Page 5 of 38 results (0.011 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. • http://securityreason.com/securityalert/4004 http://www.securityfocus.com/archive/1/348574 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 1

Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0277.html http://www.iss.net/security_center/static/10963.php http://www.securityfocus.com/bid/6499 http://www.securitytracker.com/id?1005871 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 2

Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end. • http://www.securityfocus.com/archive/1/319919 http://www.securityfocus.com/bid/7456 https://exchange.xforce.ibmcloud.com/vulnerabilities/11924 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 4.3EPSS: 2%CPEs: 1EXPL: 3

Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. • https://www.exploit-db.com/exploits/22287 http://archives.neohapsis.com/archives/bugtraq/2003-02/0338.html http://www.securityfocus.com/bid/6959 https://exchange.xforce.ibmcloud.com/vulnerabilities/11444 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 43%CPEs: 1EXPL: 0

Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename. Desbordamiento de búfer en el plugin de la Herramienta de Detección de cliente (CDT) (npcdt.dll) de Netscape 7.02 permite a atacantes remotos ejecutar código arbitrario mediante un adjunto con un nombre de fichero largo. • http://jimmers.russia.webmatrixhosting.net/whitepapers/CDTbug.pdf http://marc.info/?l=bugtraq&m=105820193406838&w=2 •