1. Home
  2. CVE Database
  3. CVE-1999-1357
HIGH · 7.5

CVE-1999-1357

Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allo...

Vulnerability Description

Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
NetscapeCommunicator<= 4.7

References

FAQ

What is CVE-1999-1357?

CVE-1999-1357 is a vulnerability with a CVSS score of 7.5 (HIGH). Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allo...

How severe is CVE-1999-1357?

CVE-1999-1357 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-1999-1357?

Check the references section above for vendor advisories and patch information. Affected products include: Netscape Communicator.