Filtered by vendor Sun
Subscribe
Total
1712 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-2071 | 1 Sun | 1 Solaris | 2024-11-20 | 4.6 MEDIUM | N/A |
| traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot). | |||||
| CVE-2005-2032 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 2.1 LOW | N/A |
| Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files. | |||||
| CVE-2005-2022 | 1 Sun | 2 Iplanet Messaging Server, One Messaging Server | 2024-11-20 | 4.3 MEDIUM | N/A |
| Unknown vulnerability in Webmail in iPlanet Messaging Server 5.2 Patch 1 and Sun ONE Messaging Server 6.2 allows remote attackers to execute arbitrary Javascript, possibly due to a cross-site scripting (XSS) vulnerability. | |||||
| CVE-2005-1974 | 1 Sun | 1 J2se | 2024-11-20 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges. | |||||
| CVE-2005-1973 | 1 Sun | 1 J2se | 2024-11-20 | 5.1 MEDIUM | N/A |
| Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges. | |||||
| CVE-2005-1889 | 1 Sun | 1 Java System Web Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files. | |||||
| CVE-2005-1887 | 1 Sun | 1 Solaris | 2024-11-20 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges. | |||||
| CVE-2005-1754 | 2 Apache Tomcat, Sun | 2 Apache Tomcat, Javamail | 2024-11-20 | 5.0 MEDIUM | N/A |
| JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to read arbitrary files via a full pathname in the argument to the Download parameter. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products. | |||||
| CVE-2005-1753 | 1 Sun | 1 Javamail | 2024-11-20 | 5.0 MEDIUM | N/A |
| ReadMessage.jsp in JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote attackers to view other users' e-mail attachments via a direct request to /mailboxesdir/username@domainname. NOTE: Sun and Apache dispute this issue. Sun states: "The report makes references to source code and files that do not exist in the mentioned products. | |||||
| CVE-2005-1609 | 1 Sun | 1 Storedge 6130 Arrays | 2024-11-20 | 7.5 HIGH | N/A |
| Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial numbers between 0451AWF00G and 0513AWF00J allows local users and remote attackers to delete data. | |||||
| CVE-2005-1591 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in NIS+ on Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (rpc.nisd disabled and NIS+ unavailable) via unknown vectors. | |||||
| CVE-2005-1518 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 2.1 LOW | N/A |
| Unknown vulnerability in Solaris 7 through 9, when using Federated Naming Services (FNS), autofs, and FNS X.500 configuration, allows local users to cause a denial of service (automountd crash) when "accessing" /xfn/_x500. | |||||
| CVE-2005-1232 | 1 Sun | 1 Java System Web Proxy Server | 2024-11-20 | 7.5 HIGH | N/A |
| Buffer overflow in Sun Java System Web Proxy Server (aka Sun ONE Proxy Server) 3.6 SP6 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2005-1150 | 1 Sun | 1 Java System Web Server | 2024-11-20 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier, when running on Windows systems, allows attackers to cause a denial of service (hang). | |||||
| CVE-2005-1124 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 4.6 MEDIUM | N/A |
| Unknown vulnerability in the libgss Generic Security Services Library in Solaris 7, 8, and 9 allows local users to gain privileges by loading their own GSS-API. | |||||
| CVE-2005-1105 | 1 Sun | 1 Javamail | 2024-11-20 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the MimeBodyPart.getFileName method in JavaMail 1.3.2 allows remote attackers to write arbitrary files via a .. (dot dot) in the filename in the Content-Disposition header. | |||||
| CVE-2005-1080 | 1 Sun | 1 Sdk | 2024-11-20 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file. | |||||
| CVE-2005-0836 | 1 Sun | 1 J2se | 2024-11-20 | 10.0 HIGH | N/A |
| Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. | |||||
| CVE-2005-0816 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | 7.2 HIGH | N/A |
| Buffer overflow in newgrp in Solaris 7 through 9 allows local users to gain root privileges. | |||||
| CVE-2005-0742 | 1 Sun | 1 Java System Application Server | 2024-11-20 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||