Filtered by vendor Sun
Subscribe
Total
1712 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6494 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 6.6 MEDIUM | N/A |
| Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers. | |||||
| CVE-2006-5214 | 2 Netbsd, Sun | 3 Netbsd, Solaris, Sunos | 2018-10-30 | 1.2 LOW | N/A |
| Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is performed, which allows local users to read Xsession errors files of other users. | |||||
| CVE-2006-3920 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm. | |||||
| CVE-2007-2045 | 1 Sun | 1 Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments. | |||||
| CVE-2006-0161 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in uucp in Sun Solaris 8 and 9 has unknown impact and attack vectors. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this is related to CVE-2004-0780. | |||||
| CVE-2002-2197 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference. | |||||
| CVE-2003-1024 | 1 Sun | 1 Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges. | |||||
| CVE-2007-5225 | 1 Sun | 1 Sunos | 2018-10-30 | 4.9 MEDIUM | N/A |
| Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl. | |||||
| CVE-2007-2882 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets. | |||||
| CVE-2006-5073 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013. | |||||
| CVE-2005-3398 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 4.3 MEDIUM | N/A |
| The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. | |||||
| CVE-2004-0780 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument. | |||||
| CVE-2006-3606 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9 allows context-dependent attackers to cause a denial of service (application crash) to applications that use the library. | |||||
| CVE-2006-6275 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 4.7 MEDIUM | N/A |
| Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals. | |||||
| CVE-1999-1587 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 2.1 LOW | N/A |
| /usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users to view the environment variables and values of arbitrary processes via the -e option. | |||||
| CVE-2004-1354 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 5.0 MEDIUM | N/A |
| The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. | |||||
| CVE-2006-0901 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 7.2 HIGH | N/A |
| Unspecified vulnerability in the hsfs filesystem in Solaris 8, 9, and 10 allows unspecified attackers to cause a denial of service (panic) or execute arbitrary code. | |||||
| CVE-2005-3071 | 1 Sun | 2 Solaris, Sunos | 2018-10-30 | 2.1 LOW | N/A |
| Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS. | |||||
| CVE-2007-1794 | 2 Mozilla, Sun | 3 Mozilla, Solaris, Sunos | 2018-10-30 | 10.0 HIGH | N/A |
| The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. NOTE: this issue might be related to CVE-2006-3805. | |||||
| CVE-2002-1763 | 1 Sun | 1 Sunos | 2018-10-30 | 4.6 MEDIUM | N/A |
| The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session. | |||||