Filtered by vendor Sun
Subscriptions
Total
1712 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2007-5225 | 1 Sun | 1 Sunos | 2024-08-07 | N/A |
Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl. | ||||
CVE-2007-5237 | 1 Sun | 2 Jdk, Jre | 2024-08-07 | N/A |
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka "two vulnerabilities." | ||||
CVE-2007-5170 | 1 Sun | 2 Embedded Lights Out Manager, Sun Fire | 2024-08-07 | N/A |
Unspecified vulnerability in the embedded service processor (SP) before 3.09 in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) allows remote attackers to send arbitrary network traffic and use ELOM as a spam proxy. | ||||
CVE-2007-5152 | 1 Sun | 2 Java System Access Manager, Java System Application Server | 2024-08-07 | N/A |
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks. | ||||
CVE-2007-5153 | 1 Sun | 2 Java System Access Manager, Java System Application Server | 2024-08-07 | N/A |
Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
CVE-2007-5132 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors related to "the handling of thread contexts." | ||||
CVE-2007-5118 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and 10 before 20070925 allows local users to cause a denial of service (panic) via unspecified vectors. | ||||
CVE-2007-5019 | 1 Sun | 3 Java Web Start, Jre, Sdk | 2024-08-07 | N/A |
Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X allows remote attackers to have an unknown impact via a long argument to the dnsResolve (isInstalled.dnsResolve) method. | ||||
CVE-2007-4938 | 11 Apple, Hp, Ibm and 8 more | 18 Mac Os X, Hp-ux, Tru64 and 15 more | 2024-08-07 | N/A |
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. | ||||
CVE-2007-4732 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function. | ||||
CVE-2007-4511 | 1 Sun | 1 Java System Application Server | 2024-08-07 | N/A |
The Sun Admin Console in Sun Application Server 9.0_0.1 does not apply certain configuration changes persistently, which causes the (1) SSL and (2) SSL_MutualAuth ORB listener services to enable all protocols and ciphers after the services are restarted, possibly allowing remote attackers to bypass intended policy. | ||||
CVE-2007-4495 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 20070821 allows local users to cause a denial of service (system panic) via an unspecified ioctl function, aka Bug 6433124. | ||||
CVE-2007-4492 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Multiple unspecified vulnerabilities in the ata disk driver in Sun Solaris 8, 9, and 10 on the x86 platform before 20070821 allow local users to cause a denial of service (system panic) via unspecified ioctl functions, aka Bug 6433123. | ||||
CVE-2007-4381 | 2 Redhat, Sun | 4 Rhel Extras, Jdk, Jre and 1 more | 2024-08-07 | N/A |
Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself. | ||||
CVE-2007-4395 | 1 Sun | 1 Sunos | 2024-08-07 | N/A |
Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role. | ||||
CVE-2007-4310 | 1 Sun | 1 Sunos | 2024-08-07 | N/A |
The finger daemon (in.fingerd) in Sun Solaris 7 through 9 allows remote attackers to list all accounts that have certain nonstandard GECOS fields via a request composed of a single digit, as demonstrated by a "finger 9@host" command, a different vulnerability than CVE-2001-1503. | ||||
CVE-2007-4289 | 1 Sun | 1 Java System Portal Server | 2024-08-07 | N/A |
Sun Java System Portal Server 7.0 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3715. | ||||
CVE-2007-4164 | 1 Sun | 1 Java System Web Server | 2024-08-07 | N/A |
CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 before 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and escape is disabled, or an Error directive uses the url-prefix parameter in obj.conf, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. | ||||
CVE-2007-4126 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Unspecified vulnerability in the dynamic tracing framework (DTrace) on Sun Solaris 10 before 20070730 allows local users with PRIV_DTRACE_USER privileges to cause a denial of service (panic or hang) via unspecified use of certain DTrace programs. | ||||
CVE-2007-4070 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun Solaris 8 through 10 before 20070725 allows local users to read arbitrary files with root group ownership via unknown vectors. |