Vulnerabilities > SUN
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-03-15 | CVE-2002-0084 | Unspecified vulnerability in SUN Solaris and Sunos Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument. | 7.2 |
2002-03-15 | CVE-2002-0058 | Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK. | 5.0 |
2001-12-31 | CVE-2001-1583 | OS Command Injection vulnerability in SUN Sunos lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. | 10.0 |
2001-12-31 | CVE-2001-1582 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SUN Solaris and Sunos Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap. | 7.2 |
2001-12-31 | CVE-2001-1555 | Unspecified vulnerability in SUN Solaris and Sunos pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY. | 4.6 |
2001-12-31 | CVE-2001-1503 | Information Disclosure vulnerability in Solaris in.fingerd The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host. | 2.1 |
2001-12-31 | CVE-2001-1480 | Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard. | 7.5 |
2001-12-31 | CVE-2001-1479 | Unspecified vulnerability in SUN Management+Center 2.0 smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows local users to delete arbitrary files via a symlink attack on /tmp/smc$SMC_PORT. | 2.1 |
2001-12-12 | CVE-2001-0797 | Buffer Overflow vulnerability in Multiple Vendor System V Derived 'login' Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. | 10.0 |
2001-11-26 | CVE-2001-0922 | Unspecified vulnerability in SUN Netdynamics ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in. | 7.5 |