Every CVE whose affected-product data names Netscape Communicator, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (35)
CVE-2002-2248 — CVSS 10.0 (critical): Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute…
CVE-1999-1357 — CVSS 7.5 (high): Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<"…
CVE-1999-0440 — CVSS 7.5 (high): The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
CVE-2000-0711 — CVSS 7.5 (high): Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote…
CVE-1999-0537 — CVSS 7.5 (high): A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java…
CVE-2000-1187 — CVSS 7.5 (high): Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password…
CVE-2002-0593 — CVSS 7.5 (high): Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly…
CVE-2001-0596 — CVSS 7.5 (high): Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the…
CVE-1999-1189 — CVSS 7.5 (high): Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service…
CVE-1999-0174 — CVSS 6.4 (medium): The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.
CVE-1999-0425 — CVSS 6.4 (medium): talkback in Netscape 4.5 allows a local user to kill an arbitrary process of another user whose Netscape crashes.
CVE-2002-2284 — CVSS 6.4 (medium): Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that…
CVE-1999-1262 — CVSS 5.1 (medium): Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded…
CVE-2002-2338 — CVSS 5.0 (medium): The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of…
CVE-1999-0809 — CVSS 5.0 (medium): Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only…
CVE-2000-0034 — CVSS 5.0 (medium): Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember…
CVE-2000-0087 — CVSS 5.0 (medium): Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for…
CVE-2000-0517 — CVSS 5.0 (medium): Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the…
CVE-2000-0655 — CVSS 5.0 (medium): Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image…
CVE-2000-0676 — CVSS 5.0 (medium): Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a…
CVE-2002-1204 — CVSS 5.0 (medium): Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as…
CVE-2002-2013 — CVSS 5.0 (medium): Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a…
CVE-2002-2308 — CVSS 5.0 (medium): Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive…
CVE-1999-0892 — CVSS 4.6 (medium): Buffer overflow in Netscape Communicator before 4.7 via a dynamic font whose length field is less than the size of the font.
CVE-2002-1766 — CVSS 4.6 (medium): Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with…
CVE-2000-0409 — CVSS 3.7 (low): Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user…
CVE-1999-0762 — CVSS 2.6 (low): When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access…
CVE-2000-0406 — CVSS 2.6 (low): Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to…
CVE-1999-1226 — CVSS 2.6 (low): Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a…
CVE-1999-0031 — CVSS 2.6 (low): JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka…
CVE-1999-0424 — CVSS 2.1 (low): talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose Netscape crashes.
CVE-2001-0921 — CVSS 2.1 (low): Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the…