CVE Vulnerabilities

CVE-2002-1204

Published: Nov 29, 2002 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Netscape Communicator 4.x allows attackers to use a link to steal a users preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.

Affected Software

Name Vendor Start Version End Version
Communicator Netscape 4.76 4.76
Communicator Netscape 4.77 4.77
Communicator Netscape 4.61 4.61
Communicator Netscape 4.73 4.73
Communicator Netscape 4.7 4.7
Communicator Netscape 4.78 4.78
Communicator Netscape 4.74 4.74
Communicator Netscape 4.6 4.6
Communicator Netscape 4.72 4.72
Communicator Netscape 4.75 4.75

References