03-01T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2001:393",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000393"
},
{
"name": "RHSA-2001:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-046.html"
},
{
"name": "20010409 Netscape 4.76 gif comment flaw",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=98685237415117\u0026w=2"
},
{
"name": "2637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2637"
},
{
"name": "5579",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5579"
},
{
"name": "netscape-javascript-access-data(6344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344"
},
{
"name": "IMNX-2001-70-014-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX"
],
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01"
},
{
"name": "DSA-051",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2001/dsa-051"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0596",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2001:393",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000393"
},
{
"name": "RHSA-2001:046",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-046.html"
},
{
"name": "20010409 Netscape 4.76 gif comment flaw",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=98685237415117\u0026w=2"
},
{
"name": "2637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2637"
},
{
"name": "5579",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5579"
},
{
"name": "netscape-javascript-access-data(6344)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344"
},
{
"name": "IMNX-2001-70-014-01",
"refsource": "IMMUNIX",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01"
},
{
"name": "DSA-051",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2001/dsa-051"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0596",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-07-27T00:00:00",
"dateUpdated": "2024-08-08T04:30:05.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0034
Vulnerability from cvelistv5
Published
2000-07-12 04:00
Modified
2024-08-08 05:05
Severity ?
EPSS score ?
Summary
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:05:53.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-12-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled \"remember passwords.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T08:19:40",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0034",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled \"remember passwords.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0034",
"datePublished": "2000-07-12T04:00:00",
"dateReserved": "2000-01-11T00:00:00",
"dateUpdated": "2024-08-08T05:05:53.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0809
Vulnerability from cvelistv5
Published
2000-01-04 05:00
Modified
2024-08-01 16:48
Severity ?
EPSS score ?
Summary
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:48:38.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to \"Only accept cookies originating from the same server as the page being viewed\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T07:59:26",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to \"Only accept cookies originating from the same server as the page being viewed\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0809",
"datePublished": "2000-01-04T05:00:00",
"dateReserved": "1999-11-25T00:00:00",
"dateUpdated": "2024-08-01T16:48:38.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-2338
Vulnerability from cvelistv5
Published
2007-10-29 19:00
Modified
2024-09-16 20:06
Severity ?
EPSS score ?
Summary
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/276946 | mailing-list, x_refsource_BUGTRAQ | |
| http://online.securityfocus.com/archive/1/276628 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074 | vendor-advisory, x_refsource_MANDRAKE | |
| http://bugzilla.mozilla.org/show_bug.cgi?id=144228 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/5002 | vdb-entry, x_refsource_BID | |
| http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html | x_refsource_CONFIRM | |
| http://www.iss.net/security_center/static/9343.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020614 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/276946"
},
{
"name": "20020612 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/276628"
},
{
"name": "MDKSA-2002:074",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228"
},
{
"name": "5002",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5002"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html"
},
{
"name": "mozilla-netscape-pop3-dos(9343)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9343.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-29T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020614 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/276946"
},
{
"name": "20020612 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/276628"
},
{
"name": "MDKSA-2002:074",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228"
},
{
"name": "5002",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5002"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html"
},
{
"name": "mozilla-netscape-pop3-dos(9343)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9343.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2338",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020614 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/276946"
},
{
"name": "20020612 Another small DoS on Mozilla \u003c= 1.0 through pop3",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/276628"
},
{
"name": "MDKSA-2002:074",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228"
},
{
"name": "5002",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5002"
},
{
"name": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html",
"refsource": "CONFIRM",
"url": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html"
},
{
"name": "mozilla-netscape-pop3-dos(9343)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9343.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2338",
"datePublished": "2007-10-29T19:00:00Z",
"dateReserved": "2007-10-29T00:00:00Z",
"dateUpdated": "2024-09-16T20:06:54.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1204
Vulnerability from cvelistv5
Published
2002-11-21 05:00
Modified
2024-08-08 03:19
Severity ?
EPSS score ?
Summary
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html | mailing-list, x_refsource_VULNWATCH | |
| http://www.idefense.com/advisory/11.19.02c.txt | x_refsource_MISC | |
| http://www.iss.net/security_center/static/10655.php | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/6215 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021119 iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.idefense.com/advisory/11.19.02c.txt"
},
{
"name": "netscape-preferences-file(10655)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10655.php"
},
{
"name": "6215",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6215"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-11-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.x allows attackers to use a link to steal a user\u0027s preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-10T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021119 iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.idefense.com/advisory/11.19.02c.txt"
},
{
"name": "netscape-preferences-file(10655)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10655.php"
},
{
"name": "6215",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6215"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape Communicator 4.x allows attackers to use a link to steal a user\u0027s preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021119 iDEFENSE Security Advisory 11.19.02c: Netscape Predictable Directory Structure Allows Theft of Preferences File",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html"
},
{
"name": "http://www.idefense.com/advisory/11.19.02c.txt",
"refsource": "MISC",
"url": "http://www.idefense.com/advisory/11.19.02c.txt"
},
{
"name": "netscape-preferences-file(10655)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10655.php"
},
{
"name": "6215",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6215"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1204",
"datePublished": "2002-11-21T05:00:00",
"dateReserved": "2002-10-14T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0593
Vulnerability from cvelistv5
Published
2002-06-11 04:00
Modified
2024-08-08 02:56
Severity ?
