Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1830 | 1 Sun | 1 Java Studio Enterprise | 2025-04-03 | 3.7 LOW | N/A |
|
Sun Java Studio Enterprise 8, when installed as root, creates certain files with world-writable permissions, which allows local users to execute arbitrary commands via unspecified vectors.
|
|||||
| CVE-2006-0617 | 1 Sun | 2 Jdk, Jre | 2025-04-03 | 4.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 5 and earlier allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "fifth, sixth, and seventh issues."
|
|||||
| CVE-1999-0674 | 3 Netbsd, Openbsd, Sun | 4 Netbsd, Openbsd, Solaris and 1 more | 2025-04-03 | 7.2 HIGH | N/A |
|
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
|
|||||
| CVE-1999-0696 | 2 Hp, Sun | 3 Hp-ux, Solaris, Sunos | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
|
|||||
| CVE-2006-1782 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name (rootDN) password when a privileged user (1) runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including (2) ldapadd, (3) ldapdelete, (4) ldapmodify, (5) ldapmodrdn, and (6) ldapsearch.
|
|||||
| CVE-1999-0277 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
The WorkMan program can be used to overwrite any file to get root access.
|
|||||
| CVE-1999-0868 | 5 Isc, Nec, Netscape and 2 more | 6 Inn, Goah Intrasv, Goah Networksv and 3 more | 2025-04-03 | 7.2 HIGH | N/A |
|
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
|
|||||
| CVE-2006-2064 | 1 Sun | 1 Solaris | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in the libpkcs11 library in Sun Solaris 10 might allow local users to gain privileges or cause a denial of service (application failure) via unknown attack vectors that involve the getpwnam family of non-reentrant functions.
|
|||||
| CVE-1999-0054 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Sun's ftpd daemon can be subjected to a denial of service.
|
|||||
| CVE-1999-0010 | 8 Data General, Ibm, Isc and 5 more | 11 Dg Ux, Aix, Bind and 8 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
|
|||||
| CVE-1999-1426 | 1 Sun | 1 Solstice Adminsuite | 2025-04-03 | 6.2 MEDIUM | N/A |
|
Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files.
|
|||||
| CVE-1999-1192 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument.
|
|||||
| CVE-2000-0958 | 1 Sun | 1 Hotjava Browser | 2025-04-03 | 5.0 MEDIUM | N/A |
|
HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window.
|
|||||
| CVE-2006-0615 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-03 | 4.0 MEDIUM | N/A |
|
Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues."
|
|||||
| CVE-2003-1065 | 1 Sun | 1 Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash).
|
|||||
| CVE-2006-2426 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-03 | 6.4 MEDIUM | N/A |
|
Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory.
|
|||||
| CVE-1999-0273 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Denial of service through Solaris 2.5.1 telnet by sending ^D characters.
|
|||||
| CVE-2001-0797 | 5 Hp, Ibm, Sco and 2 more | 6 Hp-ux, Aix, Openserver and 3 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
|
|||||
| CVE-1999-1506 | 1 Sun | 1 Sunos | 2025-04-03 | 7.5 HIGH | N/A |
|
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.
|
|||||
| CVE-2005-2529 | 1 Sun | 1 Java | 2025-04-03 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to "the utility used to update Java shared archives."
|
|||||
| CVE-2005-4796 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 3.6 LOW | N/A |
|
Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits.
|
|||||
| CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2025-04-03 | 5.0 MEDIUM | 7.5 HIGH |
|
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
|
|||||
| CVE-2006-3127 | 1 Sun | 2 Java Enterprise System, Java System Directory Server | 2025-04-03 | 7.8 HIGH | N/A |
|
Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations.
|
|||||
| CVE-2001-0423 | 1 Sun | 1 Solaris | 2025-04-03 | 7.2 HIGH | N/A |
|
Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093.
|
|||||
| CVE-2000-0174 | 1 Sun | 1 Staroffice | 2025-04-03 | 5.0 MEDIUM | N/A |
|
StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
|
|||||
| CVE-1999-0859 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
|
|||||
| CVE-1999-0300 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
|
nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers.
|
|||||
| CVE-1999-0209 | 1 Sun | 1 Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The SunView (SunTools) selection_svc facility allows remote users to read files.
|
|||||
| CVE-2001-1075 | 1 Sun | 1 Cobalt Raq 3i | 2025-04-03 | 5.0 MEDIUM | N/A |
|
poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file.
|
|||||
| CVE-2000-0442 | 2 Qualcomm, Sun | 3 Qpopper, Cobalt Raq 2, Cobalt Raq 3i | 2025-04-03 | 7.5 HIGH | N/A |
|
Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command.
|
|||||
| CVE-1999-0795 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.5 HIGH | N/A |
|
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.
|
|||||
| CVE-2005-1105 | 1 Sun | 1 Javamail | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in the MimeBodyPart.getFileName method in JavaMail 1.3.2 allows remote attackers to write arbitrary files via a .. (dot dot) in the filename in the Content-Disposition header.
|
|||||
| CVE-2004-0481 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 2.1 LOW | N/A |
|
The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file.
|
|||||
| CVE-2005-4706 | 1 Sun | 1 Solaris | 2025-04-03 | 2.1 LOW | N/A |
|
Unspecified vulnerability in the "privilege management" feature of Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors that trigger a null dereference in the secpolicy_fs_common function.
|
|||||
| CVE-2002-1337 | 7 Gentoo, Hp, Netbsd and 4 more | 9 Linux, Alphaserver Sc, Hp-ux and 6 more | 2025-04-03 | 10.0 HIGH | N/A |
|
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
|
|||||
| CVE-1999-0128 | 5 Digital, Ibm, Linux and 2 more | 9 Osf 1, Aix, Sng and 6 more | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
|
|||||
| CVE-2001-0633 | 1 Sun | 1 Chilisoft | 2025-04-03 | 5.0 MEDIUM | N/A |
|
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'.
|
|||||
| CVE-2005-0223 | 2 Compaq, Sun | 3 Tru64, Rte, Sdk | 2025-04-03 | 5.0 MEDIUM | N/A |
|
The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service (Java Virtual Machine hang) via object deserialization.
|
|||||
| CVE-2005-3250 | 1 Sun | 1 Solaris | 2025-04-03 | 2.1 LOW | N/A |
|
Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference.
|
|||||
| CVE-2005-3099 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
|
Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.
|
|||||