Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-03-23 | CVE-2009-0733 | Out-of-bounds Write vulnerability in multiple products Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions. | 9.3 |
| 2009-03-23 | CVE-2009-0723 | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. | 9.3 |
| 2009-03-17 | CVE-2009-0926 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the UFS filesystem functionality in Sun OpenSolaris snv_86 through snv_91, when running in 32-bit mode on x86 systems, allows local users to cause a denial of service (panic) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6679732. | 4.9 |
| 2009-03-17 | CVE-2009-0925 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in Sun Solaris 10 on SPARC sun4v systems, and OpenSolaris snv_47 through snv_85, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6425723. | 4.7 |
| 2009-03-17 | CVE-2009-0924 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712. | 4.7 |
| 2009-03-17 | CVE-2009-0923 | Remote Denial Of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris snv_01 through snv_110 allows remote attackers to cause a denial of service (loss of incremental propagation requests to slave KDC servers) via unknown vectors related to the master Key Distribution Center (KDC) server. | 7.8 |
| 2009-03-16 | CVE-2009-0913 | Local Denial Of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the keysock kernel module in Solaris 10 and OpenSolaris builds snv_01 through snv_108 allows local users to cause a denial of service (system panic) via unknown vectors related to PF_KEY socket, probably related to setting socket options. local sun | 4.7 |
| 2009-03-12 | CVE-2009-0877 | Cross-Site Scripting vulnerability in SUN Java System Communications Express Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Communications Express allow remote attackers to inject arbitrary web script or HTML via the (1) Full Name or (2) Subject field. | 4.3 |
| 2009-03-12 | CVE-2009-0876 | Link Following vulnerability in SUN XVM Virtualbox Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN. | 6.9 |
| 2009-03-12 | CVE-2009-0875 | Race Condition vulnerability in SUN Opensolaris and Solaris Race condition in the Doors subsystem in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_94, allows local users to cause a denial of service (process hang), or possibly bypass file permissions or gain kernel-context privileges, via vectors involving the time at which control is transferred from a caller to a door server. | 6.9 |