Netscape : Security Vulnerabilities, CVEs,
Arbitrary command execution via IMAP buffer overflow in authenticate command.
Max CVSS
10.0
EPSS Score
91.96%
Published
1998-07-20
Updated
2008-09-09
Information from SSL-encrypted sessions via PKCS #1.
Max CVSS
5.0
EPSS Score
0.07%
Published
1998-06-26
Updated
2020-04-02
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
Max CVSS
5.0
EPSS Score
93.39%
Published
1998-02-06
Updated
2022-08-17
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.
Max CVSS
2.6
EPSS Score
21.53%
Published
1997-07-08
Updated
2021-07-22
Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.
Max CVSS
10.0
EPSS Score
0.83%
Published
1996-12-04
Updated
2022-08-17
List of arbitrary files on Web host via nph-test-cgi script.
Max CVSS
7.5
EPSS Score
0.44%
Published
1996-12-10
Updated
2022-08-17
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.
Max CVSS
3.7
EPSS Score
0.04%
Published
1996-03-29
Updated
2008-09-09
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.
Max CVSS
7.5
EPSS Score
3.50%
Published
1996-03-01
Updated
2022-08-17
The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Max CVSS
6.4
EPSS Score
3.91%
Published
1997-02-01
Updated
2022-08-17
Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.
Max CVSS
7.5
EPSS Score
0.13%
Published
1998-01-01
Updated
2024-02-02
Netscape Enterprise servers may list files through the PageServices query.
Max CVSS
5.0
EPSS Score
0.61%
Published
1998-08-01
Updated
2022-08-17
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
Max CVSS
2.1
EPSS Score
0.04%
Published
1999-03-18
Updated
2022-08-17
talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
Max CVSS
6.4
EPSS Score
0.06%
Published
1999-03-18
Updated
2022-08-17
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
Max CVSS
7.5
EPSS Score
5.72%
Published
1999-03-01
Updated
2016-10-18
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.
Max CVSS
5.0
EPSS Score
1.82%
Published
1999-03-01
Updated
2008-09-09
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.
Max CVSS
7.5
EPSS Score
0.13%
Published
1998-04-01
Updated
2022-08-17
Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.
Max CVSS
5.1
EPSS Score
0.66%
Published
1999-09-02
Updated
2008-09-09
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.
Max CVSS
5.0
EPSS Score
0.15%
Published
1999-05-07
Updated
2008-09-09
Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.
Max CVSS
7.5
EPSS Score
4.53%
Published
2000-01-04
Updated
2008-09-05
Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.
Max CVSS
5.0
EPSS Score
0.25%
Published
1999-09-13
Updated
2018-05-03
Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.
Max CVSS
5.0
EPSS Score
0.29%
Published
1999-07-06
Updated
2022-08-17
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.
Max CVSS
5.0
EPSS Score
0.95%
Published
2001-03-12
Updated
2022-08-17
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
Max CVSS
2.6
EPSS Score
0.27%
Published
1999-05-24
Updated
2022-08-17
A remote attacker can read information from a Netscape user's cache via JavaScript.
Max CVSS
2.6
EPSS Score
0.79%
Published
2000-04-01
Updated
2008-09-09
The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.
Max CVSS
7.2
EPSS Score
0.04%
Published
1999-05-01
Updated
2022-08-17