EPSS score ?
Summary
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/8039 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.iss.net/security_center/static/8976.php | vdb-entry, x_refsource_XF | |
| http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000490 | vendor-advisory, x_refsource_CONECTIVA | |
| http://www.securityfocus.com/bid/4637 | vdb-entry, x_refsource_BID | |
| http://online.securityfocus.com/archive/1/270249 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:37.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8039",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/8039"
},
{
"name": "mozilla-netscape-irc-bo(8976)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8976.php"
},
{
"name": "CLA-2002:490",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "4637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4637"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/270249"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "8039",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/8039"
},
{
"name": "mozilla-netscape-irc-bo(8976)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8976.php"
},
{
"name": "CLA-2002:490",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "4637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4637"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/270249"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8039",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/8039"
},
{
"name": "mozilla-netscape-irc-bo(8976)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8976.php"
},
{
"name": "CLA-2002:490",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "4637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4637"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/270249"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0593",
"datePublished": "2002-06-11T04:00:00",
"dateReserved": "2002-06-11T00:00:00",
"dateUpdated": "2024-08-08T02:56:37.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:42
Severity ?
Summary
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | mozilla | 0.9.2 | |
| mozilla | mozilla | 0.9.2.1 | |
| mozilla | mozilla | 0.9.3 | |
| mozilla | mozilla | 0.9.4 | |
| mozilla | mozilla | 0.9.4.1 | |
| mozilla | mozilla | 0.9.5 | |
| mozilla | mozilla | 0.9.6 | |
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.4 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.5_beta | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.08 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 | |
| netscape | communicator | 4.75 | |
| netscape | communicator | 4.76 | |
| netscape | communicator | 4.77 | |
| netscape | communicator | 4.78 | |
| netscape | navigator | 4.77 | |
| netscape | navigator | 6.0 | |
| netscape | navigator | 6.01 | |
| netscape | navigator | 6.1 | |
| netscape | navigator | 6.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22F00276-9071-4B96-B49C-2E0898476874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB84CC9B-346B-4AF4-929E-D56D85960103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9420CD82-0E5F-4486-9AF8-9DCD6ED7E037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9C79AB-4ABE-49E6-BAB2-94610AE0316F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04DE7CCB-79B8-4F9B-AC14-E4A100F9E473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1444C77E-FF98-40E5-9CA9-B4C71B3C9304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3B40771F-30CB-45D0-9EDE-1F13852085B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0B711600-425F-4FF9-BC5E-B8D182A2B9F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "213EB326-33D1-4329-A6BB-B1AA1C626E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*",
"matchCriteriaId": "B4613823-DA14-4BE2-986C-2EED3DB82BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4FBB90-8A52-41B4-B08A-53A86CF56898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5421CDE-6C31-42FF-8A06-23A6207D1B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6469EB31-32FF-415C-82DD-670513911371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F112CED-879B-4A19-993A-16858B4EC16C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D7FA24-4B6F-4D67-95BE-46819033CA6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain."
}
],
"id": "CVE-2002-2013",
"lastModified": "2024-11-20T23:42:39.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.iss.net/security_center/static/7973.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/3925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://alive.znep.com/~marcs/security/mozillacookie/demo.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.iss.net/security_center/static/7973.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/3925"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect the versions of Mozilla as shipped with Red Hat Enterprise Linux 2.1, 3, or 4.\n",
"lastModified": "2006-08-30T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-05-24 04:00
Modified
2024-11-20 23:29
Severity ?
Summary
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.x | |
| netscape | navigator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:windows_95:*:*:*:*:*",
"matchCriteriaId": "2120677E-C560-408F-93C0-13A9CEEF0565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.x:*:*:*:*:*:*:*",
"matchCriteriaId": "93E61D1F-588C-4B84-B5CA-8AB68AE4DF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2CA2F8-260C-4559-BF24-3E321CEAE93F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the \"about\" protocol to gain access to browser information."
}
],
"id": "CVE-1999-0762",
"lastModified": "2024-11-20T23:29:24.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "1999-05-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0762"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:43
Severity ?
