Page 3 of 22 results (0.004 seconds)

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information. • http://www.cert.org/advisories/CA-2000-08.html http://www.securityfocus.com/bid/1260 https://exchange.xforce.ibmcloud.com/vulnerabilities/4550 •

CVSS: 2.6EPSS: 0%CPEs: 11EXPL: 0

Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability. • http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt http://www.cert.org/advisories/CA-2000-05.html http://www.redhat.com/support/errata/RHSA-2000-028.html http://www.securityfocus.com/bid/1188 •

CVSS: 3.7EPSS: 0%CPEs: 7EXPL: 1

Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. • https://www.exploit-db.com/exploits/19912 http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html http://www.securityfocus.com/bid/1201 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0892 •

CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0

Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key. • http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html https://exchange.xforce.ibmcloud.com/vulnerabilities/3436 •