header-logo
Suggest Exploit
vendor:
Netscape Browser
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Netscape Browser
Affected Version From: Netscape 4.7x
Affected Version To: Netscape 4.7x
Patch Exists: YES
Related CWE: CVE-2002-0395
CPE: a:netscape:netscape_browser
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2002

Netscape Composer Buffer Overflow Vulnerability

A buffer overflow has been reported in the Composer function of Netscape. When an HTML page with a Font Face field of arbitrary length is edited using Netscape Composer, a memory corruption bug may occur that could allow the overwriting of process memory, and execution of attacker supplied code.

Mitigation:

Upgrade to the latest version of Netscape.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5010/info

Netscape is a freely available web browser distributed by Netscape Communications, and available for various platforms. This vulnerability is known to affect those installations on the Linux platform.

A buffer overflow has been reported in the Composer function of Netscape. When an HTML page with a Font Face field of arbitrary length is edited using Netscape Composer, a memory corruption bug may occur that could allow the overwriting of process memory, and execution of attacker supplied code. 

<html>
<body>

<font face="X">Hola!</font>

</body>
</html>

where X is indicative of 191 or more characters.

Navigation

Suggest Exploit

Services By CQR