Summary
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | mozilla | 0.9.2 | |
| mozilla | mozilla | 0.9.2.1 | |
| mozilla | mozilla | 0.9.3 | |
| mozilla | mozilla | 0.9.4 | |
| mozilla | mozilla | 0.9.4.1 | |
| mozilla | mozilla | 0.9.5 | |
| mozilla | mozilla | 0.9.6 | |
| mozilla | mozilla | 0.9.7 | |
| mozilla | mozilla | 0.9.8 | |
| mozilla | mozilla | 0.9.9 | |
| mozilla | mozilla | 1.0 | |
| mozilla | mozilla | 1.0 | |
| mozilla | mozilla | 1.0 | |
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.4 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.08 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 | |
| netscape | communicator | 4.75 | |
| netscape | communicator | 4.76 | |
| netscape | communicator | 4.77 | |
| netscape | navigator | 6.0 | |
| netscape | navigator | 6.0 | |
| netscape | navigator | 6.01 | |
| netscape | navigator | 6.1 | |
| netscape | navigator | 6.2 | |
| netscape | navigator | 6.2.1 | |
| netscape | navigator | 6.2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22F00276-9071-4B96-B49C-2E0898476874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB84CC9B-346B-4AF4-929E-D56D85960103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9420CD82-0E5F-4486-9AF8-9DCD6ED7E037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9C79AB-4ABE-49E6-BAB2-94610AE0316F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04DE7CCB-79B8-4F9B-AC14-E4A100F9E473",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1444C77E-FF98-40E5-9CA9-B4C71B3C9304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3B40771F-30CB-45D0-9EDE-1F13852085B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4F64F8-CCC2-47FF-9B9D-41B3BCDD513C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "47315EC4-1EED-4070-A087-8E37C8FE6703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1EB38F-CEB2-40BC-AA5D-CC539F597137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDAEAE6-BA9F-4D40-B264-4A72930239E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A76ACC55-754D-4501-8312-5A4E10D053B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0B711600-425F-4FF9-BC5E-B8D182A2B9F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5421CDE-6C31-42FF-8A06-23A6207D1B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.0:*:mac:*:*:*:*:*",
"matchCriteriaId": "ACAB9169-BC6E-49CF-9A00-3F3054677B32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6469EB31-32FF-415C-82DD-670513911371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F112CED-879B-4A19-993A-16858B4EC16C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D7FA24-4B6F-4D67-95BE-46819033CA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B316E0-4A05-411A-8279-404C82288BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B91D7920-86E6-4842-897A-553F018AD493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message."
}
],
"id": "CVE-2002-2338",
"lastModified": "2024-11-20T23:43:26.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228"
},
{
"source": "cve@mitre.org",
"url": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/276628"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9343.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/276946"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/5002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=144228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/276628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9343.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/276946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/5002"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-18 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes."
}
],
"id": "CVE-1999-0425",
"lastModified": "2024-11-20T23:28:42.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0425"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-07-08 04:00
Modified
2024-11-20 23:27
Severity ?
Summary
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | internet_explorer | 3.0 | |
| microsoft | internet_explorer | 4.0 | |
| netscape | communicator | 2.0 | |
| netscape | communicator | 3.0 | |
| netscape | communicator | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBF9241-A175-438C-A793-3D245BE2AE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B815D9-BC21-4A17-AF00-B8AD181027D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7144D163-CD3D-4E57-83D9-FB164C65E06E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD558FC-D1D7-4092-9A05-B174CA06675D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user\u0027s web activities, aka the Bell Labs vulnerability."
}
],
"id": "CVE-1999-0031",
"lastModified": "2024-11-20T23:27:39.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "1997-07-08T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"URL Repurposed"
],
"url": "http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"URL Repurposed"
],
"url": "http://www.codetalker.com/advisories/vendor/hp/hpsbux9707-065.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-01 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 | |
| netscape | navigator | 4.0 | |
| netscape | navigator | 4.01 | |
| netscape | navigator | 4.02 | |
| netscape | navigator | 4.03 | |
| netscape | navigator | 4.04 | |
| netscape | navigator | 4.05 | |
| netscape | navigator | 4.5 | |
| netscape | navigator | 4.06 | |
| netscape | navigator | 4.07 | |
| netscape | navigator | 4.08 | |
| netscape | navigator | 4.61 | |
| sun | java | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05CFEB93-B230-473E-A6D0-73CA0C48CB9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "60AA08F1-9932-404D-830E-E6D126FC732B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.02:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FBC98E-49CF-48F1-9206-DDE8166AA8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.03:*:*:*:*:*:*:*",
"matchCriteriaId": "E57BB283-31F4-487A-87CA-A251BFC5133C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D5F1E-DD1B-4CCE-B16D-05AB2DEBCB18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "E20267FF-FCF8-42BF-9CF1-127FF856C6FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EC6F62-37FF-46DD-997C-A4D77182BBEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D5904FD1-9806-4C73-A4E8-98C1F8F078EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "431D7EED-1152-4245-92B9-023A4AC88EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "04BBF8B2-8378-4CA3-B8D4-4ED5D7B8A674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3EFA3B-5DE7-40D0-960D-283491163E74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDA9F90-5D16-4E04-B285-D32C362279C6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages."
