Vulnerabilities (CVE)

Filtered by vendor Sun Subscribe
Total 1712 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-3549 2 Sun, Wireshark 2 Sparc, Wireshark 2017-09-19 5.0 MEDIUM N/A
packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace.
CVE-2009-3048 4 Conectiva, Freebsd, Opera and 1 more 4 Linux, Freebsd, Opera Browser and 1 more 2017-09-19 4.3 MEDIUM N/A
Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file."
CVE-2009-2972 1 Sun 1 Solaris 2017-09-19 7.8 HIGH N/A
in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb."
CVE-2009-2952 1 Sun 2 Opensolaris, Solaris 2017-09-19 4.9 MEDIUM N/A
Unspecified vulnerability in the pollwakeup function in Sun Solaris 10, and OpenSolaris before snv_51, allows local users to cause a denial of service (panic) via unknown vectors.
CVE-2009-2912 1 Sun 2 Opensolaris, Solaris 2017-09-19 4.9 MEDIUM N/A
The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls.
CVE-2009-2715 1 Sun 1 Virtualbox 2017-09-19 4.9 MEDIUM N/A
Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service (Linux host OS reboot) via a sysenter instruction.
CVE-2009-2714 1 Sun 1 Virtualbox 2017-09-19 4.9 MEDIUM N/A
Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows guest OS users to cause a denial of service (host OS reboot) via unknown vectors.
CVE-2009-2711 2 Sun, X.org 3 Opensolaris, Solaris, X11 2017-09-19 4.9 MEDIUM N/A
XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276.
CVE-2009-2690 1 Sun 2 Java Se, Openjdk 2017-09-19 5.0 MEDIUM N/A
The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application.
CVE-2009-2689 1 Sun 2 Java Se, Openjdk 2017-09-19 10.0 HIGH N/A
JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application.
CVE-2009-2644 1 Sun 2 Opensolaris, Solaris 2017-09-19 4.9 MEDIUM N/A
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds."
CVE-2009-2488 1 Sun 2 Opensolaris, Solaris 2017-09-19 4.9 MEDIUM N/A
Unspecified vulnerability in the NFSv4 module in the kernel in Sun Solaris 10, and OpenSolaris snv_102 through snv_119, allows local users to cause a denial of service (client panic) via vectors involving "file operations."
CVE-2009-2487 1 Sun 2 Opensolaris, Solaris 2017-09-19 7.8 HIGH N/A
Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors.
CVE-2009-2486 1 Sun 2 Opensolaris, Solaris 2017-09-19 7.8 HIGH N/A
Unspecified vulnerability in the SCTP implementation in Sun Solaris 10, and OpenSolaris before snv_120, allows remote attackers to cause a denial of service (panic) via unspecified packets.
CVE-2009-2476 1 Sun 2 Java Se, Openjdk 2017-09-19 10.0 HIGH N/A
The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object.
CVE-2009-2475 1 Sun 2 Java Se, Openjdk 2017-09-19 7.8 HIGH N/A
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673.
CVE-2015-0430 1 Sun 1 Sunos 2017-09-08 1.9 LOW N/A
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility.
CVE-2015-0429 1 Sun 1 Sunos 2017-09-08 3.3 LOW N/A
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility.
CVE-2015-0428 1 Sun 1 Sunos 2017-09-08 4.9 MEDIUM N/A
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control.
CVE-2015-0397 1 Sun 1 Sunos 2017-09-08 2.1 LOW N/A
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600.