CVSS: 10.0EPSS: 20%CPEs: 38EXPL: 0CVE-2004-0904
https://notcve.org/view.php?id=CVE-2004-0904
24 Sep 2004 — Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. • http://bugzilla.mozilla.org/show_bug.cgi?id=255067 •
CVSS: 9.6EPSS: 5%CPEs: 62EXPL: 1CVE-2004-0905
https://notcve.org/view.php?id=CVE-2004-0905
14 Sep 2004 — Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. • http://bugzilla.mozilla.org/show_bug.cgi?id=250862 •
CVSS: 10.0EPSS: 23%CPEs: 3EXPL: 1CVE-2004-0722 – Mozilla 1.x / Netscape 7.0/7.1 - SOAP Integer Overflow
https://notcve.org/view.php?id=CVE-2004-0722
03 Aug 2004 — Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code. Desbordamiento de enteros en el constructor de objeto SOAPParameter en (1) Netscape version 7.0 y 7.1 y (2) Mozilla 1.6, y posiblemente versiones anteriores, permite a atacantes remotos ejecutar código de su elección. • https://www.exploit-db.com/exploits/24346 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2004-0718
https://notcve.org/view.php?id=CVE-2004-0718
23 Jul 2004 — The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. Los navegadores web (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 no previenen adecuadamente que un marco de un dominio inyecte contenido en un marco que pertenece a otro dominio, lo que ... • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt •
CVSS: 6.5EPSS: 3%CPEs: 1EXPL: 2CVE-2004-0528 – Netscape Navigator 7.1 - Embedded Image URI Obfuscation
https://notcve.org/view.php?id=CVE-2004-0528
08 Jun 2004 — Netscape Navigator 7.1 allows remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. Netscape Navigator 7.1 permite a atacantes remotos suplantar URL legítimas en la barra de estado mediante etiquetas A HREF con valores "alt" modificados que apuntan al sitio legítimo, combinado con un mapa de imagen cuyo HREF apunta al ... • https://www.exploit-db.com/exploits/24137 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2003-1265
https://notcve.org/view.php?id=CVE-2003-1265
31 Dec 2003 — Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0277.html •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 3CVE-2003-1419 – Netscape 7.0 - JavaScript Regular Expression Denial of Service
https://notcve.org/view.php?id=CVE-2003-1419
31 Dec 2003 — Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. • https://www.exploit-db.com/exploits/22287 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2003-1492
https://notcve.org/view.php?id=CVE-2003-1492
31 Dec 2003 — Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end. • http://www.securityfocus.com/archive/1/319919 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1560
https://notcve.org/view.php?id=CVE-2003-1560
31 Dec 2003 — Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. • http://securityreason.com/securityalert/4004 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2003-0553
https://notcve.org/view.php?id=CVE-2003-0553
15 Jul 2003 — Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename. Desbordamiento de búfer en el plugin de la Herramienta de Detección de cliente (CDT) (npcdt.dll) de Netscape 7.02 permite a atacantes remotos ejecutar código arbitrario mediante un adjunto con un nombre de fichero largo. • http://jimmers.russia.webmatrixhosting.net/whitepapers/CDTbug.pdf •