Netscape Communicator 4.x allows malicious users to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netscape communicator 4.72 |
||
netscape communicator 4.73 |
||
netscape communicator 4.74 |
||
netscape communicator 4.75 |
||
netscape communicator 4.61 |
||
netscape communicator 4.77 |
||
netscape communicator 4.6 |
||
netscape communicator 4.7 |
||
netscape communicator 4.76 |
||
netscape communicator 4.78 |