A remote attacker can read information from a Netscape user's cache via JavaScript.
netscape communicator 4.0