CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 2CVE-2009-2542
https://notcve.org/view.php?id=CVE-2009-2542
20 Jul 2009 — Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. Netscape v6 y v8 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) mediante un valor entero grande en la propiedad "length" de un objeto "Select", siendo un asunto relacionado con CVE-2009-1692. • http://www.exploit-db.com/exploits/9160 • CWE-399: Resource Management Errors •
CVSS: 4.8EPSS: 2%CPEs: 18EXPL: 0CVE-2008-2809 – Firefox self signed certificate flaw
https://notcve.org/view.php?id=CVE-2008-2809
08 Jul 2008 — Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regard the certificate as also accepted for all domain names in subjectAltName:dNSName fields, which makes it easier for remote attackers to trick a user into accepting an invalid certificate for a spoofed web site. Mozilla 1.9 M8 y anteriores, Mozi... • http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00004.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 4%CPEs: 8EXPL: 0CVE-2007-4042
https://notcve.org/view.php?id=CVE-2007-4042
27 Jul 2007 — Multiple argument injection vulnerabilities in Netscape Navigator 9 allow remote attackers to execute arbitrary commands via a NULL byte (%00) and shell metacharacters in a (1) mailto, (2) nntp, (3) news, (4) snews, or (5) telnet URI, a similar issue to CVE-2007-3670. Múltiples vulnerabilidades de inyección de argumento en Netscape Navigator 9 permite a atacantes remotos ejecutar comandos de su elección mediante un byte NULL (%00) y metacaracteres de consola de comandos en URIs (1) mailto, (2) nntp, (3) new... • http://osvdb.org/46832 •
CVSS: 9.3EPSS: 7%CPEs: 2EXPL: 0CVE-2007-3924
https://notcve.org/view.php?id=CVE-2007-3924
21 Jul 2007 — Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the navigatorurl URI, which are inserted into the command line that is created when invoking netscape.exe, a related issue to CVE-2007-3670. NOTE: there has been debate about whether the issue is in Internet Explorer or Ne... • http://secunia.com/advisories/26082 •
CVSS: 6.5EPSS: 21%CPEs: 4EXPL: 3CVE-2007-1377 – Adobe Reader Plugin 'AcroPDF.dll' 8.0.0.0 - Resource Consumption
https://notcve.org/view.php?id=CVE-2007-1377
10 Mar 2007 — AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236. AcroPDF.DLL de Adobe Reader 8.0, cuando se accede desde Mozilla Firefox, Netscape, ó Opera, permite a atacantes remotos provocar una denegación de servicio (agotamiento sin e... • https://www.exploit-db.com/exploits/3430 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 2%CPEs: 13EXPL: 5CVE-2006-6077
https://notcve.org/view.php?id=CVE-2006-6077
24 Nov 2006 — The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matches the web site for which the user stored a password, which allows remote attackers to obtain passwords via a password INPUT element on a different web page located on the web site intended for this password. El (1) Password Manager en Mozilla Firefox 2.0, y 1.... • ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc •
CVSS: 8.8EPSS: 35%CPEs: 28EXPL: 1CVE-2006-4253 – Mozilla Firefox 1.0.x - JavaScript Handler Race Condition Memory Corruption
https://notcve.org/view.php?id=CVE-2006-4253
21 Aug 2006 — Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads to a concurrency failure that causes structures to be freed incorrectly, as demonstrated by (1) ffoxdie and (2) ffoxdie3. NOTE: it has been reported that Netscape 8.1 and K-Meleon 1.0.1 are also affected by ffoxd... • https://www.exploit-db.com/exploits/28380 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.1EPSS: 6%CPEs: 6EXPL: 3CVE-2006-2894 – Mozilla Firefox 1.x - JavaScript Key Filtering
https://notcve.org/view.php?id=CVE-2006-2894
07 Jun 2006 — Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and other versions before 1.1.5, and Netscape 8.1 and earlier allow user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to change the focus and cause those characters to be inserted into a file upload input control, which can then upload the file when the ... • https://www.exploit-db.com/exploits/27987 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 1CVE-2006-2613
https://notcve.org/view.php?id=CVE-2006-2613
26 May 2006 — Mozilla Suite 1.7.13, Mozilla Firefox 1.5.0.3 and possibly other versions before before 1.8.0, and Netscape 7.2 and 8.1, and possibly other versions and products, allows remote user-assisted attackers to obtain information such as the installation path by causing exceptions to be thrown and checking the message contents. • http://secunia.com/advisories/20244 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.1EPSS: 1%CPEs: 5EXPL: 0CVE-2006-1942
https://notcve.org/view.php?id=CVE-2006-1942
20 Apr 2006 — Mozilla Firefox 1.5.0.2 and possibly other versions before 1.5.0.4, Netscape 8.1, 8.0.4, and 7.2, and K-Meleon 0.9.13 allows user-assisted remote attackers to open local files via a web page with an IMG element containing a SRC attribute with a non-image file:// URL, then tricking the user into selecting View Image for the broken image, as demonstrated using a .wma file to launch Windows Media Player, or by referencing an "alternate web page." • http://secunia.com/advisories/19698 •