Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-26 | CVE-2006-6737 | Information Disclosure vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 5 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_10 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The first issue." network sun | 4.3 |
| 2006-12-26 | CVE-2006-6736 | Information Disclosure vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 6 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allows attackers to use untrusted applets to "access data in other applets," aka "The second issue." network sun | 4.3 |
| 2006-12-26 | CVE-2006-6731 | Buffer Overflow vulnerability in SUN Jdk, JRE and SDK Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to develop Java applets that read, write, or execute local files, possibly related to (1) integer overflows in the Java_sun_awt_image_ImagingLib_convolveBI, awt_parseRaster, and awt_parseColorModel functions; (2) a stack overflow in the Java_sun_awt_image_ImagingLib_lookupByteRaster function; and (3) improper handling of certain negative values in the Java_sun_font_SunLayoutEngine_nativeLayout function. | 9.3 |
| 2006-12-13 | CVE-2006-6495 | Local vulnerability in Sun Solaris LD.SO Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. local sun | 6.6 |
| 2006-12-13 | CVE-2006-6494 | Local vulnerability in Sun Solaris LD.SO Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. local sun | 6.6 |
| 2006-12-04 | CVE-2006-6275 | Race Condition vulnerability in SUN Solaris and Sunos Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals. | 4.7 |
| 2006-11-21 | CVE-2006-6009 | Information Disclosure vulnerability in SUN JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) Swing library in JDK and JRE 5.0 Update 7 and earlier allows attackers to obtain certain information via unknown attack vectors, related to an untrusted applet accessing data in other applets. | 5.0 |
| 2006-11-06 | CVE-2006-5726 | Local Denial of Service vulnerability in SUN Solaris 10.0 alloccgblk in the UFS filesystem in Solaris 10 allows local users to cause a denial of service (memory corruption) by mounting crafted UFS filesystems with malformed data structures. | 4.9 |
| 2006-11-03 | CVE-2006-5654 | Denial-Of-Service vulnerability in Java System Web Server Unspecified vulnerability in the Network Security Services (NSS) in Sun Java System Web Server 6.0 before SP 10 and ONE Application Server 7 before Update 3, when SSLv2 is enabled, allows remote authenticated users to cause a denial of service (application crash) via unspecified vectors. | 4.0 |
| 2006-11-03 | CVE-2006-5653 | Cross-Site Scripting vulnerability in SUN Java System Messenger Express 6 Cross-site scripting (XSS) vulnerability in the errorHTML function in the index script in Sun Java System Messenger Express 6 allows remote attackers to inject arbitrary web script or HTML via the error parameter. network sun | 4.3 |