2002-10-04 | CVE-2002-1042 | Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | 5.0 |
2002-08-12 | CVE-2002-0815 | The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain. | 7.5 |
2002-06-25 | CVE-2002-0354 | The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property. | 5.0 |
2002-06-18 | CVE-2002-0594 | Local File Detection vulnerability in Netscape/Mozilla/Galeon Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect. | 5.0 |
2002-06-18 | CVE-2002-0593 | Buffer Overflow vulnerability in Netscape/Mozilla IRC Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | 7.5 |
2001-11-21 | CVE-2001-0921 | Unspecified vulnerability in Netscape Communicator Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext. | 2.1 |
2001-10-18 | CVE-2001-0745 | Unspecified vulnerability in Netscape Messanger 4.7X Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property. | 5.0 |
2001-09-20 | CVE-2001-0684 | Unspecified vulnerability in Netscape Collabra Server 3.5.2/3.5.4 Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. | 5.0 |
2001-09-20 | CVE-2001-0683 | Unspecified vulnerability in Netscape Collabra Server 3.5.2/3.5.4 Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238. | 5.0 |
2001-08-31 | CVE-2000-1196 | Unspecified vulnerability in Netscape Publishingxpert 2.5 PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter. | 5.0 |