Filtered by vendor Sun
Subscribe
Search
Total
1718 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0569 | 2 Sun, Xerox | 2 Sunos, Freeflow Print Server | 2017-09-19 | 3.3 LOW | N/A |
| Unspecified vulnerability Oracle Sun Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Install/smpatch. | |||||
| CVE-2011-0706 | 2 Redhat, Sun | 2 Icedtea-web, Jdk | 2017-09-19 | 7.5 HIGH | N/A |
| The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descriptor." | |||||
| CVE-2010-3555 | 1 Sun | 2 Jdk, Jre | 2017-09-19 | 9.3 HIGH | N/A |
| Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that the ActiveX Plugin does not properly initialize an object field that is used as a window handle, which allows attackers to execute arbitrary code. | |||||
| CVE-2010-3552 | 1 Sun | 2 Jdk, Jre | 2017-09-19 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2010-4422 | 1 Sun | 2 Jdk, Jre | 2017-09-19 | 7.6 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | |||||
| CVE-2010-3560 | 1 Sun | 2 Jdk, Jre | 2017-09-19 | 2.6 LOW | N/A |
| Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality via unknown vectors. | |||||
| CVE-2010-3563 | 1 Sun | 2 Jdk, Jre | 2017-09-19 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to "how Web Start retrieves security policies," BasicServiceImpl, and forged policies that bypass sandbox restrictions. | |||||
| CVE-2010-3558 | 1 Sun | 2 Jdk, Jre | 2017-09-19 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2010-3570 | 1 Sun | 2 Jdk, Jre | 2017-09-19 | 7.6 HIGH | N/A |
| Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2010-0310 | 1 Sun | 1 Solaris | 2017-09-19 | 6.8 MEDIUM | N/A |
| Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates. | |||||
| CVE-2009-2715 | 1 Sun | 1 Virtualbox | 2017-09-19 | 4.9 MEDIUM | N/A |
| Sun VirtualBox 2.2 through 3.0.2 r49928 allows guest OS users to cause a denial of service (Linux host OS reboot) via a sysenter instruction. | |||||
| CVE-2009-2714 | 1 Sun | 1 Virtualbox | 2017-09-19 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 allows guest OS users to cause a denial of service (host OS reboot) via unknown vectors. | |||||
| CVE-2009-2711 | 2 Sun, X.org | 3 Opensolaris, Solaris, X11 | 2017-09-19 | 4.9 MEDIUM | N/A |
| XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276. | |||||
| CVE-2009-2912 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-19 | 4.9 MEDIUM | N/A |
| The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls. | |||||
| CVE-2009-2690 | 1 Sun | 2 Java Se, Openjdk | 2017-09-19 | 5.0 MEDIUM | N/A |
| The encoder in Sun Java SE 6 before Update 15, and OpenJDK, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information via an untrusted (1) applet or (2) application. | |||||
| CVE-2009-3866 | 1 Sun | 2 Jdk, Jre | 2017-09-19 | 9.3 HIGH | N/A |
| The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers to execute arbitrary code by modifying a certain JNLP file to have a URL field that points to an unintended trusted application, aka Bug Id 6872824. | |||||
| CVE-2009-3839 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-19 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server. | |||||
| CVE-2009-2475 | 1 Sun | 2 Java Se, Openjdk | 2017-09-19 | 7.8 HIGH | N/A |
| Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS, a different vulnerability than CVE-2009-2673. | |||||
| CVE-2009-2476 | 1 Sun | 2 Java Se, Openjdk | 2017-09-19 | 10.0 HIGH | N/A |
| The Java Management Extensions (JMX) implementation in Sun Java SE 6 before Update 15, and OpenJDK, does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object. | |||||
| CVE-2009-2486 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-19 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the SCTP implementation in Sun Solaris 10, and OpenSolaris before snv_120, allows remote attackers to cause a denial of service (panic) via unspecified packets. | |||||
| CVE-2009-3746 | 1 Sun | 1 Solaris | 2017-09-19 | 1.9 LOW | N/A |
| XScreenSaver in Sun Solaris 10, when the accessibility feature is enabled, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276 and CVE-2009-2711. | |||||
| CVE-2009-3729 | 1 Sun | 1 Jre | 2017-09-19 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in the TrueType font parsing functionality in Sun Java SE 5.0 before Update 22 and 6 before Update 17 allows remote attackers to cause a denial of service (application crash) via a certain test suite, aka Bug Id 6815780. | |||||
| CVE-2009-3884 | 1 Sun | 2 Jre, Openjdk | 2017-09-19 | 5.0 MEDIUM | N/A |
| The TimeZone.getTimeZone method in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, allows remote attackers to determine the existence of local files via vectors related to handling of zoneinfo (aka tz) files, aka Bug Id 6824265. | |||||
| CVE-2009-3048 | 4 Conectiva, Freebsd, Opera and 1 more | 4 Linux, Freebsd, Opera Browser and 1 more | 2017-09-19 | 4.3 MEDIUM | N/A |
| Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file." | |||||
| CVE-2009-2644 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-19 | 4.9 MEDIUM | N/A |
| Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds." | |||||
| CVE-2009-3851 | 1 Sun | 1 Solaris | 2017-09-19 | 7.2 HIGH | N/A |
| Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the "restart daemon." | |||||
| CVE-2009-2972 | 1 Sun | 1 Solaris | 2017-09-19 | 7.8 HIGH | N/A |
| in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb." | |||||
| CVE-2009-2952 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-19 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the pollwakeup function in Sun Solaris 10, and OpenSolaris before snv_51, allows local users to cause a denial of service (panic) via unknown vectors. | |||||
| CVE-2009-2689 | 1 Sun | 2 Java Se, Openjdk | 2017-09-19 | 10.0 HIGH | N/A |
| JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an untrusted (1) applet or (2) application. | |||||
| CVE-2009-2857 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-19 | 4.9 MEDIUM | N/A |
| The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file. | |||||
| CVE-2009-3880 | 1 Sun | 2 Jre, Openjdk | 2017-09-19 | 5.0 MEDIUM | N/A |
| The Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not properly restrict the objects that may be sent to loggers, which allows attackers to obtain sensitive information via vectors related to the implementation of Component, KeyboardFocusManager, and DefaultKeyboardFocusManager, aka Bug Id 6664512. | |||||
| CVE-2009-2487 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-19 | 7.8 HIGH | N/A |
| Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors. | |||||
| CVE-2009-2488 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-19 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the NFSv4 module in the kernel in Sun Solaris 10, and OpenSolaris snv_102 through snv_119, allows local users to cause a denial of service (client panic) via vectors involving "file operations." | |||||
| CVE-2009-3879 | 1 Sun | 2 Jre, Openjdk | 2017-09-19 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in the (1) X11 and (2) Win32GraphicsDevice subsystems in Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, have unknown impact and attack vectors, related to failure to clone arrays that are returned by the getConfigurations function, aka Bug Id 6822057. | |||||
| CVE-2009-3549 | 2 Sun, Wireshark | 2 Sparc, Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. | |||||
| CVE-2009-3885 | 2 Microsoft, Sun | 2 Windows, Jre | 2017-09-19 | 5.0 MEDIUM | N/A |
| Sun Java SE 5.0 before Update 22 and 6 before Update 17 on Windows allows remote attackers to cause a denial of service via a BMP file containing a link to a UNC share pathname for an International Color Consortium (ICC) profile file, probably a related issue to CVE-2007-2789, aka Bug Id 6632445. | |||||
| CVE-2009-3886 | 1 Sun | 1 Jre | 2017-09-19 | 7.5 HIGH | N/A |
| The Java Web Start implementation in Sun Java SE 6 before Update 17 does not properly handle the interaction between a signed JAR file and a JNLP (1) application or (2) applet, which has unspecified impact and attack vectors, related to a "regression," aka Bug Id 6870531. | |||||
| CVE-2009-3899 | 1 Sun | 2 Opensolaris, Solaris | 2017-09-19 | 7.8 HIGH | N/A |
| Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | |||||
| CVE-2009-3881 | 1 Sun | 2 Jre, Openjdk | 2017-09-19 | 7.5 HIGH | N/A |
| Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the existence of children of a resurrected ClassLoader, which allows remote attackers to gain privileges via unspecified vectors, related to an "information leak vulnerability," aka Bug Id 6636650. | |||||
| CVE-2015-0397 | 1 Sun | 1 Sunos | 2017-09-08 | 2.1 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unknown vectors related to File System, a different vulnerability than CVE-2014-6570 and CVE-2014-6600. | |||||
| CVE-2015-0428 | 1 Sun | 1 Sunos | 2017-09-08 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Resource Control. | |||||
| CVE-2015-0430 | 1 Sun | 1 Sunos | 2017-09-08 | 1.9 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality via vectors related to RPC Utility. | |||||
| CVE-2015-0375 | 1 Sun | 1 Sunos | 2017-09-08 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network. | |||||
| CVE-2015-0429 | 1 Sun | 1 Sunos | 2017-09-08 | 3.3 LOW | N/A |
| Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to RPC Utility. | |||||
| CVE-2014-0390 | 1 Sun | 1 Sunos | 2017-08-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Java Web Console. | |||||
| CVE-2013-5821 | 2 Oracle, Sun | 2 Sunos, Sunos | 2017-08-29 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11.1 allows local users to affect confidentiality, integrity, and availability via vectors related to RPC. | |||||
| CVE-2013-3765 | 1 Sun | 1 Sunos | 2017-08-29 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Kernel/VM. | |||||
| CVE-2013-5883 | 1 Sun | 1 Sunos | 2017-08-29 | 3.2 LOW | N/A |
| Unspecified vulnerability in Oracle Solaris 8 allows local users to affect integrity and availability via unknown vectors related to Kernel. | |||||
| CVE-2013-5834 | 1 Sun | 1 Sunos | 2017-08-29 | 6.2 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 8 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to ps. | |||||
| CVE-2013-3797 | 1 Sun | 1 Sunos | 2017-08-29 | 4.7 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 11 allows local users to affect availability via unknown vectors related to Filesystem/DevFS. | |||||