Vulnerabilities (CVE)

Filtered by vendor Sun Subscribe
Filtered by product Solaris
Total 545 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-0870 1 Sun 2 Opensolaris, Solaris 2023-12-10 4.7 MEDIUM N/A
The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function.
CVE-2008-5133 1 Sun 2 Opensolaris, Solaris 2023-12-10 5.8 MEDIUM N/A
ipnat in IP Filter in Sun Solaris 10 and OpenSolaris before snv_96, when running on a DNS server with Network Address Translation (NAT) configured, improperly changes the source port of a packet when the destination port is the DNS port, which allows remote attackers to bypass an intended CVE-2008-1447 protection mechanism and spoof the responses to DNS queries sent by named.
CVE-2009-3468 1 Sun 1 Solaris 2023-12-10 6.9 MEDIUM N/A
Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory Access Control (MAC) policy via unknown vectors, related to a menu typo and the Style Manager.
CVE-2009-3867 2 Microsoft, Sun 6 Windows, Java Se, Jdk and 3 more 2023-12-10 9.3 HIGH N/A
Stack-based buffer overflow in the HsbParser.getSoundBank function in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a long file: URL in an argument, aka Bug Id 6854303.
CVE-2009-0168 1 Sun 2 Opensolaris, Solaris 2023-12-10 4.9 MEDIUM N/A
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files.
CVE-2008-3666 1 Sun 3 Opensolaris, Solaris, Sunos 2023-12-10 7.1 HIGH N/A
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creation of a crafted file and use of the sendfilev system call, as demonstrated by a file served by an Apache 2.2.x web server with EnableSendFile configured; and (2) local users to cause a denial of service (panic) via a call to the sendfile system call, as reachable through the sendfilev library.
CVE-2009-0872 1 Sun 2 Opensolaris, Solaris 2023-12-10 6.8 MEDIUM N/A
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes.
CVE-2009-0132 1 Sun 2 Opensolaris, Solaris 2023-12-10 4.9 MEDIUM N/A
Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument).
CVE-2008-2706 1 Sun 1 Solaris 2023-12-10 4.9 MEDIUM N/A
Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to cause a denial of service (panic) by submitting and retrieving user-defined events, probably related to a NULL dereference.
CVE-2008-1317 1 Sun 1 Solaris 2023-12-10 4.9 MEDIUM N/A
Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun Solaris 10 allows local users to cause a denial of service (reboot) via blocked I/O message queues.
CVE-2009-2972 1 Sun 1 Solaris 2023-12-10 7.8 HIGH N/A
in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb."
CVE-2009-0601 6 Apple, Freebsd, Linux and 3 more 6 Mac Os X, Freebsd, Linux and 3 more 2023-12-10 2.1 LOW N/A
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
CVE-2009-2952 1 Sun 2 Opensolaris, Solaris 2023-12-10 4.9 MEDIUM N/A
Unspecified vulnerability in the pollwakeup function in Sun Solaris 10, and OpenSolaris before snv_51, allows local users to cause a denial of service (panic) via unknown vectors.
CVE-2008-5111 1 Sun 2 Opensolaris, Solaris 2023-12-10 4.7 MEDIUM N/A
Unspecified vulnerability in the socket function in Sun Solaris 10 and OpenSolaris snv_57 through snv_91, when InfiniBand hardware is not installed, allows local users to cause a denial of service (panic) via unknown vectors, related to the socksdpv_close function.
CVE-2009-3871 2 Microsoft, Sun 6 Windows, Java Se, Jdk and 3 more 2023-12-10 9.3 HIGH N/A
Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358.
CVE-2009-0480 1 Sun 2 Opensolaris, Solaris 2023-12-10 4.9 MEDIUM N/A
The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets.
CVE-2009-3692 3 Apple, Linux, Sun 5 Mac Os X, Linux, Opensolaris and 2 more 2023-12-10 7.2 HIGH N/A
Unspecified vulnerability in the VBoxNetAdpCtl configuration tool in Sun VirtualBox 3.0.x before 3.0.8 on Solaris x86, Linux, and Mac OS X allows local users to gain privileges via unknown vectors.
CVE-2008-3839 1 Sun 2 Opensolaris, Solaris 2023-12-10 4.7 MEDIUM N/A
Unspecified vulnerability in the NFS module in the kernel in Sun Solaris 10 and OpenSolaris snv_59 through snv_87, when configured as an NFS server without the nodevices option, allows local users to cause a denial of service (panic) via unspecified vectors.
CVE-2009-2136 1 Sun 2 Opensolaris, Solaris 2023-12-10 7.8 HIGH N/A
Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames.
CVE-2009-4075 1 Sun 2 Opensolaris, Solaris 2023-12-10 5.0 MEDIUM N/A
Unspecified vulnerability in the timeout mechanism in sshd in Sun Solaris 10, and OpenSolaris snv_99 through snv_123, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors that trigger a "dangling sshd authentication thread."