Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1062 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Unknown vulnerability in the sysinfo system call for Solaris for SPARC 2.6 through 9, and Solaris for x86 2.6, 7, and 8, allows local users to read kernel memory.
|
|||||
| CVE-1999-1425 | 1 Sun | 1 Solstice Adminsuite | 2025-04-03 | 6.2 MEDIUM | N/A |
|
Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd.
|
|||||
| CVE-2003-1521 | 1 Sun | 1 Java Plug-in | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
|
|||||
| CVE-2002-0797 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
|
|||||
| CVE-2002-1590 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and (4) SUNWmgapp packages, when installed using Solaris 8 Update 1/01 or later, install files with world or group write permissions, which allows local users to gain root privileges or cause a denial of service.
|
|||||
| CVE-2000-0030 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.
|
|||||
| CVE-2004-1029 | 5 Conectiva, Gentoo, Hp and 2 more | 8 Linux, Linux, Hp-ux and 5 more | 2025-04-03 | 9.3 HIGH | N/A |
|
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
|
|||||
| CVE-1999-0051 | 3 Globetrotter, Sgi, Sun | 5 Flexlm, Irix, License Oeo and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
|
Arbitrary file creation and program execution using FLEXlm LicenseManager, from versions 4.0 to 5.0, in IRIX.
|
|||||
| CVE-2001-0165 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument.
|
|||||
| CVE-2005-4806 | 1 Sun | 1 Java System Web Proxy Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Sun Java System Web Proxy Server 3.6 SP7 and earlier allow remote attackers to cause a denial of service (unresponsive service) via unknown vectors.
|
|||||
| CVE-2005-1080 | 1 Sun | 1 Sdk | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file.
|
|||||
| CVE-1999-0676 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack.
|
|||||
| CVE-2003-1082 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068.
|
|||||
| CVE-2002-1042 | 2 Netscape, Sun | 4 Enterprise Server, Iplanet Web Server, One Application Server and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
|
|||||
| CVE-1999-0009 | 11 Bsdi, Caldera, Data General and 8 more | 13 Bsd Os, Openlinux, Dg Ux and 10 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.
|
|||||
| CVE-2000-0316 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option.
|
|||||
| CVE-2002-1584 | 2 Sgi, Sun | 3 Irix, Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.
|
|||||
| CVE-2002-0085 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.
|
|||||
| CVE-2005-1124 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API.
|
|||||
| CVE-2000-0471 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.
|
|||||
| CVE-2004-2759 | 1 Sun | 4 Storedge Qfs, Storedge Sam-qfs, Storeedge Performance Suite and 1 more | 2025-04-03 | 2.1 LOW | N/A |
|
Shared Sun StorEdge QFS and SAM-QFS file systems, as used in Utilization Suite 4.0 through 4.1 and Performance Suite 4.0 through 4.1, might allow local users to read portions of deleted files by accessing data within sparse files.
|
|||||
| CVE-2004-1393 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang).
|
|||||
| CVE-2003-1073 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 1.2 LOW | N/A |
|
A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place.
|
|||||
| CVE-2000-0164 | 1 Sun | 1 Solaris Isp Server | 2025-04-03 | 7.2 HIGH | N/A |
|
The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords.
|
|||||
| CVE-1999-0408 | 1 Sun | 1 Cobalt Raq | 2025-04-03 | 10.0 HIGH | N/A |
|
Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server.
|
|||||
| CVE-2005-3904 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 7.5 HIGH | N/A |
|
Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors.
|
|||||
| CVE-1999-0097 | 3 Hp, Ibm, Sun | 4 Hp-ux, Aix, Solaris and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
|
The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character).
|
|||||
| CVE-2004-1816 | 2 Macromedia, Sun | 3 Coldfusion, Jrun, One Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
|
|||||
| CVE-2000-0812 | 1 Sun | 1 Java System Web Server | 2025-04-03 | 10.0 HIGH | N/A |
|
The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.
|
|||||
| CVE-1999-0069 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | 8.4 HIGH |
|
Solaris ufsrestore buffer overflow.
|
|||||
| CVE-2000-1075 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.
|
|||||
| CVE-2005-4845 | 1 Sun | 1 Java Plug-in | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.
|
|||||
| CVE-2004-2758 | 1 Sun | 1 Sunforum | 2025-04-03 | 7.5 HIGH | N/A |
|
Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
|
|||||
| CVE-1999-1122 | 1 Sun | 1 Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges.
|
|||||
| CVE-2006-0901 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code.
|
|||||
| CVE-1999-0017 | 9 Caldera, Freebsd, Gnu and 6 more | 11 Openlinux, Freebsd, Inet and 8 more | 2025-04-03 | 7.5 HIGH | N/A |
|
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
|
|||||
| CVE-1999-1225 | 5 Digital, Linux, Netbsd and 2 more | 5 Ultrix, Linux Kernel, Netbsd and 2 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.
|
|||||
| CVE-1999-0840 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option.
|
|||||
| CVE-2005-4797 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command.
|
|||||
| CVE-1999-0214 | 1 Sun | 1 Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Denial of service by sending forged ICMP unreachable packets.
|
|||||