Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-02-23 | CVE-2004-0481 | Unspecified vulnerability in SUN Solaris and Sunos The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary files via a symlink attack on the KCS_ClogFile file. | 2.1 |
| 2005-02-15 | CVE-2005-0447 | Remote Denial Of Service vulnerability in Sun Solaris ARP Handling Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets. | 5.0 |
| 2005-01-10 | CVE-2004-1170 | a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. | 10.0 |
| 2004-12-31 | CVE-2004-2759 | Information Disclosure vulnerability in Sun StorEdge Sparse File Shared Sun StorEdge QFS and SAM-QFS file systems, as used in Utilization Suite 4.0 through 4.1 and Performance Suite 4.0 through 4.1, might allow local users to read portions of deleted files by accessing data within sparse files. | 2.1 |
| 2004-12-31 | CVE-2004-2758 | Denial-Of-Service vulnerability in Sunforum 3.2/3D1.0 Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | 7.5 |
| 2004-12-31 | CVE-2004-2686 | Path Traversal vulnerability in SUN Solaris and Sunos Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. | 7.2 |
| 2004-12-31 | CVE-2004-2641 | Remote TOS IP Packet Denial Of Service vulnerability in Sun Fire/Netra Unspecified vulnerability in Sun Fire 3800/4800/4810/6800, Sun Fire V1280, and Netra 1280 allows remote attackers to cause a denial of service (system controller hang) via IP Packets With Type of Service (TOS) Bits set. | 5.0 |
| 2004-12-31 | CVE-2004-2627 | Remote Security vulnerability in Java 2 Micro Edition Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code. | 10.0 |
| 2004-12-31 | CVE-2004-2540 | Denial-Of-Service vulnerability in SUN JDK and JRE readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data. | 5.0 |
| 2004-12-31 | CVE-2004-2393 | Unspecified vulnerability in SUN Jsse 1.0.3/1.0.301/1.0.302 Java Secure Socket Extension (JSSE) 1.0.3 through 1.0.3_2 does not properly validate the certificate chain of a client or server, which allows remote attackers to falsely authenticate peers for SSL/TLS. | 7.5 |