Vulnerabilities > Netscape > Communicator
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-01-09 | CVE-2000-1187 | Unspecified vulnerability in Netscape Communicator and Navigator Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | 7.5 |
| 2000-10-20 | CVE-2000-0676 | Unspecified vulnerability in Netscape Communicator Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice. | 5.0 |
| 2000-07-25 | CVE-2000-0655 | Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1. | 5.0 |
| 2000-05-26 | CVE-2000-0517 | Unspecified vulnerability in Netscape Communicator Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information. | 5.0 |
| 2000-05-10 | CVE-2000-0409 | Unspecified vulnerability in Netscape Communicator Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. | 3.7 |
| 2000-05-10 | CVE-2000-0406 | Unspecified vulnerability in Netscape Communicator Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability. | 2.6 |
| 2000-04-01 | CVE-1999-0790 | Unspecified vulnerability in Netscape Communicator 4.0 A remote attacker can read information from a Netscape user's cache via JavaScript. | 2.6 |
| 2000-01-12 | CVE-2000-0087 | Unspecified vulnerability in Netscape Communicator and Navigator Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext. | 5.0 |
| 2000-01-12 | CVE-1999-1002 | Remote Security vulnerability in Netscape Communicator 4.7 Netscape Navigator uses weak encryption for storing a user's Netscape mail password. | 5.0 |
| 1999-12-24 | CVE-1999-0892 | Unspecified vulnerability in Netscape Communicator 4.5 Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font. | 4.6 |