Filtered by vendor Sun
Subscriptions
Total
1712 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-3824 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness error or integer underflow. | ||||
| CVE-2006-3921 | 1 Sun | 2 Java System Application Server, Java System Web Server | 2025-04-03 | N/A |
| Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI. | ||||
| CVE-2005-4797 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Directory traversal vulnerability in printd line printer daemon (lpd) in Solaris 7 through 10 allows remote attackers to delete arbitrary files via ".." sequences in an "Unlink data file" command. | ||||
| CVE-1999-0135 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. | ||||
| CVE-1999-0136 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. | ||||
| CVE-1999-0691 | 4 Cde, Digital, Ibm and 1 more | 5 Cde, Unix, Aix and 2 more | 2025-04-03 | N/A |
| Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. | ||||
| CVE-1999-0493 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. | ||||
| CVE-1999-0168 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions. | ||||
| CVE-1999-0841 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. | ||||
| CVE-2005-4796 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits. | ||||
| CVE-2005-4795 | 1 Sun | 1 Sunos | 2025-04-03 | N/A |
| Unspecified vulnerability in the multi-language environment library (libmle) in Solaris 7 and 8, as shipped with the Japanese locale, allows local users to gain privileges via unknown attack vectors. | ||||
| CVE-2006-0769 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors. | ||||
| CVE-2005-4552 | 1 Sun | 1 Solaris Pc Netlink | 2025-04-03 | N/A |
| The (1) slsmgr and (2) slsadmin programs in Sun Solaris PC NetLink 2.0 create temporary files insecurely, which allows local users to gain privileges. | ||||
| CVE-2005-4350 | 1 Sun | 1 Wbem Services | 2025-04-03 | N/A |
| Unspecified vulnerability in WBEM Services A.01.x before A.01.05.12 and A.02.x before A.02.00.08 on HP-UX B.11.00 through B.11.23 allows remote attackers to cause an unspecified denial of service via unknown attack vectors. | ||||
| CVE-2005-4045 | 1 Sun | 1 Java Communications Services Delegated Administrator | 2025-04-03 | N/A |
| Unspecified vulnerability in System Communications Services 6 Delegated Administrator 2005Q1 in Sun Java System Messaging Server 2005Q1 allows remote attackers to obtain the Top-Level Administrator (TLA) default password via unknown vectors, possibly involving configure_toplevel_admin.ldif. | ||||
| CVE-2005-3674 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2005-3583 | 1 Sun | 2 Jre, Sdk | 2025-04-03 | N/A |
| (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss. | ||||
| CVE-2005-3472 | 1 Sun | 1 Java System Communications Express | 2025-04-03 | N/A |
| Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. | ||||
| CVE-2005-3398 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. | ||||
| CVE-2005-3238 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors. | ||||