Vulnerabilities > Mozilla > Mozilla

DATE CVE VULNERABILITY TITLE RISK
2002-11-29 CVE-2002-1308 Remote Heap Corruption vulnerability in Netscape/Mozilla JAR
Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression.
network
low complexity
mozilla netscape
7.5
7.5
2002-10-04 CVE-2002-1091 Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
network
low complexity
mozilla netscape opera-software
7.5
7.5
2002-09-24 CVE-2002-1126 Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler.
network
high complexity
galeon mozilla
2.6
2.6
2002-08-12 CVE-2002-0815 The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.
network
low complexity
mozilla netscape microsoft
7.5
7.5
2002-06-25 CVE-2002-0354 The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.
network
low complexity
mozilla netscape
5.0
5.0
2002-06-18 CVE-2002-0594 Local File Detection vulnerability in Netscape/Mozilla/Galeon
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
network
low complexity
galeon mozilla netscape
5.0
5.0
2002-06-18 CVE-2002-0593 Buffer Overflow vulnerability in Netscape/Mozilla IRC
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.
network
low complexity
mozilla netscape
7.5
7.5
2001-12-31 CVE-2001-1490 Denial of Service vulnerability in Mozilla 0.9.6
Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
network
low complexity
mozilla
5.0
5.0
2000-07-25 CVE-2000-0655 Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1.
network
low complexity
mozilla netscape
5.0
5.0