Vulnerabilities (CVE)

Filtered by vendor Sun Subscribe
Filtered by product Solaris
Total 545 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-2137 1 Sun 2 Opensolaris, Solaris 2024-11-21 7.8 HIGH N/A
Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value.
CVE-2009-2136 1 Sun 2 Opensolaris, Solaris 2024-11-21 7.8 HIGH N/A
Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames.
CVE-2009-2135 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.9 MEDIUM N/A
Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions.
CVE-2009-2029 1 Sun 2 Opensolaris, Solaris 2024-11-21 5.0 MEDIUM N/A
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks.
CVE-2009-1933 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.7 MEDIUM N/A
Kerberos in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_117, does not properly manage credential caches, which allows local users to access Kerberized NFS mount points and Kerberized NFS shares via unspecified vectors.
CVE-2009-1673 1 Sun 1 Solaris 2024-11-21 4.9 MEDIUM N/A
The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat with a first argument of AT_FDCWD.
CVE-2009-1478 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.9 MEDIUM N/A
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors.
CVE-2009-1276 2 Gnome, Sun 3 Gnome, Opensolaris, Solaris 2024-11-21 2.1 LOW N/A
XScreenSaver in Sun Solaris 10 and OpenSolaris before snv_109, and Solaris 8 and 9 with GNOME 2.0 or 2.0.2, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, as demonstrated by Thunderbird new-mail notifications.
CVE-2009-1207 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.4 MEDIUM N/A
Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files.
CVE-2009-0926 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.9 MEDIUM N/A
Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732.
CVE-2009-0925 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.7 MEDIUM N/A
Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6425723.
CVE-2009-0924 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.7 MEDIUM N/A
Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712.
CVE-2009-0923 1 Sun 2 Opensolaris, Solaris 2024-11-21 7.8 HIGH N/A
Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server.
CVE-2009-0913 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.7 MEDIUM N/A
Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options.
CVE-2009-0875 1 Sun 2 Opensolaris, Solaris 2024-11-21 6.9 MEDIUM N/A
Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server.
CVE-2009-0874 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.9 MEDIUM N/A
Multiple unspecified vulnerabilities in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allow local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors including ones related to (1) an argument handling deadlock in a door server and (2) watchpoint problems in the door_call function.
CVE-2009-0873 1 Sun 3 Opensolaris, Solaris, Sunos 2024-11-21 6.8 MEDIUM N/A
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."
CVE-2009-0872 1 Sun 2 Opensolaris, Solaris 2024-11-21 6.8 MEDIUM N/A
The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes.
CVE-2009-0870 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.7 MEDIUM N/A
The NFSv4 Server module in the kernel in Sun Solaris 10, and OpenSolaris before snv_111, allow local users to cause a denial of service (infinite loop and system hang) by accessing an hsfs filesystem that is shared through NFSv4, related to the rfs4_op_readdir function.
CVE-2009-0868 3 Fujitsu, Microsoft, Sun 3 Jasmine2000, Windows, Solaris 2024-11-21 6.8 MEDIUM N/A
CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.