Filtered by vendor Sun
Subscriptions
Filtered by product Solaris
Subscriptions
Total
545 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-0453 | 1 Sun | 2 Opensolaris, Solaris | 2018-10-10 | N/A |
| The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision. | ||||
| CVE-2009-4211 | 2 Disa, Sun | 2 Srr For Solaris, Solaris | 2018-10-10 | N/A |
| The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, which allows local users to gain privileges via a Trojan horse program. | ||||
| CVE-2001-1066 | 1 Sun | 1 Solaris | 2018-05-03 | N/A |
| ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2001-0686 | 1 Sun | 1 Solaris | 2018-05-03 | N/A |
| Buffer overflow in mail included with SunOS 5.8 for x86 allows a local user to gain privileges via a long HOME environment variable. | ||||
| CVE-2001-0526 | 1 Sun | 1 Solaris | 2018-05-03 | N/A |
| Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable. | ||||
| CVE-1999-1027 | 1 Sun | 1 Solaris | 2018-05-03 | N/A |
| Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. | ||||
| CVE-1999-1225 | 5 Digital, Linux, Netbsd and 2 more | 5 Ultrix, Linux Kernel, Netbsd and 2 more | 2017-12-19 | N/A |
| rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. | ||||
| CVE-2008-0730 | 1 Sun | 1 Solaris | 2017-11-21 | N/A |
| The (1) Simplified Chinese, (2) Traditional Chinese, (3) Korean, and (4) Thai language input methods in Sun Solaris 10 create files and directories with weak permissions under (a) .iiim/le and (b) .Xlocale in home directories, which might allow local users to write to, or read from, the home directories of other users. | ||||
| CVE-2007-3458 | 1 Sun | 1 Solaris | 2017-10-11 | N/A |
| The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors. | ||||
| CVE-2007-3283 | 1 Sun | 1 Solaris | 2017-10-11 | N/A |
| GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console. | ||||
| CVE-2007-3248 | 1 Sun | 1 Solaris | 2017-10-11 | N/A |
| Unspecified vulnerability in Sun Solaris 10 before 20070614, when IPv6 interfaces are present but not configured for IPsec, allows remote attackers to cause a denial of service (system crash) via certain network traffic. | ||||
| CVE-2007-3069 | 1 Sun | 1 Solaris | 2017-10-11 | N/A |
| xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session with Assistive Technology support is running, allows attackers with physical access to take control of the session after entering an Alt-Tab sequence. | ||||
| CVE-2007-2990 | 1 Sun | 1 Solaris | 2017-10-11 | N/A |
| Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file. | ||||
| CVE-2007-2989 | 1 Sun | 1 Solaris | 2017-10-11 | N/A |
| The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298. | ||||
| CVE-2007-2736 | 9 Achievo, Apple, Hp and 6 more | 18 Achievo, A Ux, Mac Os X and 15 more | 2017-10-11 | N/A |
| PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. | ||||
| CVE-2007-2617 | 1 Sun | 2 Net Connect Software, Solaris | 2017-10-11 | N/A |
| srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options. | ||||
| CVE-2007-0914 | 1 Sun | 1 Solaris | 2017-10-11 | N/A |
| Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors. | ||||
| CVE-2007-0668 | 1 Sun | 1 Solaris | 2017-10-11 | N/A |
| The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in a non-global zone to move and rename files in a read-only filesystem, which could lead to a denial of service. | ||||
| CVE-2007-0634 | 1 Sun | 1 Solaris | 2017-10-11 | N/A |
| Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets. | ||||
| CVE-2006-5396 | 1 Sun | 1 Solaris | 2017-10-11 | N/A |
| The tcp_fuse_rcv_drain function in the Sun Solaris 10 kernel before 20061017, when TCP Fusion is enabled, allows local users to cause a denial of service (system crash) via a TCP loopback connection with both endpoints on the same system. | ||||