Filtered by vendor Sun
Subscribe
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5339 | 1 Sun | 3 Jdk, Jre, Sdk | 2017-09-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to perform network connections to unauthorized hosts via unknown vectors, aka CR 6727079. | |||||
| CVE-2008-5344 | 1 Sun | 3 Jdk, Jre, Sdk | 2017-09-29 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted applets to read arbitrary files and make unauthorized network connections via unknown vectors related to applet classloading, aka 6716217. | |||||
| CVE-2008-5010 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-29 | 10.0 HIGH | N/A |
| in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805. | |||||
| CVE-2008-5410 | 1 Sun | 1 Solaris | 2017-09-29 | 7.8 HIGH | N/A |
| The PK11_SESSION cache in the OpenSSL PKCS#11 engine in Sun Solaris 10 does not maintain reference counts for operations with asymmetric keys, which allows context-dependent attackers to cause a denial of service (failed cryptographic operations) via unspecified vectors, related to the (1) RSA_sign and (2) RSA_verify functions. | |||||
| CVE-2008-5340 | 1 Sun | 3 Jdk, Jre, Sdk | 2017-09-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in with Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows untrusted JWS applications to gain privileges to access local files or applications via unknown vectors, aka 6727081. | |||||
| CVE-2008-5347 | 1 Sun | 2 Jdk, Jre | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the (1) JAX-WS and (2) JAXB packages. | |||||
| CVE-2008-5684 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the Gnome session manager (aka gnome-session). | |||||
| CVE-2008-2538 | 1 Sun | 1 Solaris | 2017-09-29 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors. | |||||
| CVE-2008-2090 | 1 Sun | 1 Solaris | 2017-09-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet. | |||||
| CVE-2008-2089 | 1 Sun | 1 Solaris | 2017-09-29 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (panic) via a crafted SCTP packet. | |||||
| CVE-2008-3549 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-29 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris before snv_90 allows local users to cause a denial of service (system hang or panic) via unknown vectors. | |||||
| CVE-2008-3875 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-29 | 7.2 HIGH | N/A |
| The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors involving system calls. | |||||
| CVE-2008-2418 | 1 Sun | 1 Solaris | 2017-09-29 | 4.7 MEDIUM | N/A |
| Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | |||||
| CVE-2008-2706 | 1 Sun | 1 Solaris | 2017-09-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the event port implementation in Sun Solaris 10 allows local users to cause a denial of service (panic) by submitting and retrieving user-defined events, probably related to a NULL dereference. | |||||
| CVE-2008-1115 | 1 Sun | 1 Solaris | 2017-09-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a denial of service (panic) via an unspecified sequence of system calls or commands. | |||||
| CVE-2008-1684 | 1 Sun | 1 Solaris | 2017-09-29 | 4.7 MEDIUM | N/A |
| inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file. | |||||
| CVE-2008-0657 | 1 Sun | 2 Jdk, Jre | 2017-09-29 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges via an untrusted (1) application or (2) applet, as demonstrated by an application or applet that grants itself privileges to (a) read local files, (b) write to local files, or (c) execute local programs. | |||||
| CVE-2008-0933 | 1 Sun | 1 Solaris | 2017-09-29 | 4.7 MEDIUM | N/A |
| Multiple race conditions in the CPU Performance Counters (cpc) subsystem in the kernel in Sun Solaris 10 allow local users to cause a denial of service (panic) via unspecified vectors related to kcpc_unbind and kcpc_restore. | |||||
| CVE-2008-0242 | 1 Sun | 1 Solaris | 2017-09-29 | 7.2 HIGH | N/A |
| Unspecified vulnerability in libdevinfo in Sun Solaris 10 allows local users to access files and gain privileges via unknown vectors, related to login device permissions. | |||||
| CVE-2008-1779 | 1 Sun | 1 Solaris | 2017-09-29 | 6.8 MEDIUM | N/A |
| Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets. | |||||