Vulnerabilities > Netscape > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-09-14 | CVE-2004-0905 | Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | 4.6 |
| 2004-08-06 | CVE-2004-0528 | Unspecified vulnerability in Netscape Navigator 7.1 Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. | 5.0 |
| 2003-12-31 | CVE-2003-1560 | Information Exposure vulnerability in Netscape Navigator 4 Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | 5.0 |
| 2003-12-31 | CVE-2003-1492 | Link Following vulnerability in multiple products Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . | 5.0 |
| 2003-12-31 | CVE-2003-1419 | Improper Input Validation vulnerability in Netscape Navigator 7.0 Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | 4.3 |
| 2002-12-31 | CVE-2002-2338 | Improper Input Validation vulnerability in multiple products The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | 5.0 |
| 2002-12-31 | CVE-2002-2308 | Denial-Of-Service vulnerability in Netscape Communicator 6.2.1 Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself. | 5.0 |
| 2002-12-31 | CVE-2002-2284 | Unspecified vulnerability in Netscape Communicator Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes. | 6.4 |
| 2002-12-31 | CVE-2002-2013 | Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | 5.0 |
| 2002-12-31 | CVE-2002-1766 | Buffer Overflow vulnerability in Netscape Communicator 4.77 Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute. | 4.6 |