}
],
"id": "CVE-1999-0440",
"lastModified": "2024-11-20T23:28:44.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1939"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-03-18 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes."
}
],
"id": "CVE-1999-0424",
"lastModified": "2024-11-20T23:28:42.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-03-18T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0424"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-10 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate."
}
],
"id": "CVE-2000-0409",
"lastModified": "2024-11-20T23:32:26.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-10T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1201"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:42
Severity ?
Summary
Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.77 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute."
}
],
"id": "CVE-2002-1766",
"lastModified": "2024-11-20T23:42:04.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/276876"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5010"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/276876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9355"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-06-18 04:00
Modified
2024-11-20 23:39
Severity ?
Summary
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1EB38F-CEB2-40BC-AA5D-CC539F597137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F009302-6798-4189-BE56-FB8E67C64592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5421CDE-6C31-42FF-8A06-23A6207D1B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6469EB31-32FF-415C-82DD-670513911371",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI."
}
],
"id": "CVE-2002-0593",
"lastModified": "2024-11-20T23:39:26.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-06-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/8039"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/8976.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/8039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/8976.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4637"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-11-24 05:00
Modified
2024-11-20 23:30
Severity ?
Summary
Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/archive/1/36306 | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/36608 | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/822 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/7884 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/36306 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/36608 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/822 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/7884 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.7 | |
| netscape | navigator | 4.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2AE46C7-6538-4DE6-B3EA-81AD7F7C43E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file."
}
],
"id": "CVE-1999-1189",
"lastModified": "2024-11-20T23:30:31.297",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-11-24T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/36306"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/36608"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/822"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/36306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/36608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7884"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:43
Severity ?
Summary
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 6.2.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F52FD289-E9BF-4CD3-8C20-D4559FEEA0B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself."
}
],
"id": "CVE-2002-2308",
"lastModified": "2024-11-20T23:43:22.263",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9645.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-July/000600.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9645.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:43
Severity ?
Summary
Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 | |
| netscape | communicator | 4.75 | |
| netscape | communicator | 4.76 | |
| netscape | communicator | 4.77 | |
| netscape | communicator | 4.78 | |
| netscape | communicator | 4.79 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*",
"matchCriteriaId": "B4613823-DA14-4BE2-986C-2EED3DB82BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.79:*:*:*:*:*:*:*",
"matchCriteriaId": "5E829621-6981-4413-BF05-E4C9AD79A4AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes."
}
],
"id": "CVE-2002-2284",
"lastModified": "2024-11-20T23:43:18.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103798147613151\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6223"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10714"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103798147613151\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10714"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:43
Severity ?
Summary
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 | |
| netscape | communicator | 4.75 | |
| netscape | communicator | 4.76 | |
| netscape | communicator | 4.77 | |
| netscape | communicator | 4.78 | |
| netscape | communicator | 4.79 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*",
"matchCriteriaId": "B4613823-DA14-4BE2-986C-2EED3DB82BA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.79:*:*:*:*:*:*:*",
"matchCriteriaId": "5E829621-6981-4413-BF05-E4C9AD79A4AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method."
}
],
"id": "CVE-2002-2248",
"lastModified": "2024-11-20T23:43:13.817",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103834439321292\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6256"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103834439321292\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10706"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2024-11-20 23:33
Severity ?
Summary
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.04 | |
| netscape | communicator | 4.05 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.5_beta | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.08 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "94F9EFE4-7853-4809-8D94-03B3EFD739E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "494AFC1E-67A3-41CA-B920-B8F778B68A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "213EB326-33D1-4329-A6BB-B1AA1C626E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the \"file\", \"http\", \"https\", and \"ftp\" protocols, as demonstrated by Brown Orifice."
}
],
"id": "CVE-2000-0676",
"lastModified": "2024-11-20T23:33:02.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0236.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0265.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-027.1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-054.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1546"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-02 04:00
Modified
2024-11-20 23:35
Severity ?
Summary
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0AFE54-CB3F-4EEE-9081-8D307FA6448D",
"versionEndIncluding": "4.77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript."
}
],
"id": "CVE-2001-0596",
"lastModified": "2024-11-20T23:35:44.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000393"
},
{
"source": "cve@mitre.org",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=98685237415117\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2001/dsa-051"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5579"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-046.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/2637"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=98685237415117\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2001/dsa-051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2001-046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/2637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6344"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-10-05 04:00
Modified
2024-11-20 23:30
Severity ?
