Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-1999-1357


Vulnerability Score 7.5 7.5
CVE Id CVE-1999-1357
Last Modified 05 Sep 2008 04:19:19
Published 05 Oct 1999 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Netscape Communicator 4.04 through 4.7 (and possibly other versions) in various UNIX operating systems converts the 0x8b character to a "<" sign, and the 0x9b character to a ">" sign, which could allow remote attackers to attack other clients via cross-site scripting (CSS) in CGI programs that do not filter these characters.

Vulnerable Systems


  • Netscape Communicator 4.04

  • Netscape Communicator 4.51

  • Netscape Communicator 4.7


BUGTRAQ - 19991005 Time to update those CGIs again

Last Updated: 27 May 2016 10:35:23