GCVE - cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*

part: a version: 4.7 update: *

Vendor	Netscape (`2c519990-8f9a-5ac3-8d7c-5897cb1e036f`)
Product	Communicator (`e01f7476-f3f2-5a6c-846e-5300ccb4c0f0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2002-2338`	vulnerable	2026-06-03 14:26:23.823426	Details available The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. Published: 2007-10-29T19:00:00.000Z Updated: 2024-09-16T20:06:54.208Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/276946 http://online.securityfocus.com/archive/1/276628 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074 http://bugzilla.mozilla.org/show_bug.cgi?id=144228 http://www.securityfocus.com/bid/5002	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2284`	vulnerable	2026-06-03 14:26:23.700215	Details available Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes. Published: 2007-10-18T10:00:00.000Z Updated: 2024-08-08T03:59:11.410Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/6223 http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/10714 http://marc.info/?l=bugtraq&m=103798147613151&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2248`	vulnerable	2026-06-03 14:26:23.567838	Details available Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. Published: 2007-10-14T20:00:00.000Z Updated: 2024-08-08T03:59:11.425Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/10706 http://marc.info/?l=bugtraq&m=103834439321292&w=2 http://www.securityfocus.com/bid/6256	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2013`	vulnerable	2026-06-03 14:26:22.923294	Details available Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. Published: 2005-07-14T04:00:00.000Z Updated: 2024-09-16T20:12:45.799Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/3925 http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html http://www.iss.net/security_center/static/7973.php http://alive.znep.com/~marcs/security/mozillacookie/demo.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1204`	vulnerable	2026-06-03 14:26:16.107713	Details available Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name. Published: 2002-11-21T05:00:00.000Z Updated: 2024-08-08T03:19:28.578Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html http://www.idefense.com/advisory/11.19.02c.txt http://www.iss.net/security_center/static/10655.php http://www.securityfocus.com/bid/6215	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0711`	vulnerable	2026-06-03 14:25:59.761872	Details available Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:28:40.763Z Open on db.gcve.eu Reference links http://www.securityfocus.com/templates/archive.pike?list=1&msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp http://www.securityfocus.com/bid/1545 http://www.cert.org/advisories/CA-2000-15.html http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000805020429.11774.qmail%40securityfocus.com	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0655`	vulnerable	2026-06-03 14:25:59.622693	Details available Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:28:40.601Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2000-046.html http://www.securityfocus.com/bid/1503 http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0517`	vulnerable	2026-06-03 14:25:59.287678	Details available Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:21:30.563Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/4550 http://www.securityfocus.com/bid/1260 http://www.cert.org/advisories/CA-2000-08.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0409`	vulnerable	2026-06-03 14:25:43.047746	Details available Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. Published: 2000-07-12T04:00:00.000Z Updated: 2024-08-08T05:14:21.541Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/1201 http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0406`	vulnerable	2026-06-03 14:25:43.046776	Details available Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability. Published: 2000-07-12T04:00:00.000Z Updated: 2024-08-08T05:14:21.543Z Open on db.gcve.eu Reference links http://www.acrossecurity.com/aspr/ASPR-2000-04-06-1-PUB.txt http://www.redhat.com/support/errata/RHSA-2000-028.html http://www.cert.org/advisories/CA-2000-05.html http://www.securityfocus.com/bid/1188	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0087`	vulnerable	2026-06-03 14:25:42.610356	Details available Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext. Published: 2002-06-25T04:00:00.000Z Updated: 2024-08-08T05:05:53.921Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=94790377622943&w=2 http://www.iss.net/security_center/static/4385.php	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0034`	vulnerable	2026-06-03 14:25:42.540499	Details available Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." Published: 2000-07-12T04:00:00.000Z Updated: 2024-08-08T05:05:53.741Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0034	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-1189`	vulnerable	2026-06-03 14:25:42.044584	Details available Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file. Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-01T17:02:53.765Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/822 https://exchange.xforce.ibmcloud.com/vulnerabilities/7884 http://www.securityfocus.com/archive/1/36608 http://www.securityfocus.com/archive/1/36306	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-1999-1002`	vulnerable	2026-06-03 14:25:41.820198	Details available Netscape Navigator uses weak encryption for storing a user's Netscape mail password. Published: 2000-02-04T05:00:00.000Z Updated: 2024-08-01T16:55:29.351Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=94570673523998&w=2 http://www.rstcorp.com/news/bad-crypto.html http://marc.info/?l=bugtraq&m=94536309217214&w=2	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.