Summary
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | * | |
| netscape | communicator | 4.04 | |
| netscape | communicator | 4.51 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5921E5E6-3D97-4075-B557-968340FB6E7B",
"versionEndIncluding": "4.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "94F9EFE4-7853-4809-8D94-03B3EFD739E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a \"\u003c\" sign, and the 0x9b character to a \"\u003e\" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters."
}
],
"id": "CVE-1999-1357",
"lastModified": "2024-11-20T23:30:55.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-10-05T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=93915331626185\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=93915331626185\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-09-02 04:00
Modified
2024-11-20 23:29
Severity ?
Summary
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option."
}
],
"id": "CVE-1999-0685",
"lastModified": "2024-11-20T23:29:13.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "1999-09-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/618"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-01-12 05:00
Modified
2024-11-20 23:30
Severity ?
Summary
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Navigator uses weak encryption for storing a user\u0027s Netscape mail password."
}
],
"id": "CVE-1999-1002",
"lastModified": "2024-11-20T23:30:02.703",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-01-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=94536309217214\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=94570673523998\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.rstcorp.com/news/bad-crypto.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=94536309217214\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=94570673523998\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.rstcorp.com/news/bad-crypto.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-11-29 05:00
Modified
2024-11-20 23:40
Severity ?
Summary
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 | |
| netscape | communicator | 4.75 | |
| netscape | communicator | 4.76 | |
| netscape | communicator | 4.77 | |
| netscape | communicator | 4.78 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*",
"matchCriteriaId": "C97DE00F-4C73-4C54-918E-D540F2C3297B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*",
"matchCriteriaId": "C5A07AD2-2293-443A-9A32-316B832A5276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*",
"matchCriteriaId": "5A823994-786D-41D7-9FA7-FF8058C4AFD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*",
"matchCriteriaId": "B4613823-DA14-4BE2-986C-2EED3DB82BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.x allows attackers to use a link to steal a user\u0027s preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name."
},
{
"lang": "es",
"value": "Netscape Communicator 4.x permite a atacantes usar un enlace para robar las preferencias de un usuario, incluyendo informaci\u00f3n potencialmente sensible como historia de URLs, direcciones de correo electr\u00f3nico, y posiblemente sus contrase\u00f1as, mediante la redefinici\u00f3n de la funci\u00f3n user_pref() y accediendo al fichero prefs.js, que est\u00e1 almacenado en un directorio con un nombre predecible."
}
],
"id": "CVE-2002-1204",
"lastModified": "2024-11-20T23:40:49.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-29T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/advisory/11.19.02c.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10655.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/advisory/11.19.02c.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10655.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6215"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-10 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.05 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.5_beta | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "494AFC1E-67A3-41CA-B920-B8F778B68A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "213EB326-33D1-4329-A6BB-B1AA1C626E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the \"Acros-Suencksen SSL\" vulnerability."
}
],
"id": "CVE-2000-0406",
"lastModified": "2024-11-20T23:32:25.957",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2000-05-10T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-05.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-028.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-05.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1188"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-07-25 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mozilla | mozilla | m15 | |
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.05 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.5_beta | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.08 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:mozilla:m15:*:*:*:*:*:*:*",
"matchCriteriaId": "C85C3F06-8FFF-4A6F-BB86-B66A6031647E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "494AFC1E-67A3-41CA-B920-B8F778B68A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5_beta:*:*:*:*:*:*:*",
"matchCriteriaId": "213EB326-33D1-4329-A6BB-B1AA1C626E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1."
}
],
"id": "CVE-2000-0655",
"lastModified": "2024-11-20T23:32:59.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-07-25T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2000-046.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1503"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com"
},
{
"source": "cve@mitre.org",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/suse_security_announce_60.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2000-046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-08-01 04:00
Modified
2024-11-20 23:30
Severity ?
Summary
Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.01 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.08 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.01:*:*:*:*:*:*:*",
"matchCriteriaId": "3CF253BE-2FCF-40B6-8279-65255833EA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities."
}
],
"id": "CVE-1999-1262",
"lastModified": "2024-11-20T23:30:41.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "1997-08-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/12231"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/12231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1727"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-02-01 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.05 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.51 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "494AFC1E-67A3-41CA-B920-B8F778B68A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack."
}
],
"id": "CVE-1999-0174",
"lastModified": "2024-11-20T23:28:02.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-02-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0174"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-10-20 04:00
Modified
2024-11-20 23:33
Severity ?
