Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3583 | 1 Sun | 2 Jre, Sdk | 2025-04-03 | 7.8 HIGH | N/A |
| (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss. | |||||
| CVE-1999-0318 | 4 Hp, Ibm, Redhat and 1 more | 5 Hp-ux, Aix, Linux and 2 more | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. | |||||
| CVE-1999-0136 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. | |||||
| CVE-2005-2072 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT. | |||||
| CVE-2006-0769 | 1 Sun | 1 Solaris | 2025-04-03 | 7.2 HIGH | N/A |
| Unspecified vulnerability in in.rexecd in Solaris 10 allows local users to gain privileges on Kerberos systems via unknown attack vectors. | |||||
| CVE-2005-1973 | 1 Sun | 1 J2se | 2025-04-03 | 5.1 MEDIUM | N/A |
| Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges. | |||||
| CVE-2000-0210 | 1 Sun | 1 Workshop | 2025-04-03 | 1.2 LOW | N/A |
| The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files. | |||||
| CVE-2004-0800 | 2 Avaya, Sun | 4 Call Management System Server, Dtmail, Solaris and 1 more | 2025-04-03 | 4.6 MEDIUM | N/A |
| Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value. | |||||
| CVE-1999-0952 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris lpstat via class argument allows local users to gain root access. | |||||
| CVE-2001-0470 | 1 Sun | 1 Sunos | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name. | |||||
| CVE-1999-0786 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. | |||||
| CVE-2003-0970 | 1 Sun | 1 Sun Fire | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled. | |||||
| CVE-2005-1754 | 2 Apache Tomcat, Sun | 2 Apache Tomcat, Javamail | 2025-04-03 | 5.0 MEDIUM | N/A |
| JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products. | |||||
| CVE-1999-0321 | 1 Sun | 1 Solaris | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in Solaris kcms_configure command allows local users to gain root access. | |||||
| CVE-1999-0023 | 6 Bsdi, Freebsd, Ibm and 3 more | 10 Bsd Os, Freebsd, Aix and 7 more | 2025-04-03 | 7.2 HIGH | N/A |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. | |||||
| CVE-2002-1344 | 2 Gnu, Sun | 2 Wget, Cobalt Raq Xtr | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences. | |||||
| CVE-2006-3920 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 5.0 MEDIUM | N/A |
| The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm. | |||||
| CVE-1999-1413 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg. | |||||
| CVE-2004-0802 | 9 Conectiva, Enlightenment, Imagemagick and 6 more | 16 Linux, Imlib, Imlib2 and 13 more | 2025-04-03 | 5.1 MEDIUM | N/A |
| Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. | |||||
| CVE-2001-1307 | 1 Sun | 1 Iplanet Directory Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||