Vulnerabilities (CVE)

Filtered by vendor Netscape Subscribe
Filtered by product Navigator
Total 44 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-1160 1 Netscape 1 Navigator 2025-04-03 7.5 HIGH N/A
Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
CVE-2003-1492 2 Mozilla, Netscape 2 Firefox, Navigator 2025-04-03 5.0 MEDIUM N/A
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end.
CVE-2002-2338 2 Mozilla, Netscape 3 Mozilla, Communicator, Navigator 2025-04-03 5.0 MEDIUM N/A
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
CVE-2005-4134 3 K-meleon Project, Mozilla, Netscape 4 K-meleon, Firefox, Mozilla Suite and 1 more 2025-04-03 5.0 MEDIUM N/A
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.