Vulnerabilities > Netscape > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-31 | CVE-2002-1655 | The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request. | 5.0 |
| 2002-11-29 | CVE-2002-1204 | Information Disclosure vulnerability in Netscape User Preferences Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name. | 5.0 |
| 2002-10-04 | CVE-2002-1042 | Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter. | 5.0 |
| 2002-06-25 | CVE-2002-0354 | The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property. | 5.0 |
| 2002-06-18 | CVE-2002-0594 | Local File Detection vulnerability in Netscape/Mozilla/Galeon Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect. | 5.0 |
| 2001-10-18 | CVE-2001-0745 | Unspecified vulnerability in Netscape Messanger 4.7X Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property. | 5.0 |
| 2001-09-20 | CVE-2001-0684 | Unspecified vulnerability in Netscape Collabra Server 3.5.2/3.5.4 Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. | 5.0 |
| 2001-09-20 | CVE-2001-0683 | Unspecified vulnerability in Netscape Collabra Server 3.5.2/3.5.4 Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238. | 5.0 |
| 2001-08-31 | CVE-2000-1196 | Unspecified vulnerability in Netscape Publishingxpert 2.5 PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter. | 5.0 |
| 2001-06-02 | CVE-2001-0251 | Unspecified vulnerability in Netscape Enterprise Server 3.0 The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command. | 5.0 |