CVSS: 9.8EPSS: 15%CPEs: 14EXPL: 2CVE-2000-0655 – Netscape Communicator 4.x - JPEG-Comment Heap Overwrite
https://notcve.org/view.php?id=CVE-2000-0655
25 Jul 2000 — Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1. • https://www.exploit-db.com/exploits/20098 •
CVSS: 5.3EPSS: 1%CPEs: 8EXPL: 0CVE-2000-0517
https://notcve.org/view.php?id=CVE-2000-0517
26 May 2000 — Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information. • http://www.cert.org/advisories/CA-2000-08.html •
CVSS: 2.6EPSS: 0%CPEs: 11EXPL: 0CVE-2000-0406
https://notcve.org/view.php?id=CVE-2000-0406
10 May 2000 — Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability. • http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2000-0409 – Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink
https://notcve.org/view.php?id=CVE-2000-0409
10 May 2000 — Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. • https://www.exploit-db.com/exploits/19912 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1002
https://notcve.org/view.php?id=CVE-1999-1002
12 Jan 2000 — Netscape Navigator uses weak encryption for storing a user's Netscape mail password. • http://marc.info/?l=bugtraq&m=94536309217214&w=2 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2000-0087
https://notcve.org/view.php?id=CVE-2000-0087
12 Jan 2000 — Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext. • http://marc.info/?l=bugtraq&m=94790377622943&w=2 •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2000-0034
https://notcve.org/view.php?id=CVE-2000-0034
22 Dec 1999 — Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034 •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 2CVE-1999-1189
https://notcve.org/view.php?id=CVE-1999-1189
24 Nov 1999 — Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file. • http://www.securityfocus.com/archive/1/36306 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1226
https://notcve.org/view.php?id=CVE-1999-1226
28 Oct 1999 — Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key. • http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-1999-1357
https://notcve.org/view.php?id=CVE-1999-1357
05 Oct 1999 — Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters. • http://marc.info/?l=bugtraq&m=93915331626185&w=2 •