Vulnerabilities > Netscape > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-10-04 | CVE-2002-1091 | Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. | 7.5 |
| 2002-08-12 | CVE-2002-0815 | The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain. | 7.5 |
| 2002-06-18 | CVE-2002-0593 | Buffer Overflow vulnerability in Netscape/Mozilla IRC Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. | 7.5 |
| 2001-08-02 | CVE-2001-0596 | Information Disclosure vulnerability in Netscape Navigator 'about:' Domain Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript. | 7.5 |
| 2001-07-02 | CVE-2001-0262 | Unspecified vulnerability in Netscape Smartdownload 1.3 Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers (malicious web pages) to execute arbitrary commands via a long URL. | 7.5 |
| 2001-06-02 | CVE-2001-0164 | Unspecified vulnerability in Netscape Directory Server Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field. | 7.5 |
| 2001-01-09 | CVE-2000-1187 | Unspecified vulnerability in Netscape Communicator and Navigator Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | 7.5 |
| 2000-12-11 | CVE-2000-1073 | Unspecified vulnerability in Netscape Iplanet Ical 2.1 csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory. | 7.2 |
| 2000-12-11 | CVE-2000-1072 | Unspecified vulnerability in Netscape Iplanet Ical 2.1 iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse. | 7.2 |
| 2000-06-26 | CVE-2000-0600 | Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL. | 7.5 |