17 results (0.011 seconds)

CVSS: 10.0EPSS: 4%CPEs: 14EXPL: 0

Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. • http://marc.info/?l=bugtraq&m=103834439321292&w=2 http://www.securityfocus.com/bid/6256 https://exchange.xforce.ibmcloud.com/vulnerabilities/10706 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 4%CPEs: 36EXPL: 2

The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. • https://www.exploit-db.com/exploits/21539 http://bugzilla.mozilla.org/show_bug.cgi?id=144228 http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html http://online.securityfocus.com/archive/1/276628 http://www.iss.net/security_center/static/9343.php http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074 http://www.securityfocus.com/archive/1/276946 http://www.securityfocus.com/bid/5002 • CWE-20: Improper Input Validation •

CVSS: 6.4EPSS: 1%CPEs: 14EXPL: 0

Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes. • http://marc.info/?l=bugtraq&m=103798147613151&w=2 http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf http://www.securityfocus.com/bid/6223 https://exchange.xforce.ibmcloud.com/vulnerabilities/10714 •

CVSS: 5.0EPSS: 0%CPEs: 30EXPL: 2

Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. • http://alive.znep.com/~marcs/security/mozillacookie/demo.html http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html http://www.iss.net/security_center/static/7973.php http://www.securityfocus.com/bid/3925 •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext. • http://marc.info/?l=bugtraq&m=100638816318705&w=2 http://www.osvdb.org/5524 http://www.securityfocus.com/bid/3565 https://exchange.xforce.ibmcloud.com/vulnerabilities/7593 •