Vulnerabilities (CVE)

Filtered by vendor Sun Subscribe
Filtered by product Solaris
Total 545 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-0857 1 Sun 2 Management Center, Solaris 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console.
CVE-2009-0601 6 Apple, Freebsd, Linux and 3 more 6 Mac Os X, Freebsd, Linux Kernel and 3 more 2024-11-21 2.1 LOW N/A
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
CVE-2009-0480 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.9 MEDIUM N/A
The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by opening a large number of sockets.
CVE-2009-0346 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.9 MEDIUM N/A
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IPsec protection.
CVE-2009-0319 1 Sun 2 Opensolaris, Solaris 2024-11-21 6.9 MEDIUM N/A
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr processing problems."
CVE-2009-0304 1 Sun 2 Opensolaris, Solaris 2024-11-21 7.8 HIGH N/A
The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an "insufficient validation security vulnerability," as demonstrated by SunOSipv6.c.
CVE-2009-0268 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.9 MEDIUM N/A
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in ptc and ptsl.
CVE-2009-0267 1 Sun 2 Opensolaris, Solaris 2024-11-21 5.0 MEDIUM N/A
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.
CVE-2009-0168 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.9 MEDIUM N/A
Unspecified vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to a failure to "include all cache files," and improper handling of temporary files.
CVE-2009-0167 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.7 MEDIUM N/A
Unspecified vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 allows local users to cause a denial of service via unspecified vectors, related to enumeration of "wrong printers," aka a "Temporary file vulnerability."
CVE-2009-0132 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.9 MEDIUM N/A
Integer overflow in the aio_suspend function in Sun Solaris 8 through 10 and OpenSolaris, when 32-bit mode is enabled, allows local users to cause a denial of service (panic) via a large integer value in the second argument (aka nent argument).
CVE-2009-0069 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.9 MEDIUM N/A
Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors.
CVE-2008-6024 1 Sun 2 Opensolaris, Solaris 2024-11-21 5.4 MEDIUM N/A
Unspecified vulnerability in the NFSv4 client module in the kernel on Sun Solaris 10 and OpenSolaris before snv_37, when automountd is used, allows user-assisted remote attackers to cause a denial of service (unresponsive NFS filesystems) via unknown vectors.
CVE-2008-5746 1 Sun 2 Snmp Management Agent, Solaris 2024-11-21 6.9 MEDIUM N/A
Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on temporary files.
CVE-2008-5699 1 Sun 2 Opensolaris, Solaris 2024-11-21 4.6 MEDIUM N/A
The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors.
CVE-2008-5690 1 Sun 2 Opensolaris, Solaris 2024-11-21 2.1 LOW N/A
The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5.
CVE-2008-5689 1 Sun 2 Opensolaris, Solaris 2024-11-21 7.2 HIGH N/A
tun in IP Tunnel in Solaris 10 and OpenSolaris snv_01 through snv_76 allows local users to cause a denial of service (panic) and possibly execute arbitrary code via a crafted SIOCGTUNPARAM IOCTL request, which triggers a NULL pointer dereference.
CVE-2008-5684 1 Sun 2 Opensolaris, Solaris 2024-11-21 5.0 MEDIUM N/A
Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port scan that triggers a segmentation violation in the Gnome session manager (aka gnome-session).
CVE-2008-5661 1 Sun 2 Opensolaris, Solaris 2024-11-21 5.4 MEDIUM N/A
The IPv4 Forwarding feature in Sun Solaris 10 and OpenSolaris snv_47 through snv_82, with certain patches installed, allows remote attackers to cause a denial of service (panic) via unknown vectors that trigger a NULL pointer dereference.
CVE-2008-5550 1 Sun 3 Java Web Console, Solaris, Sunos 2024-11-21 4.3 MEDIUM N/A
Open redirect vulnerability in console/faces/jsp/login/BeginLogin.jsp in Sun Java Web Console 3.0.2 through 3.0.5 and Solaris 10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the redirect_url parameter.