Filtered by vendor Sun Subscriptions
Total 1712 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-0278 1 Sun 1 Java System Application Server 2024-11-21 N/A
Sun Java System Application Server (AS) 8.1 and 8.2 allows remote attackers to read the Web Application configuration files in the (1) WEB-INF or (2) META-INF directory via a malformed request.
CVE-2009-0277 1 Sun 2 Opensolaris, Ultrasparc 2024-11-21 N/A
Unspecified vulnerability in the kernel in OpenSolaris snv_100 through snv_102 on the Sun UltraSPARC T2 and T2+ sun4v platforms allows local users to cause a denial of service (panic) via unknown vectors.
CVE-2009-0268 1 Sun 2 Opensolaris, Solaris 2024-11-21 N/A
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl.
CVE-2009-0267 1 Sun 2 Opensolaris, Solaris 2024-11-21 N/A
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.
CVE-2009-0171 1 Sun 1 Sparc Enterprise Server 2024-11-21 N/A
The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows remote attackers to use the manufacturing root password, perform a root login to the eXtended System Control Facility Unit (aka XSCFU or Service Processor), and have unspecified other impact.
CVE-2009-0170 1 Sun 1 Java System Access Manager 2024-11-21 N/A
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.
CVE-2009-0169 1 Sun 1 Java System Access Manager 2024-11-21 N/A
Sun Java System Access Manager 7.1 allows remote authenticated sub-realm administrators to gain privileges, as demonstrated by creating the amadmin account in the sub-realm, and then logging in as amadmin in the root realm.
CVE-2009-0168 1 Sun 2 Opensolaris, Solaris 2024-11-21 N/A
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files.
CVE-2009-0167 1 Sun 2 Opensolaris, Solaris 2024-11-21 N/A
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability."
CVE-2009-0132 1 Sun 2 Opensolaris, Solaris 2024-11-21 N/A
Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument).
CVE-2009-0131 1 Sun 1 Opensolaris 2024-11-21 N/A
The UFS implementation in the kernel in Sun OpenSolaris snv_29 through snv_90 allows local users to cause a denial of service (panic) via the single posix_fallocate test in the SUSv3 POSIX test suite, related to an F_ALLOCSP fcntl call.
CVE-2009-0069 1 Sun 2 Opensolaris, Solaris 2024-11-21 N/A
Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors.
CVE-2009-0046 1 Sun 1 Grid Engine 2024-11-21 N/A
Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to CVE-2008-5077.
CVE-2008-7300 1 Sun 2 Opensolaris, Sunos 2024-11-21 N/A
The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone.
CVE-2008-6192 1 Sun 1 Java System Portal Server 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in unspecified Portlets in Sun Java System Portal Server 7.0 and 7.1 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2008-6024 1 Sun 2 Opensolaris, Solaris 2024-11-21 N/A
Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors.
CVE-2008-5910 1 Sun 1 Opensolaris 2024-11-21 N/A
Unspecified vulnerability in txzonemgr in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653462.
CVE-2008-5909 1 Sun 1 Opensolaris 2024-11-21 N/A
Unspecified vulnerability in conv_lpd in Sun OpenSolaris has unknown impact and local attack vectors, related to improper handling of temporary files, aka Bug ID 6655641.
CVE-2008-5908 1 Sun 1 Opensolaris 2024-11-21 N/A
Unspecified vulnerability in the root/boot archive tool in Sun OpenSolaris has unknown impact and local attack vectors, related to a "Temporary file vulnerability," aka Bug ID 6653455.
CVE-2008-5746 1 Sun 2 Snmp Management Agent, Solaris 2024-11-21 N/A
Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files.