Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-08-08 | CVE-2008-0965 | USE of Externally-Controlled Format String vulnerability in SUN Opensolaris, Solaris and Sunos Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet. | 9.3 |
| 2008-08-08 | CVE-2008-0964 | Buffer Errors vulnerability in SUN Opensolaris, Solaris and Sunos Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. | 9.3 |
| 2008-08-07 | CVE-2008-3549 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the pthread_mutex_reltimedlock_np API in Sun Solaris 10 and OpenSolaris before snv_90 allows local users to cause a denial of service (system hang or panic) via unknown vectors. | 4.7 |
| 2008-08-07 | CVE-2008-3548 | Local Denial of Service vulnerability in SUN Netra T5220 Server 7.1.3 Unspecified vulnerability in the Sun Netra T5220 Server with firmware 7.1.3 allows local users to cause a denial of service (panic) via unknown vectors. | 4.9 |
| 2008-08-04 | CVE-2008-3450 | Permissions, Privileges, and Access Controls vulnerability in SUN Sunos 5.10/5.8/5.9 Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors. | 7.2 |
| 2008-08-01 | CVE-2008-3440 | Code Injection vulnerability in SUN Java 1.6.0 Sun Java 1.6.0_03 and earlier versions, and possibly later versions, does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning. | 7.5 |
| 2008-07-31 | CVE-2008-3426 | Local Denial of Service vulnerability in SUN Opensolaris, Solaris and Sunos Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld) in Sun Solaris 8 through 10, and OpenSolaris builds snv_01 through snv_95, allows local users to cause a denial of service via unknown vectors that prevent operation of utilities such as prtdiag, prtpicl, and prtfru. | 2.1 |
| 2008-07-31 | CVE-2008-3425 | Improper Authentication vulnerability in SUN products Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisioning System (SPS) 5.2 and 6.0 allows remote authenticated SPS users to gain administrative access to the web server via unknown attack vectors. | 6.5 |
| 2008-07-15 | CVE-2008-2579 | Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors. | 6.8 |
| 2008-07-09 | CVE-2008-3115 | Configuration vulnerability in SUN JDK and JRE Secure Static Versioning in Sun Java JDK and JRE 6 Update 6 and earlier, and 5.0 Update 6 through 15, does not properly prevent execution of applets on older JRE releases, which might allow remote attackers to exploit vulnerabilities in these older releases. | 7.5 |