CVSS: 5.0EPSS: 4%CPEs: 36EXPL: 2CVE-2002-2338 – Netscape 4.x/6.x / Mozilla 0.9.x - Malformed Email POP3 Denial of Service
https://notcve.org/view.php?id=CVE-2002-2338
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. • https://www.exploit-db.com/exploits/21539 http://bugzilla.mozilla.org/show_bug.cgi?id=144228 http://mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html http://online.securityfocus.com/archive/1/276628 http://www.iss.net/security_center/static/9343.php http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074 http://www.securityfocus.com/archive/1/276946 http://www.securityfocus.com/bid/5002 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0CVE-2002-1204
https://notcve.org/view.php?id=CVE-2002-1204
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name. Netscape Communicator 4.x permite a atacantes usar un enlace para robar las preferencias de un usuario, incluyendo información potencialmente sensible como historia de URLs, direcciones de correo electrónico, y posiblemente sus contraseñas, mediante la redefinición de la función user_pref() y accediendo al fichero prefs.js, que está almacenado en un directorio con un nombre predecible. • http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html http://www.idefense.com/advisory/11.19.02c.txt http://www.iss.net/security_center/static/10655.php http://www.securityfocus.com/bid/6215 •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 1CVE-2002-0593
https://notcve.org/view.php?id=CVE-2002-0593
Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000490 http://online.securityfocus.com/archive/1/270249 http://secunia.com/advisories/8039 http://www.iss.net/security_center/static/8976.php http://www.securityfocus.com/bid/4637 https://access.redhat.com/security/cve/CVE-2002-0593 https://bugzilla.redhat.com/show_bug.cgi?id=1616781 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0921
https://notcve.org/view.php?id=CVE-2001-0921
Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext. • http://marc.info/?l=bugtraq&m=100638816318705&w=2 http://www.osvdb.org/5524 http://www.securityfocus.com/bid/3565 https://exchange.xforce.ibmcloud.com/vulnerabilities/7593 •
CVSS: 7.5EPSS: 8%CPEs: 1EXPL: 1CVE-2001-0596 – Netscape Navigator 4.0.8 - 'about:' Domain Information Disclosure
https://notcve.org/view.php?id=CVE-2001-0596
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript. • https://www.exploit-db.com/exploits/20791 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000393 http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-014-01 http://marc.info/?l=bugtraq&m=98685237415117&w=2 http://www.debian.org/security/2001/dsa-051 http://www.osvdb.org/5579 http://www.redhat.com/support/errata/RHSA-2001-046.html http://www.securityfocus.com/bid/2637 https://exchange.xforce.ibmcloud.com/vulnerabilities/6344 •