Buffer overflow in Netscape Communicator

CVE-2002-2248

Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invo…

Vulnerability class: Buffer Overflow

EPSS: 0.058 (92.1th percentile) — read the EPSS interpretation.

Affected products

Netscape Communicator — versions 4.0, 4.5, 4.6
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (vdb-entry, x_refsource_BID)