Vulnerabilities > Netscape > Navigator > 6.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-07 | CVE-2006-2894 | Improper Input Validation vulnerability in multiple products Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the user submits the form. | 4.0 |
2005-12-09 | CVE-2005-4134 | Buffer Overflow vulnerability in Mozilla Firefox Large History File Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. | 5.0 |
2002-12-31 | CVE-2002-2338 | Improper Input Validation vulnerability in multiple products The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | 5.0 |
2002-11-29 | CVE-2002-1308 | Remote Heap Corruption vulnerability in Netscape/Mozilla JAR Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression. | 7.5 |
2002-10-04 | CVE-2002-1091 | Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. | 7.5 |
2002-06-18 | CVE-2002-0594 | Local File Detection vulnerability in Netscape/Mozilla/Galeon Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect. | 5.0 |