Filtered by vendor Sun
Subscribe
Total
1712 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0922 | 1 Sun | 1 Netdynamics | 2017-12-19 | 7.5 HIGH | N/A |
| ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in. | |||||
| CVE-2001-0606 | 2 Hp, Sun | 2 Virtualvault, Iplanet Web Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service. | |||||
| CVE-2000-1156 | 1 Sun | 1 Staroffice | 2017-12-19 | 3.6 LOW | N/A |
| StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice. | |||||
| CVE-2000-1076 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2017-12-19 | 10.0 HIGH | N/A |
| Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | |||||
| CVE-2000-0812 | 1 Sun | 1 Java System Web Server | 2017-12-19 | 10.0 HIGH | N/A |
| The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag. | |||||
| CVE-2000-0696 | 1 Sun | 1 Solaris Answerbook2 | 2017-12-19 | 7.5 HIGH | N/A |
| The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script. | |||||
| CVE-1999-1467 | 1 Sun | 1 Sunos | 2017-12-19 | 10.0 HIGH | N/A |
| Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user. | |||||
| CVE-1999-1225 | 5 Digital, Linux, Netbsd and 2 more | 5 Ultrix, Linux Kernel, Netbsd and 2 more | 2017-12-19 | 5.0 MEDIUM | N/A |
| rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. | |||||
| CVE-1999-1212 | 1 Sun | 1 Sunos | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges. | |||||
| CVE-1999-1211 | 1 Sun | 1 Sunos | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges. | |||||
| CVE-1999-1123 | 1 Sun | 1 Sunos | 2017-12-19 | 7.2 HIGH | N/A |
| The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall. | |||||
| CVE-2012-1695 | 2 Oracle, Sun | 3 Fusion Middleware, Jdk, Jre | 2017-12-14 | 10.0 HIGH | 6.8 MEDIUM |
| Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2012-1698 | 1 Sun | 1 Sunos | 2017-12-07 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows remote authenticated users to affect confidentiality, related to Kernel/GLD. | |||||
| CVE-2012-1694 | 1 Sun | 1 Sunos | 2017-12-07 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality and integrity, related to libsasl. | |||||
| CVE-2012-1692 | 1 Sun | 1 Sunos | 2017-12-07 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability, related to SCTP. | |||||
| CVE-2012-1691 | 1 Sun | 1 Sunos | 2017-12-07 | 6.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/Privileges. | |||||
| CVE-2012-1684 | 1 Sun | 1 Sunos | 2017-12-07 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Password Policy. | |||||
| CVE-2012-1683 | 1 Sun | 1 Sunos | 2017-12-07 | 5.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to gssd. | |||||
| CVE-2012-1681 | 1 Sun | 1 Sunos | 2017-12-07 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kernel/sockfs. | |||||
| CVE-2012-0539 | 1 Sun | 1 Sunos | 2017-12-07 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to (1) bsmconv and (2) bsmunconv. | |||||