Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.

Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.

Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities.

JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability.

ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.

The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack.

List of arbitrary files on Web host via nph-test-cgi script.

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet.

The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.