Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Communicator
(Netscape)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 35 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 1997-07-08 | CVE-1999-0031 | JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability. | Internet_explorer, Communicator | N/A | ||
| 2000-10-20 | CVE-2000-0711 | Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. | Virtual_machine, Communicator | N/A | ||
| 1999-12-24 | CVE-1999-0892 | Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font. | Communicator | N/A | ||
| 1997-02-01 | CVE-1999-0174 | The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. | Communicator | N/A | ||
| 1998-04-01 | CVE-1999-0537 | A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. | Internet_explorer, Communicator | N/A | ||
| 1999-03-18 | CVE-1999-0425 | talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes. | Communicator | N/A | ||
| 1999-03-18 | CVE-1999-0424 | talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes. | Communicator | N/A | ||
| 1999-05-24 | CVE-1999-0762 | When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. | Communicator, Navigator | N/A | ||
| 1999-07-09 | CVE-1999-0809 | Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed". | Communicator | N/A | ||
| 1999-12-22 | CVE-2000-0034 | Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | Communicator | N/A |