Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-06-06 | CVE-2007-3093 | Remote Privilege Escalation vulnerability in Sun Solaris Management Console Logging Mechanism Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server. | 10.0 |
| 2007-06-06 | CVE-2007-3069 | Local Arbitrary Command Execution vulnerability in SUN Solaris 10.0 xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session with Assistive Technology support is running, allows attackers with physical access to take control of the session after entering an Alt-Tab sequence. | 4.6 |
| 2007-06-01 | CVE-2007-2990 | Local Denial of Service vulnerability in SUN Solaris 10.0 Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file. | 4.9 |
| 2007-06-01 | CVE-2007-2989 | Denial of Service vulnerability in SUN Solaris 9.0 The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. | 7.8 |
| 2007-05-30 | CVE-2007-2906 | Denial-Of-Service vulnerability in SUN Java Embedding Plugin 0.9.6.1 Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a denial of service (browser crash) via a Thread subclass that calls super.run from its run method. | 5.0 |
| 2007-05-30 | CVE-2007-2904 | Cross-Site Scripting vulnerability in Java System Messaging Server Cross-site scripting (XSS) vulnerability in Sun Java System Messaging Server 6.0 through 6.3, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly a related issue to CVE-2006-5653. network sun | 4.3 |
| 2007-05-30 | CVE-2007-2882 | Denial of Service vulnerability in Sun Solaris NFS Client Module ACL(2) Packets Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets. | 5.0 |
| 2007-05-29 | CVE-2007-2881 | Buffer Overflow vulnerability in Sun Java Web Proxy Server Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation. | 10.0 |
| 2007-05-22 | CVE-2007-2789 | Resource Management Errors vulnerability in SUN Jdk, JRE and SDK The BMP image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier, when running on Unix/Linux systems, allows remote attackers to cause a denial of service (JVM hang) via untrusted applets or applications that open arbitrary local files via a crafted BMP file, such as /dev/tty. | 4.3 |
| 2007-05-22 | CVE-2007-2788 | Numeric Errors vulnerability in SUN Jdk, JRE and SDK Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow. | 6.8 |