Netscape Vulnerabilidad

Cronología

Escribe

Producto

Netscape Enterprise Server28
Netscape Communicator28
Netscape Navigator26
Netscape Browser15
Netscape Directory Server6

Contramedidas

Official Fix82
Temporary Fix0
Workaround10
Unavailable8
Not Defined32

Explotabilidad

High2
Functional1
Proof-of-Concept33
Unproven3
Not Defined93

Vector de acceso

Not Defined0
Physical0
Local23
Adjacent0
Network109

Autenticación

Not Defined0
High0
Low19
None113

La interacción del usuario

Not Defined0
Required5
None127

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤417
≤53
≤655
≤710
≤833
≤94
≤1010

CVSSv3 Temp

≤10
≤20
≤30
≤417
≤515
≤648
≤729
≤812
≤93
≤108

VulDB

≤10
≤20
≤30
≤417
≤54
≤654
≤710
≤833
≤94
≤1010

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤71
≤80
≤91
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Proveedor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Explotar día 0

<1k1
<2k62
<5k56
<10k1
<25k6
<50k5
<100k1
≥100k0

Explotar hoy

<1k132
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Explotar el volumen del mercado

🔴 CTI Ocupaciones

Affected Products (27): Browser (15), Certificate Management System (1), Certificate Server (1), Collabra Server (2), Communicator (28), Directory Server (6), Enterprise (1), Enterprise Administration Server (1), Enterprise Server (28), Enterprise Web Server (1), FastTrack (1), Fasttrack Server (1), Javascript (1), Messaging Server (3), Messanger (1), Navigator (26), Network Security Services Library (1), Portable Runtime (2), Professional Services FTP Server (1), PublishingXpert (1), Server (1), SmartDownload (1), Web Publishing (3), iPlanet Enterprise Server (1), iPlanet Web Server (1), iPlanet iCal (4), navigator (1)

Link to Vendor Website: https://www.netscape.com/

Fecha de publicaciónBaseTempVulnerabilidadProdExpConCTIEPSSCVE
2019-01-315.25.2Netscape Enterprise SnoopServlet Reflected cross site scriptingDesconocidoNot DefinedUnavailable0.000.00301CVE-2018-18940
2016-08-078.68.2Netscape Portable Runtime prprf.c PR_*printf desbordamiento de búferDesconocidoNot DefinedOfficial Fix0.020.02548CVE-2016-1951
2014-06-1010.08.7Netscape Portable Runtime desbordamiento de búferDesconocidoUnprovenOfficial Fix0.000.06978CVE-2014-1545
2009-07-205.35.3Netscape Navigator denegación de servicioWeb BrowserHighUnavailable0.020.03008CVE-2009-2542
2008-07-077.36.4Netscape Certificate Management System escalada de privilegiosDesconocidoUnprovenOfficial Fix0.000.00912CVE-2008-1676
2007-07-257.37.3Netscape Navigator Telnet escalada de privilegiosWeb BrowserNot DefinedNot Defined0.000.01159CVE-2007-4042
2007-07-209.89.8Netscape navigator Protocol netscape.exe escalada de privilegiosWeb BrowserNot DefinedNot Defined0.030.00167CVE-2007-3924
2007-03-095.34.8Netscape Navigator acropdf.dll denegación de servicioWeb BrowserProof-of-ConceptUnavailable0.000.00750CVE-2007-1377
2006-06-066.56.2Netscape Browser Javascript OnKeyPress escalada de privilegiosDesconocidoProof-of-ConceptOfficial Fix0.040.06337CVE-2006-2894
2006-05-255.35.1Netscape Navigator Installation divulgación de informaciónWeb BrowserNot DefinedOfficial Fix0.000.00723CVE-2006-2613
2005-10-185.35.0Netscape Javascript Link Tag denegación de servicioProgramming Language SoftwareProof-of-ConceptNot Defined0.000.00000
2005-09-085.65.1Netscape Browser Host URL BuildNormalizedSpec desbordamiento de búferDesconocidoProof-of-ConceptOfficial Fix0.020.96417CVE-2005-2871
2005-05-237.36.6Netscape Browser InstallTrigger.install Remote Code ExecutionDesconocidoProof-of-ConceptOfficial Fix0.000.95237CVE-2005-1476
2005-05-236.35.7Netscape Browser IFRAME Javascript URL cross site scriptingDesconocidoProof-of-ConceptOfficial Fix0.000.95237CVE-2005-1476
2005-04-267.36.6Netscape Browser Netscape Extension desbordamiento de búferDesconocidoProof-of-ConceptOfficial Fix0.020.94084CVE-2005-0399
2005-04-196.35.7Netscape Browser Search Plugin escalada de privilegiosDesconocidoProof-of-ConceptOfficial Fix0.000.00937CVE-2005-1156
2005-04-045.65.3Netscape Browser Javascript Lambda Symbol desbordamiento de búferDesconocidoProof-of-ConceptOfficial Fix0.000.92371CVE-2005-0989
2005-02-095.35.0Netscape Browser URI desbordamiento de búferDesconocidoProof-of-ConceptOfficial Fix0.020.00539CVE-2005-0232
2005-02-097.36.9Netscape Browser URI Drag / Drop desbordamiento de búferDesconocidoProof-of-ConceptOfficial Fix0.020.00494CVE-2005-0231
2005-02-096.56.2Netscape Browser Drag / Drop HTTP Content-Disposition escalada de privilegiosDesconocidoProof-of-ConceptOfficial Fix0.020.57496CVE-2005-0230
2005-02-065.04.7Netscape Browser IDN International Domain Name Privilege EscalationDesconocidoProof-of-ConceptOfficial Fix0.000.00000
2005-01-117.37.0Netscape Directory Server LDAP desbordamiento de búferDirectory Service SoftwareNot DefinedOfficial Fix0.020.10974CVE-2004-1236
2005-01-107.37.0Netscape Navigator autenticación débilWeb BrowserNot DefinedOfficial Fix0.000.01387CVE-2004-1160
2004-10-203.73.5Netscape Browser Tabs Browsing Dialogbox autenticación débilDesconocidoProof-of-ConceptOfficial Fix0.000.00190CVE-2004-1380
2004-08-237.36.6Netscape Network Security Services Library SSL2 Hello Message desbordamiento de búferSoftware LibraryProof-of-ConceptOfficial Fix0.020.01804CVE-2004-0826

107 no se muestran más entradas

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!