Vulnerabilities > SUN > Opensolaris > snv.77

DATE CVE VULNERABILITY TITLE RISK
2010-04-21 CVE-2009-4774 Local Denial Of Service vulnerability in SUN Opensolaris and Solaris
Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225.
local
high complexity
sun
4.0
2010-02-05 CVE-2010-0558 Configuration vulnerability in SUN Opensolaris
The default configuration of Oracle OpenSolaris snv_77 through snv_131 allows attackers to have an unspecified impact via vectors related to using smbadm to join a Windows Active Directory domain.
network
low complexity
sun CWE-16
7.5
2010-02-03 CVE-2010-0453 Improper Input Validation vulnerability in SUN Opensolaris and Solaris
The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.
local
low complexity
sun CWE-20
4.9
2010-01-08 CVE-2010-0271 Permissions, Privileges, and Access Controls vulnerability in SUN Opensolaris
hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspecified attempts to write to the auditing log, which makes it easier for physically proximate attackers to avoid detection of changes to the set of connected hardware devices supporting the Hardware Abstraction Layer (HAL) specification.
local
low complexity
sun CWE-264
4.6
2009-11-06 CVE-2009-3899 Resource Management Errors vulnerability in SUN Opensolaris and Solaris
Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
network
low complexity
sun CWE-399
7.8
2009-11-02 CVE-2009-3839 Remote Privilege Escalation vulnerability in SUN Opensolaris and Solaris
Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server.
network
sun
6.8
2009-09-28 CVE-2009-3432 Local Information Disclosure vulnerability in SUN Opensolaris and Solaris
Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events.
local
sun
1.9
2009-09-24 CVE-2009-3390 Local Security vulnerability in OpenSolaris
Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library.
local
low complexity
sun
7.2
2009-09-14 CVE-2009-3183 Buffer Errors vulnerability in SUN Opensolaris and Solaris
Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors.
local
low complexity
sun CWE-119
7.2
2009-09-10 CVE-2009-3164 Denial-Of-Service vulnerability in SUN Opensolaris and Solaris
Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames.
network
sun
7.1