Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-05 | CVE-2009-2671 | Privilege Escalation vulnerability in SUN JDK and JRE The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to discover the username of the account that invoked an untrusted (1) applet or (2) Java Web Start application via unspecified vectors. | 5.0 |
| 2009-08-05 | CVE-2009-2670 | Permissions, Privileges, and Access Controls vulnerability in SUN JDK and JRE The audio system in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, does not prevent access to java.lang.System properties by (1) untrusted applets and (2) Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties. | 5.0 |
| 2009-08-03 | CVE-2009-2652 | Remote Denial of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris 10, and OpenSolaris snv_37 through snv_120, allows remote attackers to cause a denial of service (panic) via vectors involving the parsing of labeled packets. | 6.8 |
| 2009-07-29 | CVE-2009-2644 | Race Condition vulnerability in SUN Opensolaris and Solaris Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds." | 4.9 |
| 2009-07-27 | CVE-2009-2597 | Unspecified vulnerability in SUN Java System Access Manager Policy Agent 2.2 The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request. | 7.8 |
| 2009-07-27 | CVE-2009-2596 | Local Denial Of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members. local sun | 4.7 |
| 2009-07-16 | CVE-2009-2491 | Unspecified vulnerability in SUN RAY Server Software 4.0 The utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to access the sessions of arbitrary users via unknown vectors related to "resource leaks." local sun | 4.4 |
| 2009-07-16 | CVE-2009-2490 | Unspecified vulnerability in SUN RAY Server Software 4.0 Unspecified vulnerability in the utaudiod daemon in Sun Ray Server Software (SRSS) 4.0, when Solaris Trusted Extensions is enabled, allows local users to cause a denial of service (audio outage) or possibly gain privileges via unknown vectors related to "resource leaks." local sun | 1.9 |
| 2009-07-16 | CVE-2009-2489 | Unspecified vulnerability in SUN RAY Server Software 4.0 Unspecified vulnerability in the utdmsession program in Sun Ray Server Software (SRSS) 4.0 allows local users to access the sessions of arbitrary users via unknown vectors. | 2.1 |
| 2009-07-16 | CVE-2009-2488 | Unspecified vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the NFSv4 module in the kernel in Sun Solaris 10, and OpenSolaris snv_102 through snv_119, allows local users to cause a denial of service (client panic) via vectors involving "file operations." | 4.9 |