Vulnerabilities > SUN
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-09-29 | CVE-2009-3468 | Local Privilege Escalation vulnerability in SUN Solaris 10.0 Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory Access Control (MAC) policy via unknown vectors, related to a menu typo and the Style Manager. local sun | 6.9 |
2009-09-28 | CVE-2009-3433 | Local Privilege Escalation vulnerability in SUN Cluster 3.2 Unspecified vulnerability in clsetup in the configuration utility in Sun Solaris Cluster 3.2 allows local users to gain privileges via unknown vectors. | 7.2 |
2009-09-28 | CVE-2009-3432 | Local Information Disclosure vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in xscreensaver in Sun Solaris 10, and OpenSolaris before snv_112, when Xorg or Xnewt is used and RandR is enabled, allows physically proximate attackers to read a locked screen via unknown vectors related to XRandR resize events. local sun | 1.9 |
2009-09-24 | CVE-2009-3390 | Local Security vulnerability in OpenSolaris Multiple unspecified vulnerabilities in the (1) iscsiadm and (2) iscsitadm programs in Sun Solaris 10, and OpenSolaris snv_28 through snv_109, allow local users with certain RBAC execution profiles to gain privileges via unknown vectors related to the libima library. | 7.2 |
2009-09-14 | CVE-2009-3183 | Buffer Errors vulnerability in SUN Opensolaris and Solaris Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors. | 7.2 |
2009-09-10 | CVE-2009-3164 | Denial-Of-Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. network sun | 7.1 |
2009-09-08 | CVE-2009-2139 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SUN Openoffice.Org Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allows remote attackers to execute arbitrary code via a crafted EMF file, a similar issue to CVE-2008-2238. | 9.3 |
2009-09-08 | CVE-2009-3101 | Resource Management Errors vulnerability in SUN Opensolaris xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and OpenSolaris snv_109 through snv_122, does not properly handle Trusted Extensions, which allows local users to cause a denial of service (CPU consumption and console hang) by locking the screen, related to a regression in certain Solaris and OpenSolaris patches. | 4.9 |
2009-09-08 | CVE-2009-3100 | Denial-Of-Service vulnerability in OpenSolaris xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches. | 4.0 |
2009-09-02 | CVE-2009-3048 | Improper Input Validation vulnerability in Opera Browser Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file." | 4.3 |