CVE ID | Published | Description | Score | Severity |
---|---|---|---|---|
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | 5 |
|||
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | 5 |
|||
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key. | 2.6 |
|||
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript. | 7.5 |
|||
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters. | 7.5 |
|||
Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | 7.5 |
|||
A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc. | 7.5 |