CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
72.1%
Netscape Communicator 4.x allows attackers to use a link to steal a user’s preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
Vendor | Product | Version | CPE |
---|---|---|---|
netscape | communicator | 4.6 | cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:* |
netscape | communicator | 4.7 | cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:* |
netscape | communicator | 4.61 | cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:* |
netscape | communicator | 4.72 | cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:* |
netscape | communicator | 4.73 | cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:* |
netscape | communicator | 4.74 | cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:* |
netscape | communicator | 4.75 | cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:* |
netscape | communicator | 4.76 | cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:* |
netscape | communicator | 4.77 | cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:* |
netscape | communicator | 4.78 | cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:* |