Vulnerability Name:

CCN-2192

Published:1999-05-16
Updated:1999-05-16
Summary:A vulnerability in Netscape Navigator and Communicator could allow JavaScript to be executed from within the bookmarks file. Netscape allows scripts to be placed in the title of a Web page. Saving such a Web page in the bookmarks file executes the script each time the bookmark is opened. The script executes with the extended permissions of a local file.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Consequences:Bypass Security
References:Source: CCN
Type: BugTraq Mailing List, Sun, 16 May 1999 17:17:34 +0300
Netscape Communicator bookmarks security vulnerability</A><BR><BR>Source: CCN<BR>Type: Georgi Guninski Vulnerability Demonstration<BR><A TARGET="CVEREF" HREF="http://www.guninski.com/book2.html">Bookmarks code in TITLE vulnerabilities ver. 4.6, 4.51 (probably all 4.x)</A><BR><BR>Source: CCN<BR>Type: CNet News.com<BR><A TARGET="CVEREF" HREF="http://www.news.com/News/Item/0,4,37842,00.html">AOL, Microsoft move to squash bugs</A><BR><BR>Source: CCN<BR>Type: BID-260<BR><A TARGET="CVEREF" HREF="http://www.securityfocus.com/bid/260">Netscape Communicator Javascript Bookmark Vulnerability</A><BR><BR>Source: CCN<BR>Type: BID-272<BR><A TARGET="CVEREF" HREF="http://www.securityfocus.com/bid/272">Netscape Communicator Javascript TITLE Vulnerability</A><BR><BR>Source: XF<BR>Type: UNKNOWN<BR><A TARGET="CVEREF" HREF="https://exchange.xforce.ibmcloud.com/vulnerabilities/2192">netscape-bookmarks(2192)</A><BR><BR></TD></TR><TR><TD CLASS="cvebg" WIDTH="25%" VALIGN="TOP"><B>Vulnerable Configuration:</B></TD CLASS="cvenobg"><TD CLASS="cvenobg" VALIGN="TOP" WIDTH="500" STYLE="margin-top: 0px;"><B><I><U>Configuration CCN 1</U>:</I></B><BR><LI CLASS="confleaf1 vulnerable"><A CLASS="vulnerable" HREF="/cgi-bin/skdb.pl/PVID/64889.html">cpe:/a:netscape:communicator:4.5:*:*:*:*:*:*:*</A></LI><LI CLASS="confleaf2 vulnerable">OR <A CLASS="vulnerable" HREF="/cgi-bin/skdb.pl/PVID/64884.html">cpe:/a:netscape:communicator:4.05:*:*:*:*:*:*:*</A></LI><LI CLASS="confleaf2 vulnerable">OR <A CLASS="vulnerable" HREF="/cgi-bin/skdb.pl/PVID/96826.html">cpe:/a:netscape:navigator:*:*:*:*:*:*:*:*</A></LI><BR><IMG SRC="/images/star.png" ALT="*"> Denotes that component is vulnerable</TD></TR> <TR><TD COLSPAN="2" ALIGN="CENTER"><A HREF="javascript:history.go(-1)">BACK</A></TD></TR> </table></center> <div itemscope itemtype="http://schema.org/Product" style="display:none"><span itemprop="brand">netscape</span> <span itemprop="name">communicator 4.5</span></div><div itemscope itemtype="http://schema.org/Product" style="display:none"><span itemprop="brand">netscape</span> <span itemprop="name">communicator 4.05</span></div><div itemscope itemtype="http://schema.org/Product" style="display:none"><span itemprop="brand">netscape</span> <span itemprop="name">navigator *</span></div> </body> </html>