CVEdetails.com the ultimate security vulnerability data source

Log In Register Reset Password Activate Account

Vulnerability Feeds & Widgets^New www.itsecdb.com

Home Browse :
Vendors Products By Date By Type Reports :
CVSS Score Report CVSS Score Distribution Search :
Vendor Search Product Search Version Search Vulnerability Search By Microsoft References Top 50 :
Vendors Vendor Cvss Scores Products Product Cvss Scores Versions Other :
Microsoft Bulletins Bugtraq Entries CWE Definitions About & Contact Feedback CVE Help FAQ External Links :
NVD Website CWE Web Site

Netscape : Security Vulnerabilities (CVSS score between 4 and 4.99)

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : Cve Number Descending Cve Number Ascending CVSS Score Descending Number Of Exploits Descending

Copy Results Download Results Select Table

#	CVE ID	CWE ID	# of Exploits	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2009-2542	399	1	DoS	2009-07-20	2009-09-04	4.3	None	Remote	Medium	Not required	None	None	Partial
Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
2	CVE-2008-2809	20			2008-07-08	2012-11-26	4.0	None	Remote	High	Not required	None	Partial	Partial
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.
3	CVE-2006-2894	20			2006-06-07	2011-09-21	4.0	None	Remote	High	Not required	Partial	Partial	None
Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form.
4	CVE-2006-2613	200		+Info	2006-05-25	2010-04-02	4.3	None	Remote	Medium	Not required	Partial	None	None
Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1, and possibly other versions and products, allows remote user-assisted attackers to obtain information such as the installation path by causing exceptions to be thrown and checking the message contents.
5	CVE-2004-0905			Exec Code	2004-09-14	2010-08-21	4.6	User	Local	Low	Not required	Partial	Partial	Partial
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
6	CVE-2003-1419	20		DoS	2003-12-31	2008-09-05	4.3	None	Remote	Medium	Not required	None	None	Partial
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function.
7	CVE-2002-1766			Exec Code Overflow	2002-12-31	2008-09-05	4.6	User	Local	Low	Not required	Partial	Partial	Partial
Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute.
8	CVE-1999-0892			Overflow	1999-12-24	2008-09-09	4.6	User	Local	Low	Not required	Partial	Partial	Partial
Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.

Total number of vulnerabilities : 8 Page : 1 (This Page)

CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.