CVE-2002-2248
Netscape Communicator - Buffer Overflow via WDefaultFontCharset Constructor
Title source: llmDescription
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/10706
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103834439321292&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6256
Scores
EPSS
0.0579
EPSS Percentile
92.3%
Details
CWE
CWE-119
Status
published
Products (14)
netscape/communicator
4.0
netscape/communicator
4.5
netscape/communicator
4.6
netscape/communicator
4.7
netscape/communicator
4.51
netscape/communicator
4.61
netscape/communicator
4.72
netscape/communicator
4.73
netscape/communicator
4.74
netscape/communicator
4.75
... and 4 more
Published
Dec 31, 2002
Tracked Since
Feb 18, 2026