GCVE - cpe:2.3:a:netscape:navigator:7.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:netscape:navigator:7.0:*:*:*:*:*:*:*

part: a version: 7.0 update: *

Vendor	Netscape (`2c519990-8f9a-5ac3-8d7c-5897cb1e036f`)
Product	Navigator (`efb10eff-54e8-5e07-9356-fc90d0b61b28`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2004-1160`	vulnerable	2026-06-03 14:26:38.695581	Details available Netscape 7.x to 7.2, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability. Published: 2004-12-10T05:00:00.000Z Updated: 2024-08-08T00:39:01.047Z Open on db.gcve.eu Reference links http://secunia.com/multiple_browsers_window_injection_vulnerability_test/ http://www.securityfocus.com/bid/11852 http://secunia.com/secunia_research/2004-13/advisory/ http://secunia.com/advisories/13402/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0905`	vulnerable	2026-06-03 14:26:37.430799	Details available Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. Published: 2004-09-24T04:00:00.000Z Updated: 2024-08-08T00:31:47.854Z Open on db.gcve.eu Reference links http://www.kb.cert.org/vuls/id/651928 http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://bugzilla.mozilla.org/show_bug.cgi?id=250862 http://marc.info/?l=bugtraq&m=109900315219363&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10378	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0904`	vulnerable	2026-06-03 14:26:37.423624	Details available Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows. Published: 2004-09-24T04:00:00.000Z Updated: 2024-08-08T00:31:47.831Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/17381 http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://bugzilla.mozilla.org/show_bug.cgi?id=255067 http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.3	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2004-0722`	vulnerable	2026-06-03 14:26:36.655215	Details available Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code. Published: 2004-08-03T04:00:00.000Z Updated: 2024-08-08T00:24:27.239Z Open on db.gcve.eu Reference links ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.redhat.com/support/errata/RHSA-2004-421.html http://bugzilla.mozilla.org/show_bug.cgi?id=236618 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9378	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-1419`	vulnerable	2026-06-03 14:26:33.200395	Details available Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. Published: 2007-10-20T10:00:00.000Z Updated: 2024-08-08T02:28:03.600Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2003-02/0338.html http://www.securityfocus.com/bid/6959 https://exchange.xforce.ibmcloud.com/vulnerabilities/11444	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-1265`	vulnerable	2026-06-03 14:26:27.779665	Details available Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. Published: 2005-11-16T07:37:00.000Z Updated: 2024-08-08T02:19:46.060Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/bugtraq/2002-12/0277.html http://www.securitytracker.com/id?1005871 http://www.securityfocus.com/bid/6499 http://www.iss.net/security_center/static/10963.php	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1308`	vulnerable	2026-06-03 14:26:16.311925	Details available Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code via a jar: URL that references a malformed .jar file, which overflows a buffer during decompression. Published: 2004-09-01T04:00:00.000Z Updated: 2024-08-08T03:19:28.634Z Open on db.gcve.eu Reference links http://marc.info/?l=bugtraq&m=103730181813075&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/10636 http://www.securityfocus.com/bid/6185 http://bugzilla.mozilla.org/show_bug.cgi?id=157646 http://www.redhat.com/support/errata/RHSA-2003-163.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.