Summary
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | virtual_machine | 2000 | |
| microsoft | virtual_machine | 3100 | |
| microsoft | virtual_machine | 3200 | |
| microsoft | virtual_machine | 3300 | |
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.04 | |
| netscape | communicator | 4.05 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.06 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.07 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.08 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 | |
| netscape | communicator | 4.74 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:2000:*:*:*:*:*:*:*",
"matchCriteriaId": "A299BA2B-FD34-4FD5-8A4B-EA99DA9BA3EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3100:*:*:*:*:*:*:*",
"matchCriteriaId": "CB67AEF8-DD02-4F20-B920-AC0B26D47C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3200:*:*:*:*:*:*:*",
"matchCriteriaId": "D133B730-EEDA-46E7-8CC4-4D0104D65C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3300:*:*:*:*:*:*:*",
"matchCriteriaId": "962D0B64-8EEE-4589-84B3-D504906AEEC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.04:*:*:*:*:*:*:*",
"matchCriteriaId": "94F9EFE4-7853-4809-8D94-03B3EFD739E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.05:*:*:*:*:*:*:*",
"matchCriteriaId": "494AFC1E-67A3-41CA-B920-B8F778B68A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.06:*:*:*:*:*:*:*",
"matchCriteriaId": "34F6328B-44A8-4E45-918E-C54285040BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.07:*:*:*:*:*:*:*",
"matchCriteriaId": "31D02C4D-3FD1-425F-B0DB-7808089BCD0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.08:*:*:*:*:*:*:*",
"matchCriteriaId": "61268CF9-E279-4F63-B228-F9ED4B93BB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*",
"matchCriteriaId": "BA48AF1E-99EF-419C-B425-001C7134C6BB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim\u0027s system via a malicious applet, as demonstrated by Brown Orifice."
}
],
"id": "CVE-2000-0711",
"lastModified": "2024-11-20T23:33:07.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-10-20T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1545"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000805020429.11774.qmail%40securityfocus.com"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-15.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000805020429.11774.qmail%40securityfocus.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-10-28 04:00
Modified
2024-11-20 23:30
Severity ?
Summary
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5921E5E6-3D97-4075-B557-968340FB6E7B",
"versionEndIncluding": "4.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key."
}
],
"id": "CVE-1999-1226",
"lastModified": "2024-11-20T23:30:36.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "1999-10-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-12-22 05:00
Modified
2024-11-20 23:31
Severity ?
Summary
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled \"remember passwords.\""
}
],
"id": "CVE-2000-0034",
"lastModified": "2024-11-20T23:31:34.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-12-22T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-01-09 05:00
Modified
2024-11-20 23:34
Severity ?
Summary
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | * | |
| netscape | navigator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8BCED1-674C-4050-9230-D233EFD2FD20",
"versionEndIncluding": "4.75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B287C2-FD02-4927-BC55-991FEDDD16BD",
"versionEndIncluding": "4.75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field."
}
],
"id": "CVE-2000-1187",
"lastModified": "2024-11-20T23:34:12.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-01-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000344"
},
{
"source": "cve@mitre.org",
"url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=97500270012529\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/7207"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-109.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=97500270012529\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/7207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2000-109.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5542"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-04-01 05:00
Modified
2024-11-20 23:29
Severity ?
Summary
A remote attacker can read information from a Netscape user's cache via JavaScript.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote attacker can read information from a Netscape user\u0027s cache via JavaScript."
}
],
"id": "CVE-1999-0790",
"lastModified": "2024-11-20T23:29:28.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2000-04-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://home.netscape.com/security/notes/jscachebrowsing.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://home.netscape.com/security/notes/jscachebrowsing.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-12-24 05:00
Modified
2024-11-20 23:29
Severity ?
Summary
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font."
}
],
"id": "CVE-1999-0892",
"lastModified": "2024-11-20T23:29:47.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-12-24T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1998-04-01 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | internet_explorer | 6.0.2900 | |
| netscape | communicator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6.0.2900:*:*:*:*:*:*:*",
"matchCriteriaId": "7B90EA4B-DA10-44B7-BD3D-6AE1197212D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66BDCBFA-2C8E-4D6B-B63F-79C23CC19488",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc."
}
],
"id": "CVE-1999-0537",
"lastModified": "2024-11-20T23:28:58.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1998-04-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0537"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-07-09 04:00
Modified
2024-11-20 23:29
Severity ?
Summary
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to \"Only accept cookies originating from the same server as the page being viewed\"."
}
],
"id": "CVE-1999-0809",
"lastModified": "2024-11-20T23:29:31.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-07-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0809"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-01-12 05:00
Modified
2024-11-20 23:31
Severity ?
Summary
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.7 | |
| netscape | navigator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2CA2F8-260C-4559-BF24-3E321CEAE93F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext."
