Netscape : Security Vulnerabilities, CVEs,

Arbitrary command execution via IMAP buffer overflow in authenticate command.

Information from SSL-encrypted sessions via PKCS #1.

Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.

JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

List of arbitrary files on Web host via nph-test-cgi script.

Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.

The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.

The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.

Netscape Enterprise servers may list files through the PageServices query.

talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.

talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.

The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.

Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems.

A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.

Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option.

Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL.

Buffer overflow in Netscape Enterprise Server and FastTrask Server allows remote attackers to gain privileges via a long HTTP GET request.

Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.

Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.

Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.

When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.

A remote attacker can read information from a Netscape user's cache via JavaScript.

The Netscape Directory Server installation procedure leaves sensitive information in a file that is accessible to local users.