Netscape Netscape 9.0

CPE Details

Netscape Netscape 9.0
netscape
navigator
9.0
2007-12-31
02h58 +00:00
2008-04-01
14h39 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:netscape:navigator:9.0:*:*:*:*:*:*:*

Informations

Vendor

netscape

Product

navigator

Version

9.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2008-2809 2008-07-08
21h00 +00:00		 Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site.
4
CVE-2007-4042 2007-07-27
20h00 +00:00		 Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670.
7.5
CVE-2007-1377 2007-03-09
23h00 +00:00		 AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236.
5
CVE-2002-0815 2002-08-01
02h00 +00:00		 The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.
7.5
CVE-2000-0087 2002-06-25
02h00 +00:00		 Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext.
5
CVE-1999-0142 2000-06-02
02h00 +00:00		 The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.
7.5
CVE-1999-0762 2000-01-04
04h00 +00:00		 When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.
2.6
CVE-1999-0869 2000-01-04
04h00 +00:00		 Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.
2.6