}
],
"id": "CVE-2000-0087",
"lastModified": "2024-11-20T23:31:41.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-01-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=94790377622943\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/4385.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=94790377622943\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/4385.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-05-26 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.cert.org/advisories/CA-2000-08.html | Patch, Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/1260 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/4550 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cert.org/advisories/CA-2000-08.html | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1260 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/4550 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | 4.0 | |
| netscape | communicator | 4.5 | |
| netscape | communicator | 4.6 | |
| netscape | communicator | 4.7 | |
| netscape | communicator | 4.51 | |
| netscape | communicator | 4.61 | |
| netscape | communicator | 4.72 | |
| netscape | communicator | 4.73 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "209C7BB1-EFDF-43AB-9FB6-DF67465DEAEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4E9A5461-B0F2-49DB-A69C-3D2D27709647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "529E3F71-6016-461D-A162-0DBDD5505389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38FD74F5-12ED-4049-B06F-0F22A0254C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "918BE44C-8D64-4040-BC74-802AA3FA4E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "6AA534C4-9411-44EC-AA34-2287C79AD235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4E8588-A941-4759-B41C-00F193F2C63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*",
"matchCriteriaId": "3E48C051-EB45-4262-86C2-2333FD5C7745",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site\u0027s DNS information."
}
],
"id": "CVE-2000-0517",
"lastModified": "2024-11-20T23:32:41.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-05-26T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-08.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1260"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2000-08.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4550"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-11-21 05:00
Modified
2024-11-20 23:36
Severity ?
Summary
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| netscape | communicator | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netscape:communicator:*:*:macos:*:*:*:*:*",
"matchCriteriaId": "EE64CA52-9DDD-4584-97BD-CFCFACB08590",
"versionEndIncluding": "4.77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext."
}
],
"id": "CVE-2001-0921",
"lastModified": "2024-11-20T23:36:26.640",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-11-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=100638816318705\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5524"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3565"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=100638816318705\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/3565"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7593"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-199903-0046
Vulnerability from variot
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. SAP is an integrated enterprise resource planning system based on client/server architecture and open systems, including database open tools when installed. The SAP database program instlserver has problems handling environment variables. Local attackers can exploit this vulnerability for privilege escalation attacks and gain root user privileges. The instlserver program uses the user-supplied data and still runs with ROOT privileges when chmod and chown some files. When running the 'DevTool/bin/instlserver' program, according to the environment variable 'INSTROOT', the specified file will be chowned and chmoded. The attacker builds a malicious file and stores it in the location specified by the environment variable, and gets a suid root. Properties of the program, thereby increasing permissions. Several vendors have released versions of the Java Virtual Machine including Sun Microsystems and Netscape. A serious vulnerability exists in certain current versions of the JVM. It is exploited by an attacker who creates an applet which references an object using two pointers of incompatible type. This circumvents Java's typing rules, and can permit a malicious applet to undermine the normal java security measures on the victim's system. If the victim can be led to visit the attacker's website, the applet can be used by the attacker to assume control of the remote system, making it possible to read or overwrite data, and to run arbitrary code on the host machine
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-199903-0046",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "navigator",
"scope": "eq",
"trust": 1.6,
"vendor": "netscape",
"version": "4.06"
},
{
"model": "navigator",
"scope": "eq",
"trust": 1.6,
"vendor": "netscape",
"version": "4.08"
},
{
"model": "navigator",
"scope": "eq",
"trust": 1.6,
"vendor": "netscape",
"version": "4.07"
},
{
"model": "navigator",
"scope": "eq",
"trust": 1.6,
"vendor": "netscape",
"version": "4.02"
},
{
"model": "navigator",
"scope": "eq",
"trust": 1.6,
"vendor": "netscape",
"version": "4.03"
},
{
"model": "navigator",
"scope": "eq",
"trust": 1.6,
"vendor": "netscape",
"version": "4.05"
},
{
"model": "navigator",
"scope": "eq",
"trust": 1.6,
"vendor": "netscape",
"version": "4.04"
},
{
"model": "navigator",
"scope": "eq",
"trust": 1.6,
"vendor": "netscape",
"version": "4.0"
},
{
"model": "communicator",
"scope": "eq",
"trust": 1.6,
"vendor": "netscape",
"version": "4.5"
},
{
"model": "navigator",
"scope": "eq",
"trust": 1.6,
"vendor": "netscape",
"version": "4.01"
},
{
"model": "navigator",
"scope": "eq",
"trust": 1.0,
"vendor": "netscape",
"version": "4.5"
},
{
"model": "navigator",
"scope": "eq",
"trust": 1.0,
"vendor": "netscape",
"version": "4.61"
},
{
"model": "java",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "*"
},
{
"model": "db",
