Page 4 of 23 results (0.002 seconds)

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext. • http://marc.info/?l=bugtraq&m=94790377622943&w=2 http://www.iss.net/security_center/static/4385.php •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file. • http://www.securityfocus.com/archive/1/36306 http://www.securityfocus.com/archive/1/36608 http://www.securityfocus.com/bid/822 https://exchange.xforce.ibmcloud.com/vulnerabilities/7884 •

CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0

Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key. • http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html https://exchange.xforce.ibmcloud.com/vulnerabilities/3436 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters. • http://marc.info/?l=bugtraq&m=93915331626185&w=2 •