Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-07-01 | CVE-2009-2268 | Cross-Site Scripting vulnerability in SUN Java System Access Manager Cross-site scripting (XSS) vulnerability in the Cross-Domain Controller (CDC) servlet in Sun Java System Access Manager 6 2005Q1, 7 2005Q4, and 7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2.6 |
| 2009-06-25 | CVE-2009-2187 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Multiple memory leaks in the (1) IP and (2) IPv6 multicast implementation in the kernel in Sun Solaris 10, and OpenSolaris snv_67 through snv_93, allow local users to cause a denial of service (memory consumption) via vectors related to the association of (a) DL_ENABMULTI_REQ and (b) DL_DISABMULTI_REQ messages with ARP messages. | 4.9 |
| 2009-06-19 | CVE-2009-2137 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Memory leak in the Ultra-SPARC T2 crypto provider device driver (aka n2cp) in Sun Solaris 10, and OpenSolaris snv_54 through snv_112, allows context-dependent attackers to cause a denial of service (memory consumption) via unspecified vectors related to a large keylen value. | 7.8 |
| 2009-06-19 | CVE-2009-2136 | Unspecified vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the TCP/IP networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_117, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. | 7.8 |
| 2009-06-19 | CVE-2009-2135 | Race Condition vulnerability in SUN Opensolaris and Solaris Multiple race conditions in the Solaris Event Port API in Sun Solaris 10 and OpenSolaris before snv_107 allow local users to cause a denial of service (panic) via unspecified vectors related to a race between the port_dissociate and close functions. | 4.9 |
| 2009-06-16 | CVE-2009-1719 | Code Injection vulnerability in SUN JRE 1.5.0/1.5.011B03 The Aqua Look and Feel for Java implementation in Java 1.5 on Mac OS X 10.5 allows remote attackers to execute arbitrary code via a call to the undocumented apple.laf.CColourUIResource constructor with a crafted value in the first argument, which is dereferenced as a pointer. | 7.5 |
| 2009-06-11 | CVE-2009-2031 | Information Exposure vulnerability in SUN Opensolaris smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes. | 2.1 |
| 2009-06-11 | CVE-2009-2030 | Security vulnerability in IBM OS/400 JVA-RUN JDK6.0 XML Digital Signature Unspecified vulnerability in the XML Digital Signature verification functionality in JVA-RUN in JDK 6.0 in IBM OS/400 i5/OS V5R4M0 and V6R1M0 has unknown impact and attack vectors related to "XML SECURITY PATCH." | 10.0 |
| 2009-06-11 | CVE-2009-2029 | Remote Denial Of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. | 5.0 |
| 2009-06-09 | CVE-2009-2012 | Local Denial Of Service vulnerability in Sun OpenSolaris 'idmap(1M)' Unspecified vulnerability in idmap in Sun OpenSolaris snv_88 through snv_110, when a CIFS server is enabled, allows local users to cause a denial of service (idpmapd daemon crash and idmapd outage) via unknown vectors. local sun | 1.9 |