GCVE - cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*

part: a version: 4.73 update: *

Vendor	Netscape (`2c519990-8f9a-5ac3-8d7c-5897cb1e036f`)
Product	Communicator (`e01f7476-f3f2-5a6c-846e-5300ccb4c0f0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2002-2338`	vulnerable	2026-06-03 14:26:23.823514	Details available The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. Published: 2007-10-29T19:00:00.000Z Updated: 2024-09-16T20:06:54.208Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/276946 http://online.securityfocus.com/archive/1/276628 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:074 http://bugzilla.mozilla.org/show_bug.cgi?id=144228 http://www.securityfocus.com/bid/5002	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2284`	vulnerable	2026-06-03 14:26:23.700288	Details available Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes. Published: 2007-10-18T10:00:00.000Z Updated: 2024-08-08T03:59:11.410Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/6223 http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/10714 http://marc.info/?l=bugtraq&m=103798147613151&w=2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2248`	vulnerable	2026-06-03 14:26:23.567908	Details available Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. Published: 2007-10-14T20:00:00.000Z Updated: 2024-08-08T03:59:11.425Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/10706 http://marc.info/?l=bugtraq&m=103834439321292&w=2 http://www.securityfocus.com/bid/6256	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-2013`	vulnerable	2026-06-03 14:26:22.926500	Details available Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. Published: 2005-07-14T04:00:00.000Z Updated: 2024-09-16T20:12:45.799Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/3925 http://archives.neohapsis.com/archives/bugtraq/2002-01/0270.html http://www.iss.net/security_center/static/7973.php http://alive.znep.com/~marcs/security/mozillacookie/demo.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1204`	vulnerable	2026-06-03 14:26:16.109231	Details available Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name. Published: 2002-11-21T05:00:00.000Z Updated: 2024-08-08T03:19:28.578Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0081.html http://www.idefense.com/advisory/11.19.02c.txt http://www.iss.net/security_center/static/10655.php http://www.securityfocus.com/bid/6215	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0711`	vulnerable	2026-06-03 14:25:59.761955	Details available Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:28:40.763Z Open on db.gcve.eu Reference links http://www.securityfocus.com/templates/archive.pike?list=1&msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp http://www.securityfocus.com/bid/1545 http://www.cert.org/advisories/CA-2000-15.html http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000805020429.11774.qmail%40securityfocus.com	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0676`	vulnerable	2026-06-03 14:25:59.673630	Details available Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:28:40.745Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2000-08/0019.html http://www.securityfocus.com/bid/1546 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc http://archives.neohapsis.com/archives/bugtraq/2000-08/0115.html http://www.novell.com/linux/security/advisories/suse_security_announce_60.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0655`	vulnerable	2026-06-03 14:25:59.623498	Details available Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:28:40.601Z Open on db.gcve.eu Reference links http://www.redhat.com/support/errata/RHSA-2000-046.html http://www.securityfocus.com/bid/1503 http://www.turbolinux.com/pipermail/tl-security-announce/2000-August/000016.html ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:39.netscape.asc http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26msg%3D200007242356.DAA01274%40false.com	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0517`	vulnerable	2026-06-03 14:25:59.289643	Details available Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:21:30.563Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/4550 http://www.securityfocus.com/bid/1260 http://www.cert.org/advisories/CA-2000-08.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0409`	vulnerable	2026-06-03 14:25:43.047807	Details available Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. Published: 2000-07-12T04:00:00.000Z Updated: 2024-08-08T05:14:21.541Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/1201 http://archives.neohapsis.com/archives/bugtraq/2000-05/0126.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.