Vulnerabilities > Netscape > Communicator > 4.78
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2284 | Unspecified vulnerability in Netscape Communicator Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes. | 6.4 |
| 2002-12-31 | CVE-2002-2248 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Netscape Communicator Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | 10.0 |
| 2002-12-31 | CVE-2002-2013 | Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | 5.0 |
| 2002-11-29 | CVE-2002-1204 | Information Disclosure vulnerability in Netscape User Preferences Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name. | 5.0 |