Total
545 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-0925 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6425723. | |||||
CVE-2008-2418 | 1 Sun | 1 Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | |||||
CVE-2008-2538 | 1 Sun | 1 Solaris | 2023-12-10 | 6.9 MEDIUM | N/A |
Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors. | |||||
CVE-2009-3706 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.4 MEDIUM | N/A |
Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call. | |||||
CVE-2009-0857 | 1 Sun | 2 Management Center, Solaris | 2023-12-10 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console. | |||||
CVE-2008-4160 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) implementation. | |||||
CVE-2009-3164 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 7.1 HIGH | N/A |
Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. NOTE: this issue exists because of an incomplete fix for CVE-2009-2136. | |||||
CVE-2009-0167 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability." | |||||
CVE-2009-2652 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris 10, and OpenSolaris snv_37 through snv_120, allows remote attackers to cause a denial of service (panic) via vectors involving the parsing of labeled packets. | |||||
CVE-2009-0346 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection. | |||||
CVE-2008-5661 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 5.4 MEDIUM | N/A |
The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference. | |||||
CVE-2009-3390 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 7.2 HIGH | N/A |
Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library. | |||||
CVE-2009-0268 | 1 Sun | 2 Opensolaris, Solaris | 2023-12-10 | 4.9 MEDIUM | N/A |
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl. | |||||
CVE-2008-1480 | 1 Sun | 2 Solaris, Sunos | 2023-12-10 | 4.3 MEDIUM | N/A |
rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request. | |||||
CVE-2009-2314 | 1 Sun | 2 Lightweight Availability Collection Tool, Solaris | 2023-12-10 | 2.1 LOW | N/A |
Race condition in the Sun Lightweight Availability Collection Tool 3.0 on Solaris 7 through 10 allows local users to overwrite arbitrary files via unspecified vectors. | |||||
CVE-2009-2856 | 1 Sun | 2 Solaris, Virtual Desktop Infrastructure | 2023-12-10 | 3.5 LOW | N/A |
Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow remote attackers to read cleartext VDI configuration-data requests by sniffing LDAP sessions on the network. | |||||
CVE-2008-3426 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2023-12-10 | 2.1 LOW | N/A |
Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpicl, and prtfru. | |||||
CVE-2008-2674 | 4 Fujitsu, Microsoft, Redhat and 1 more | 11 Interstage Application Server Enterprise, Interstage Application Server Plus, Interstage Application Server Plus Developer and 8 more | 2023-12-10 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors. | |||||
CVE-2008-1780 | 1 Sun | 1 Solaris | 2023-12-10 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors. | |||||
CVE-2009-3868 | 2 Microsoft, Sun | 6 Windows, Java Se, Jdk and 3 more | 2023-12-10 | 9.3 HIGH | N/A |
Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970. |