Filtered by vendor Sun
Subscribe
Total
1712 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-6225 | 1 Sun | 1 Solaris | 2017-07-29 | 4.9 MEDIUM | N/A |
Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors. | |||||
CVE-2007-6180 | 1 Sun | 1 Solaris | 2017-07-29 | 7.6 HIGH | N/A |
Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors. | |||||
CVE-2007-5726 | 1 Sun | 1 Solaris | 2017-07-29 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in the Stream Control Transmission Protocol (sctp) functionality in Sun Solaris 10, when at least one SCTP socket is in the LISTEN state, allows remote attackers to cause a denial of service (panic) via unspecified vectors related to "INIT processing." | |||||
CVE-2007-5717 | 1 Sun | 2 Embedded Lights Out Manager, Sun Fire | 2017-07-29 | 10.0 HIGH | N/A |
Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) on x86 before firmware 2.70 allows remote attackers to execute arbitrary commands as root on the Service Processor (SP) via unspecified vectors, a different vulnerability than CVE-2007-5170. | |||||
CVE-2007-5482 | 1 Sun | 2 Storagetek 3510, Storedge | 2017-07-29 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in the FTP service in Sun StorEdge/StorageTek 3510 FC Array with firmware before 4.21 allows remote attackers, with access to the Ethernet management interface, to cause a denial of service (I/O request timeout and device hang) via unspecified vectors. | |||||
CVE-2007-5462 | 1 Sun | 1 Solaris | 2017-07-29 | 7.8 HIGH | N/A |
Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems. | |||||
CVE-2007-5170 | 1 Sun | 2 Embedded Lights Out Manager, Sun Fire | 2017-07-29 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the embedded service processor (SP) before 3.09 in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) allows remote attackers to send arbitrary network traffic and use ELOM as a spam proxy. | |||||
CVE-2007-5153 | 1 Sun | 2 Java System Access Manager, Java System Application Server | 2017-07-29 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 8.x container, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
CVE-2007-5152 | 1 Sun | 2 Java System Access Manager, Java System Application Server | 2017-07-29 | 7.5 HIGH | N/A |
Sun Java System Access Manager 7.1, when installed in a Sun Java System Application Server 9.1 container, does not demand authentication after a container restart, which allows remote attackers to perform administrative tasks. | |||||
CVE-2007-4492 | 1 Sun | 1 Solaris | 2017-07-29 | 4.9 MEDIUM | N/A |
Multiple unspecified vulnerabilities in the ata disk driver in Sun Solaris 8, 9, and 10 on the x86 platform before 20070821 allow local users to cause a denial of service (system panic) via unspecified ioctl functions, aka Bug 6433123. | |||||
CVE-2007-4164 | 1 Sun | 1 Java System Web Server | 2017-07-29 | 7.5 HIGH | N/A |
CRLF injection vulnerability in the redirect feature in Sun Java System Web Server 6.1 and 7.0 before 20070802, when the redirect Server Application Function (SAF) uses the url-prefix parameter and escape is disabled, or an Error directive uses the url-prefix parameter in obj.conf, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. | |||||
CVE-2007-4025 | 1 Sun | 1 Java System Application Server | 2017-07-29 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in Sun Java System (SJS) Application Server 8.1 through 9.0 before 20070724 on Windows allows remote attackers to obtain JSP source code via unspecified vectors. | |||||
CVE-2007-3700 | 1 Sun | 1 Java System Access Manager | 2017-07-29 | 1.7 LOW | N/A |
Sun Java System Access Manager (formerly Java System Identity Server) before 20070710, when the message debug level is configured in the com.iplanet.services.debug.level property in AMConfig.properties, logs cleartext login passwords, which allows local users to gain privileges by reading /var/opt/SUNWam/debug/amAuth. | |||||
CVE-2007-3626 | 3 Hitachi, Ibm, Sun | 7 Cosminexus Application Server, Cosminexus Tpbroker, Tpbroker and 4 more | 2017-07-29 | 7.8 HIGH | N/A |
Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before 20070706 allows remote attackers to cause a denial of service (daemon crash) via a certain request. | |||||
CVE-2007-3225 | 1 Sun | 1 Java System Directory Server | 2017-07-29 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in Sun Java System Directory Server (slapd) 6.0, and 5.2 with Patch 3 or 4, allows remote attackers to modify certain data via unknown vectors. | |||||
CVE-2007-3224 | 1 Sun | 2 Java System Directory Server, One Directory Server | 2017-07-29 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in Sun ONE/Java System Directory Server (slapd) 6.0, and 5.x before 5.2 Patch 5, allows remote attackers to determine the existence of attributes of an entry via unspecified vectors. | |||||
CVE-2007-2881 | 1 Sun | 1 Java System Web Proxy Server | 2017-07-29 | 10.0 HIGH | N/A |
Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation. | |||||
CVE-2007-2466 | 1 Sun | 2 Java System Directory Server, One Directory Server | 2017-07-29 | 7.8 HIGH | N/A |
Unspecified vulnerability in the LDAP Software Development Kit (SDK) for C, as used in Sun Java System Directory Server 5.2 up to Patch 4 and Sun ONE Directory Server 5.1, allows remote attackers to cause a denial of service (crash) via certain BER encodings. | |||||
CVE-2007-2267 | 1 Sun | 1 Cluster | 2017-07-29 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in Sun Cluster 3.1 and Solaris Cluster 3.2 before 20070424 allows remote authenticated users, operating from a different cluster node, to cause a denial of service (data corruption or send_mondo panic) via unspecified vectors, as demonstrated by EMC Symcli backup software 6.2.1. | |||||
CVE-2007-2191 | 7 Bsd, Freepbx, Hp and 4 more | 8 Bsd, Freepbx, Hp-ux and 5 more | 2017-07-29 | 6.8 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in freePBX 2.2.x allow remote attackers to inject arbitrary web script or HTML via the (1) From, (2) To, (3) Call-ID, (4) User-Agent, and unspecified other SIP protocol fields, which are stored in /var/log/asterisk/full and displayed by admin/modules/logfiles/asterisk-full-log.php. |