Filtered by vendor Sun
Subscriptions
Total
1711 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-0135 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. | ||||
| CVE-2005-3674 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Sun Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked crash) via certain crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||
| CVE-2005-3583 | 1 Sun | 2 Jre, Sdk | 2025-04-03 | N/A |
| (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss. | ||||
| CVE-2005-3269 | 1 Sun | 4 Java System Directory Proxy Server, Java System Directory Server, One Administration Server and 1 more | 2025-04-03 | N/A |
| Stack-based buffer overflow in help.cgi in the HTTP administrative interface for (1) Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, (2) Red Hat Directory Server and (3) Certificate Server before 7.1 SP1, (4) Sun ONE Directory Server 5.1 SP4 and earlier, and (5) Sun ONE Administration Server 5.2 allows remote attackers to cause a denial of service (admin server crash), or local users to gain root privileges. | ||||
| CVE-2005-3250 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Unknown vulnerability in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors related to the "/proc" filesystem, which trigger a null dereference. | ||||
| CVE-2005-3071 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS. | ||||
| CVE-2005-3001 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | ||||
| CVE-2005-2870 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses. | ||||
| CVE-2005-2738 | 1 Sun | 1 Java | 2025-04-03 | N/A |
| Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X does not prevent multiple programs from opening the same port as a Java ServerSocket, which allows local users to operate a Java program that intercepts network data intended for the ServerSocket of a different Java program. | ||||
| CVE-2005-3472 | 1 Sun | 1 Java System Communications Express | 2025-04-03 | N/A |
| Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. | ||||
| CVE-2005-2530 | 1 Sun | 1 Java | 2025-04-03 | N/A |
| Unspecified vulnerability in Java 1.3.1 before 1.3.1_16 on Apple Mac OS X allows an untrusted applet to gain privileges, related to "Mac OS X specific extensions." | ||||
| CVE-2005-2529 | 1 Sun | 1 Java | 2025-04-03 | N/A |
| Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to "the utility used to update Java shared archives." | ||||
| CVE-2005-2527 | 1 Sun | 1 Java | 2025-04-03 | N/A |
| Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack. | ||||
| CVE-2005-2094 | 1 Sun | 1 One Web Server | 2025-04-03 | N/A |
| Sun SunONE web server 6.1 SP1 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes SunONE to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." | ||||
| CVE-2005-2072 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT. | ||||
| CVE-2005-2071 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot). | ||||
| CVE-2005-2032 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | N/A |
| Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files. | ||||
| CVE-2005-1974 | 1 Sun | 1 J2se | 2025-04-03 | N/A |
| Unspecified vulnerability in Java 2 Platform, Standard Edition (J2SE) 5.0 and 5.0 Update 1 and J2SE 1.4.2 up to 1.4.2_07, as used in multiple products and platforms including (1) HP-UX and (2) APC PowerChute, allows applications to assign permissions to themselves and gain privileges. | ||||
| CVE-2005-1973 | 1 Sun | 1 J2se | 2025-04-03 | N/A |
| Java Web Start in Java 2 Platform Standard Edition (J2SE) 5.0 and 5.0 Update 1 allows applications to assign permissions to themselves and gain privileges. | ||||
| CVE-2005-1887 | 1 Sun | 1 Solaris | 2025-04-03 | N/A |
| Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges. | ||||