Filtered by vendor Sun
Subscriptions
Total
1712 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-1575 | 2 Sun, Symantec | 2 Solaris, Vxfs | 2024-09-17 | N/A |
VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissions by accessing a file on a VxFS filesystem. | ||||
CVE-2003-1125 | 1 Sun | 1 One Directory Server | 2024-09-17 | N/A |
Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt). | ||||
CVE-2003-1576 | 1 Sun | 3 Change Manager, Management Center, Solaris | 2024-09-17 | N/A |
Buffer overflow in pamverifier in Change Manager (CM) 1.0 for Sun Management Center (SunMC) 3.0 on Solaris 8 and 9 on the sparc platform allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
CVE-2002-2374 | 1 Sun | 1 Patchpro | 2024-09-17 | N/A |
Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." | ||||
CVE-2003-0970 | 1 Sun | 1 Sun Fire | 2024-09-17 | N/A |
The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled. | ||||
CVE-2002-2425 | 1 Sun | 1 Solaris Answerbook2 | 2024-09-17 | N/A |
Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request. | ||||
CVE-2003-1126 | 1 Sun | 1 One Web Server | 2024-09-17 | N/A |
Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. | ||||
CVE-2009-1080 | 1 Sun | 1 Java System Identity Manager | 2024-09-17 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID 19033. | ||||
CVE-2004-0481 | 1 Sun | 2 Solaris, Sunos | 2024-09-17 | N/A |
The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file. | ||||
CVE-2002-1871 | 1 Sun | 2 Solaris, Sunos | 2024-09-17 | N/A |
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. | ||||
CVE-2021-43360 | 1 Sun | 1 Ehrd | 2024-09-17 | 8.8 High |
Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object validation and restriction, which allows a post-authenticated remote attacker with database access privilege, to execute arbitrary code and control the system or interrupt services. | ||||
CVE-2005-0576 | 1 Sun | 1 Solaris | 2024-09-17 | N/A |
Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files. | ||||
CVE-2009-1075 | 1 Sun | 1 Java System Identity Manager | 2024-09-17 | N/A |
Sun Java System Identity Manager (IdM) 7.0 through 8.0 responds differently to failed use of the Forgot Password feature depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. | ||||
CVE-2009-2597 | 1 Sun | 2 Java System Access Manager Policy Agent, Java System Web Proxy Server | 2024-09-17 | N/A |
The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request. | ||||
CVE-2007-3025 | 2 Clam Anti-virus, Sun | 2 Clamav, Solaris | 2024-09-17 | N/A |
Unspecified vulnerability in libclamav/phishcheck.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1, when running on Solaris, allows remote attackers to cause a denial of service (hang) via unknown vectors related to the isURL function and regular expressions. | ||||
CVE-2011-0821 | 1 Sun | 1 Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to uucp. | ||||
CVE-2009-3100 | 2 Sun, X.org | 3 Opensolaris, Solaris, X11 | 2024-09-17 | N/A |
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches. | ||||
CVE-2005-4805 | 1 Sun | 1 Java System Application Server | 2024-09-17 | N/A |
Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors. | ||||
CVE-2001-1555 | 1 Sun | 2 Solaris, Sunos | 2024-09-17 | N/A |
pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY. | ||||
CVE-2003-1134 | 1 Sun | 1 Java | 2024-09-17 | N/A |
Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. |