Filtered by vendor Sun
Subscriptions
Total
1712 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-3100 | 2 Sun, X.org | 3 Opensolaris, Solaris, X11 | 2024-09-17 | N/A |
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches. | ||||
CVE-2005-4805 | 1 Sun | 1 Java System Application Server | 2024-09-17 | N/A |
Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages (JSP) via unknown vectors. | ||||
CVE-2001-1555 | 1 Sun | 2 Solaris, Sunos | 2024-09-17 | N/A |
pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY. | ||||
CVE-2003-1134 | 1 Sun | 1 Java | 2024-09-17 | N/A |
Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. | ||||
CVE-2009-4187 | 1 Sun | 2 Java System Portal Server, Solaris | 2024-09-17 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2021-43358 | 1 Sun | 1 Ehrd | 2024-09-17 | 7.5 High |
Sunnet eHRD has inadequate filtering for special characters in URLs, which allows a remote attacker to perform path traversal attacks without authentication, access restricted paths and download system files. | ||||
CVE-2002-2327 | 1 Sun | 2 Sun Fire, Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties. | ||||
CVE-2010-0361 | 1 Sun | 1 Java System Web Server | 2024-09-17 | N/A |
Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long URI in an HTTP OPTIONS request. | ||||
CVE-1999-1585 | 1 Sun | 1 Sunos | 2024-09-17 | N/A |
The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges. | ||||
CVE-2009-3101 | 1 Sun | 2 Opensolaris, Solaris | 2024-09-17 | N/A |
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and OpenSolaris snv_109 through snv_122, does not properly handle Trusted Extensions, which allows local users to cause a denial of service (CPU consumption and console hang) by locking the screen, related to a regression in certain Solaris and OpenSolaris patches. | ||||
CVE-2011-0801 | 1 Sun | 1 Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect confidentiality and integrity via unknown vectors related to cp. | ||||
CVE-2009-4295 | 1 Sun | 1 Ray Server Software | 2024-09-17 | N/A |
Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 150 DTU device, which makes it easier for remote attackers to obtain sensitive information by predicting a key and then using it to decrypt sniffed network traffic. | ||||
CVE-2009-4191 | 1 Sun | 2 Opensolaris, Sunos | 2024-09-17 | N/A |
Unspecified vulnerability in the kernel in Sun Solaris 10 and OpenSolaris 2009.06 on the x86-64 platform allows local users to gain privileges via unknown vectors, as demonstrated by the vd_sol_local module in VulnDisco Pack Professional 8.12. NOTE: as of 20091203, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
CVE-2009-1081 | 1 Sun | 1 Java System Identity Manager | 2024-09-17 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug IDs 19595 and 19661. | ||||
CVE-2003-1516 | 1 Sun | 1 Java Plug-in | 2024-09-17 | N/A |
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet. | ||||
CVE-2009-4774 | 1 Sun | 2 Opensolaris, Solaris | 2024-09-17 | N/A |
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225. | ||||
CVE-2009-2187 | 1 Sun | 2 Opensolaris, Solaris | 2024-09-17 | N/A |
Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages. | ||||
CVE-2009-2596 | 1 Sun | 2 Opensolaris, Solaris | 2024-09-17 | N/A |
Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members. | ||||
CVE-2009-3937 | 1 Sun | 1 Opensolaris | 2024-09-17 | N/A |
Memory leak in Solaris TCP sockets in Sun OpenSolaris snv_106 through snv_126 allows local users to cause a denial of service (kernel memory consumption) via unspecified vectors involving tcp_sendmsg processing "ancillary data." | ||||
CVE-2009-1083 | 1 Sun | 1 Java System Identity Manager | 2024-09-17 | N/A |
Sun Java System Identity Manager (IdM) 7.0 through 8.0 on Linux, AIX, Solaris, and HP-UX permits "control characters" in the passwords of user accounts, which allows remote attackers to execute arbitrary commands via vectors involving "resource adapters." |