Arbitrary Javascript Execution via GIF Image Comment in Netscape Communicator

AV:N/AC:L/AU:N/C:P/I:P/A:P

Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.