| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| aspppd on Solaris 2.5 x86 allows local users to modify arbitrary files and gain root privileges via a symlink attack on the /tmp/.asppp.fifo file. |
| Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary applications via unknown attack vectors, a different set of vulnerabilities than CVE-2005-3905. NOTE: this is associated with the "second and third issues" identified in SUNALERT:102003. |
| Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges. |
| Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash. |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. |
| The crypto provider in Sun Solaris 10 3/05 HW2 without patch 121236-01, when running on Sun Fire T2000 platforms, incorrectly verifies a DSA signature, which might prevent applications from detecting that the data has been modified. |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd. |
| (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss. |
| Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. |
| Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena to allocate a large amount of system memory that does not get freed. |
| Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. |
| Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI. |
| The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. |
| The WorkMan program can be used to overwrite any file to get root access. |
| The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. |
| Cross-site scripting (XSS) vulnerability in Solaris AnswerBook2 Documentation 1.4.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the "View Log Files" function. |
| Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference. |
| Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL. |
| Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors. |
| Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code. |
