Vulnerabilities > Netscape
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-2284 | Unspecified vulnerability in Netscape Communicator Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes. | 6.4 |
| 2002-12-31 | CVE-2002-2248 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Netscape Communicator Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | 10.0 |
| 2002-12-31 | CVE-2002-2061 | Denial-Of-Service vulnerability in Netscape Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and earlier allows remote attackers to crash client browsers and execute arbitrary code via a PNG image with large width and height values and an 8-bit or 16-bit alpha channel. | 7.5 |
| 2002-12-31 | CVE-2002-2013 | Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | 5.0 |
| 2002-12-31 | CVE-2002-1766 | Buffer Overflow vulnerability in Netscape Communicator 4.77 Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute. | 4.6 |
| 2002-12-31 | CVE-2002-1655 | The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request. | 5.0 |
| 2002-12-31 | CVE-2002-1654 | Authentication Attacks vulnerability in Netscape Enterprise Web Server Brute Force iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection. | 7.5 |
| 2002-11-29 | CVE-2002-1308 | Remote Heap Corruption vulnerability in Netscape/Mozilla JAR Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression. | 7.5 |
| 2002-11-29 | CVE-2002-1204 | Information Disclosure vulnerability in Netscape User Preferences Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name. | 5.0 |
| 2002-10-04 | CVE-2002-1091 | Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. | 7.5 |