CVE-2000-1187
- EPSS 2.63%
- Veröffentlicht 09.01.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:20
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field.
CVE-2000-0711
- EPSS 33.51%
- Veröffentlicht 20.10.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:52:19
Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
- EPSS 20.49%
- Veröffentlicht 20.10.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:52:14
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice.
- EPSS 12.72%
- Veröffentlicht 25.07.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:52:12
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
- EPSS 1.29%
- Veröffentlicht 26.05.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:54
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromi...
CVE-2000-0409
- EPSS 0.31%
- Veröffentlicht 10.05.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:39
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate.
CVE-2000-0406
- EPSS 1.03%
- Veröffentlicht 10.05.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:38
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acr...
CVE-1999-0790
- EPSS 1.02%
- Veröffentlicht 01.04.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:49:03
A remote attacker can read information from a Netscape user's cache via JavaScript.
- EPSS 1.34%
- Veröffentlicht 12.01.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:50:58
Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
- EPSS 0.78%
- Veröffentlicht 12.01.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:49:29
Netscape Navigator uses weak encryption for storing a user's Netscape mail password.