CVSS: 5.0EPSS: 1%CPEs: 14EXPL: 2CVE-2000-0655 – Netscape Communicator 4.x - JPEG-Comment Heap Overwrite
https://notcve.org/view.php?id=CVE-2000-0655
Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1. • https://www.exploit-db.com/exploits/20098 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-011.txt.asc http://archives.neohapsis.com/archives/bugtraq/2000-07/0456.html http://archives.neohapsis.com/archives/bugtraq/2000-08/0116.html http://www.novell.com/linux/security/advisories/suse_security_announce_60.html http://www.redhat.com/support/errata/RHSA-2000-046.html http://www •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2000-0517
https://notcve.org/view.php?id=CVE-2000-0517
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information. • http://www.cert.org/advisories/CA-2000-08.html http://www.securityfocus.com/bid/1260 https://exchange.xforce.ibmcloud.com/vulnerabilities/4550 •
CVSS: 2.6EPSS: 0%CPEs: 11EXPL: 0CVE-2000-0406
https://notcve.org/view.php?id=CVE-2000-0406
Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability. • http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt http://www.cert.org/advisories/CA-2000-05.html http://www.redhat.com/support/errata/RHSA-2000-028.html http://www.securityfocus.com/bid/1188 •
CVSS: 3.7EPSS: 0%CPEs: 7EXPL: 1CVE-2000-0409 – Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink
https://notcve.org/view.php?id=CVE-2000-0409
Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. • https://www.exploit-db.com/exploits/19912 http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html http://www.securityfocus.com/bid/1201 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-1999-1357
https://notcve.org/view.php?id=CVE-1999-1357
Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters. • http://marc.info/?l=bugtraq&m=93915331626185&w=2 •