Unrated severityNVD Advisory· Published Nov 29, 2002· Updated Apr 16, 2026
CVE-2002-1204
CVE-2002-1204
Description
Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including potentially sensitive information such as URL history, e-mail address, and possibly the e-mail password, by redefining the user_pref() function and accessing the prefs.js file, which is stored in a directory with a predictable name.
Affected products
10cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:netscape:communicator:4.6:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.61:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.72:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.73:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.74:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.75:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.76:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.77:*:*:*:*:*:*:*
- cpe:2.3:a:netscape:communicator:4.78:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.