Vulnerabilities > SUN
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-23 | CVE-2006-7028 | Denial-Of-Service vulnerability in Solaris Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. | 7.8 |
2007-02-21 | CVE-2007-1043 | Authentication Bypass vulnerability in Ezboo Webstats 3.0.3 Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. | 7.5 |
2007-02-14 | CVE-2007-0914 | Remote Denial of Service vulnerability in SUN Solaris 10.0 Race condition in the TCP subsystem for Solaris 10 allows remote attackers to cause a denial of service (system panic) via unknown vectors. network sun | 7.1 |
2007-02-13 | CVE-2007-0895 | Local Security vulnerability in Solaris Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a ".." directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435. | 2.6 |
2007-02-02 | CVE-2007-0668 | Local Denial of Service vulnerability in SUN Solaris 10.0 The Loopback Filesystem (LOFS) in Sun Solaris 10 allows local users in a non-global zone to move and rename files in a read-only filesystem, which could lead to a denial of service. | 6.2 |
2007-01-31 | CVE-2007-0634 | Remote Denial of Service vulnerability in SUN Solaris 10.0 Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets. | 7.8 |
2007-01-31 | CVE-2007-0628 | Cross-Site Scripting vulnerability in Sun Java System Access Manager Undisclosed Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. network sun | 4.3 |
2007-01-25 | CVE-2007-0503 | Local Arbitrary Command Execution vulnerability in Kodak Color Management System Utilities Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors. local sun | 6.9 |
2007-01-25 | CVE-2007-0482 | Unspecified vulnerability in SUN RAY Server Software 2.0/3.0 cgi-bin/main in Sun Ray Server Software 2.0 and 3.0 before 20070123 allows local users to obtain the utadmin password by reading a web server's log file, or by conducting a different, unspecified local attack. | 4.6 |
2007-01-24 | CVE-2007-0470 | Local Privilege Escalation vulnerability in Sun Solaris Tip Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors. | 7.2 |