Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2306 | Unspecified vulnerability in SUN Solaris and Sunos Sun Solaris 7 through 9, when Basic Security Module (BSM) is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the audit_warn script, which might allow attackers to escape detection. | 4.6 |
| 2004-12-31 | CVE-2004-2216 | Remote Denial Of Service vulnerability in SUN products Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate. | 5.0 |
| 2004-12-31 | CVE-2004-1767 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris and Sunos The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function. | 7.2 |
| 2004-12-31 | CVE-2004-1503 | Remote Denial Of Service vulnerability in Sun Java Runtime Environment InitialDirContext Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative. | 5.0 |
| 2004-12-31 | CVE-2004-1394 | Unspecified vulnerability in SUN Solaris and Sunos The pfexec function for Sun Solaris 8 and 9 does not properly handle when a custom profile contains an invalid entry in the exec_attr database, which may allow local users with custom rights profiles to execute profile commands with additional privileges. | 4.6 |
| 2004-12-31 | CVE-2004-1393 | Denial Of Service vulnerability in Sun Solaris TCSetAttr System Hang Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). | 5.0 |
| 2004-12-31 | CVE-2004-0826 | Remote Heap Overflow vulnerability in Mozilla Network Security Services Library Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. | 7.5 |
| 2004-12-31 | CVE-2004-0817 | BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2 Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. network low complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu | 7.5 |
| 2004-12-31 | CVE-2004-0802 | BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2 Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. network high complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu | 5.1 |
| 2004-12-31 | CVE-2004-0780 | Local Buffer Overflow vulnerability in Sun Solaris UUSTAT Buffer overflow in uustat in Sun Solaris 8 and 9 allows local users to execute arbitrary code via a long -S command line argument. | 7.2 |