Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2001-03-12 | CVE-2001-0115 | Unspecified vulnerability in SUN Solaris and Sunos Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter. | 7.2 |
| 2001-02-12 | CVE-2001-0095 | Unspecified vulnerability in SUN Sunos 5.7/5.8 catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file. | 1.2 |
| 2001-02-12 | CVE-2001-0078 | Unspecified vulnerability in SUN Cluster 2.0 in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the status file of a host running HA-NFS. | 2.1 |
| 2001-02-12 | CVE-2001-0077 | Unspecified vulnerability in SUN Cluster 2.0 The clustmon service in Sun Cluster 2.x does not require authentication, which allows remote attackers to obtain sensitive information such as system logs and cluster configurations. | 5.0 |
| 2001-02-12 | CVE-2001-0059 | Unspecified vulnerability in SUN Sunos 5.7 patchadd in Solaris allows local users to overwrite arbitrary files via a symlink attack. | 6.2 |
| 2001-01-09 | CVE-2000-1156 | Symbolic Link vulnerability in SUN Staroffice 5.2 StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice. | 3.6 |
| 2001-01-09 | CVE-2000-1099 | Unspecified vulnerability in SUN JDK Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities. | 5.1 |
| 2000-12-19 | CVE-2000-0958 | Unspecified vulnerability in SUN Hotjava Browser 3.0 HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript: URL in a named window. | 5.0 |
| 2000-12-19 | CVE-2000-0949 | Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option. | 7.2 |
| 2000-12-11 | CVE-2000-1076 | Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | 10.0 |