Searching netscape software vulnerabilities

A configuration in a web browser such as Intern

configuration | Javascript | Navigator | execution | Netscape | Explorer | Internet | content | ActiveX | browser | allows | active | Java | such | etc | web |

A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc.


Default configuration of the search engine in N

configuration | Enterprise | Netscape | Default | Server | search | engine |

Default configuration of the search engine in Netscape Enterprise Server 3.5.1, and possibly other versions, allows remote attackers to read the source of JHTML files by specifying a search command using the HTML-tocrec-demo1.pat pattern file.


Netscape Messaging Server 3.54, 3.55, and 3.6 a

Messaging | Netscape | Server |

Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands.


Netscape (iPlanet) Certificate Management Syste

Netscape |

Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.


The Web Publishing feature in Netscape Enterpri

directories | Enterprise | Publishing | arbitrary | attackers | Netscape | earlier | feature | command | allows | Server | remote | INDEX | under | list | root | Web | via |

The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.


The Web Publishing feature in Netscape Enterpri

Enterprise | Publishing | attackers | Netscape | service | feature | command | denial | REVLOG | allows | Server | remote | cause | Web | via |

The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command.


Buffer overflow in Netscape SmartDownload 1.3 a

SmartDownload | attackers | Netscape | overflow | remote | Buffer | allows |

Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers (malicious web pages) to execute arbitrary commands via a long URL.


Memory leak in Netscape Collabra Server 3.5.4 a

Netscape | Collabra | Server | Memory | leak |

Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238.


Netscape Collabra Server 3.5.4 and earlier allo

Collabra | Netscape | Server |

Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239.


The XMLHttpRequest object (XMLHTTP) in Netscape

XMLHttpRequest | object |

The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property.


Buffer overflow in Netscape 6 and Mozilla 1.0 R

attackers | Netscape | overflow | earlier | service | Mozilla | Buffer | denial | allows | remote | cause | RC1 |

Buffer overflow in Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long channel name in an IRC URI.


The Web Publishing feature in Netscape Enterpri

Publishing | Enterprise | attackers | Netscape | iPlanet | service | feature | Server | denial | allows | remote | cause | Web |

The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remote attackers to cause a denial of service (crash) via a wp-html-rend request.


Buffer overflow in Composer in Netscape 4.77 al

Composer | Netscape | overflow | Buffer |

Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and execute arbitrary code via a font tag with a long face attribute.


Mozilla 0.9.6 and earlier and Netscape 6.2 and

Mozilla |

Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.


Buffer overflow in the Client Detection Tool (C

Detection | overflow | Client | Buffer | Tool |

Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename.


Buffer overflows in (1) try_netscape_proxy and

overflows | Buffer |

Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.


Buffer overflow in the LDAP component for Netsc

component | Directory | Netscape | overflow | Server | Buffer | LDAP |

Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code.


Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, al

Firefox |

Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape) context menu on an image URL that is really a javascript: URL with an eval statement, aka "Firewalling."


Unspecified vulnerability in the BEA WebLogic S

vulnerability | Unspecified | Enterprise | September | Netscape | WebLogic | plug-in | Server | before | proxy | BEA |

Unspecified vulnerability in the BEA WebLogic Server proxy plug-in for Netscape Enterprise Server before September 2006 for Netscape Enterprise Server allow remote attackers to cause a denial of service via certain requests that trigger errors that lead to a server being marked as unavailable, hosting web server failure, or CPU consumption.


Argument injection vulnerability in Microsoft I

metacharacters | CVE-2007-3670 | vulnerability | cross-browser | navigatorurl | netscapeexe | registered | attackers | injection | installed | arbitrary | Microsoft | scripting | inserted | commands | Netscape | Explorer | invoking | Argument | Internet | -chrome | command | created | related | certain | conduct | systems | attacks | running | execute | allows | remote | shell | issue | which | URIs | into | line | via | URI |

Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in a -chrome argument to the navigatorurl URI, which are inserted into the command line that is created when invoking netscape.exe, a related issue to CVE-2007-3670. NOTE: there has been debate about whether the issue is in Internet Explorer or Netscape. As of Friday, July 13, 2007, it is CVE's opinion that IE appears to not properly delimit the URL argument when invoking Netscape; this issue could arise with other protocol handlers in IE.


Software vulnerabilities results 1 to 20 of 61     
Page: 1234