Vulnerabilities > SUN
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-06-03 | CVE-2008-2539 | Permissions, Privileges, and Access Controls vulnerability in SUN Cluster 3.1 The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 through 10, when an underlying ufs filesystem is used, might allow local users to read data from arbitrary deleted files, or corrupt files in global filesystems, via unspecified vectors. | 7.2 |
| 2008-06-03 | CVE-2008-2538 | Race Condition vulnerability in SUN Solaris 10/8/9 Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors. | 6.9 |
| 2008-06-03 | CVE-2008-2518 | Cross-Site Scripting vulnerability in SUN Java System web Server 6.1/7.0 Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the next parameter. | 4.3 |
| 2008-05-23 | CVE-2008-2418 | Race Condition vulnerability in SUN Solaris 10 Race condition in the STREAMS Administrative Driver (sad) in Sun Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors. | 4.7 |
| 2008-05-13 | CVE-2008-2166 | Cross-Site Scripting vulnerability in SUN Java System web Server 6.1/7.0 Cross-site scripting (XSS) vulnerability in the search module in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unknown parameters in index.jsp. | 4.3 |
| 2008-05-12 | CVE-2008-2144 | Remote Code Execution vulnerability in SUN Sunos 5.10/5.8/5.9 Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors. | 10.0 |
| 2008-05-09 | CVE-2008-2121 | Configuration vulnerability in SUN Sunos 5.10/5.8/5.9 The TCP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to cause a denial of service (CPU consumption and new connection timeouts) via a TCP SYN flood attack. | 7.8 |
| 2008-05-09 | CVE-2008-2120 | Information Exposure vulnerability in SUN products Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors. | 5.0 |
| 2008-05-08 | CVE-2008-2112 | Privilege Escalation vulnerability in SUN RAY Server Software 4.0 Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig. | 8.5 |
| 2008-05-06 | CVE-2008-2090 | Resource Management Errors vulnerability in SUN Solaris 10 Unspecified vulnerability in the SCTP protocol implementation in Sun Solaris 10 allows remote attackers to cause a denial of service (CPU consumption and network traffic amplification) via a crafted SCTP packet. | 7.8 |