"scope": "eq",
"trust": 0.6,
"vendor": "sap",
"version": "7.4.03.27"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.2"
},
{
"model": "jdk",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "1.1"
},
{
"model": "navigator",
"scope": "eq",
"trust": 0.3,
"vendor": "netscape",
"version": "4.0x"
},
{
"model": "jvm",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "1.1"
},
{
"model": "db",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.4"
},
{
"model": "db",
"scope": "eq",
"trust": 0.3,
"vendor": "sap",
"version": "7.3.00"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1115"
},
{
"db": "BID",
"id": "1939"
},
{
"db": "BID",
"id": "7408"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-003"
},
{
"db": "NVD",
"id": "CVE-1999-0440"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Reported to bugtraq by Gary McGraw \u003cgem@rstcorp.com\u003e on Mon Apr 05 1999.\nCredit given to Karsten Sohr at the University of Marburg \u003csohr@mathematik.uni-marburg.de\u003e",
"sources": [
{
"db": "BID",
"id": "1939"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-003"
}
],
"trust": 0.9
},
"cve": "CVE-1999-0440",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-1999-0440",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.1,
"id": "CNVD-2003-1115",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-1999-0440",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2003-1115",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-199903-003",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1115"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-003"
},
{
"db": "NVD",
"id": "CVE-1999-0440"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. SAP is an integrated enterprise resource planning system based on client/server architecture and open systems, including database open tools when installed. The SAP database program instlserver has problems handling environment variables. Local attackers can exploit this vulnerability for privilege escalation attacks and gain root user privileges. The instlserver program uses the user-supplied data and still runs with ROOT privileges when chmod and chown some files. When running the \u0027DevTool/bin/instlserver\u0027 program, according to the environment variable \u0027INSTROOT\u0027, the specified file will be chowned and chmoded. The attacker builds a malicious file and stores it in the location specified by the environment variable, and gets a suid root. Properties of the program, thereby increasing permissions. Several vendors have released versions of the Java Virtual Machine including Sun Microsystems and Netscape. \nA serious vulnerability exists in certain current versions of the JVM. \nIt is exploited by an attacker who creates an applet which references an object using two pointers of incompatible type. This circumvents Java\u0027s typing rules, and can permit a malicious applet to undermine the normal java security measures on the victim\u0027s system. \nIf the victim can be led to visit the attacker\u0027s website, the applet can be used by the attacker to assume control of the remote system, making it possible to read or overwrite data, and to run arbitrary code on the host machine",
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0440"
},
{
"db": "CNVD",
"id": "CNVD-2003-1115"
},
{
"db": "BID",
"id": "1939"
},
{
"db": "BID",
"id": "7408"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "1939",
"trust": 1.9
},
{
"db": "NVD",
"id": "CVE-1999-0440",
"trust": 1.9
},
{
"db": "BID",
"id": "7408",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2003-1115",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "19990405 SECURITY HOLE IN JAVA 2 (AND JDK 1.1.X)",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-199903-003",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1115"
},
{
"db": "BID",
"id": "1939"
},
{
"db": "BID",
"id": "7408"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-003"
},
{
"db": "NVD",
"id": "CVE-1999-0440"
}
]
},
"id": "VAR-199903-0046",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1115"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1115"
}
]
},
"last_update_date": "2024-11-22T23:05:59.298000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-1999-0440"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://java.sun.com/pr/1999/03/pr990329-01.html"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/1939"
},
{
"trust": 2.0,
"url": "http://marc.info/?l=bugtraq\u0026m=92333596624452\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=105103613727471\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=92333596624452\u0026w=2"
},
{
"trust": 0.3,
"url": "http://listserv.sap.com/pipermail/sapdb.sources/2003-april/000142.html"
},
{
"trust": 0.3,
"url": "/archive/1/319409"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1115"
},
{
"db": "BID",
"id": "7408"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-003"
},
{
"db": "NVD",
"id": "CVE-1999-0440"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2003-1115"
},
{
"db": "BID",
"id": "1939"
},
{
"db": "BID",
"id": "7408"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-003"
},
{
"db": "NVD",
"id": "CVE-1999-0440"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-1115"
},
{
"date": "1999-04-05T00:00:00",
"db": "BID",
"id": "1939"
},
{
"date": "2003-04-22T00:00:00",
"db": "BID",
"id": "7408"
},
{
"date": "1999-03-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199903-003"
},
{
"date": "1999-03-01T05:00:00",
"db": "NVD",
"id": "CVE-1999-0440"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-22T00:00:00",
"db": "CNVD",
"id": "CNVD-2003-1115"
},
{
"date": "1999-04-05T00:00:00",
"db": "BID",
"id": "1939"
},
{
"date": "2009-07-11T21:07:00",
"db": "BID",
"id": "7408"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-199903-003"
},
{
"date": "2024-11-20T23:28:44.600000",
"db": "NVD",
"id": "CVE-1999-0440"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-199903-003"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP database development tool INSTLSERVER INSTROOT environment variable vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2003-1115"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "1939"
},
{
"db": "CNNVD",
"id": "CNNVD-199903-003"
}
],
"trust": 0.9
}
}