CVE-2001-0921 - Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain password

CVE-2001-0921

Summary

Netscape 4.79 and earlier for MacOS allows an attacker with access to the browser to obtain passwords from form fields by printing the document into which the password has been typed, which is printed in cleartext.

References

http://marc.info/?l=bugtraq&m=100638816318705&w=2
http://www.osvdb.org/5524
http://www.securityfocus.com/bid/3565
https://exchange.xforce.ibmcloud.com/vulnerabilities/7593

Vulnerable Configurations

cpe:2.3:a:netscape:communicator:*:*:macos:*:*:*:*:*
cpe:2.3:a:netscape:communicator:*:*:macos:*:*:*:*:*

CVSS

Base:	2.1 (as of 10-10-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	3565
bugtraq	20011121 Mac Netscape password fields
osvdb	5524
xf	macos-netscape-print-passwords(7593)

Last major update

10-10-2017 - 01:29

Published

21-11-2001 - 05:00

Last modified

10-10-2017 - 01:29