Vulnerabilities > SUN > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-01-13 | CVE-2010-0079 | Unspecified vulnerability in Oracle BEA Product Suite R27.6.5 Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 10.0 |
| 2009-12-31 | CVE-2009-4502 | Permissions, Privileges, and Access Controls vulnerability in Zabbix The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. | 9.3 |
| 2009-12-11 | CVE-2009-4294 | Remote Code Execution vulnerability in Sun Ray Server Authentication Manager Unspecified vulnerability in the Authentication Manager (aka utauthd) in Sun Ray Server Software 4.0 and 4.1 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors. | 10.0 |
| 2009-12-04 | CVE-2009-4211 | Permissions, Privileges, and Access Controls vulnerability in Disa SRR for Solaris The U.S. | 9.3 |
| 2009-11-05 | CVE-2009-3878 | Buffer Errors vulnerability in SUN Java System web Server 7.0 Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vd_sjws module in VulnDisco Pack Professional 8.12. | 9.3 |
| 2009-11-05 | CVE-2009-3874 | Numeric Errors vulnerability in SUN Jdk, JRE and SDK Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643. | 9.3 |
| 2009-11-05 | CVE-2009-3873 | Buffer Errors vulnerability in SUN Jdk, JRE and SDK The JPEG Image Writer in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, related to a "quantization problem," aka Bug Id 6862968. | 9.3 |
| 2009-11-05 | CVE-2009-3872 | Multiple Security vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969. | 9.3 |
| 2009-11-05 | CVE-2009-3871 | Buffer Errors vulnerability in SUN Jdk, JRE and SDK Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358. | 9.3 |
| 2009-11-05 | CVE-2009-3869 | Buffer Errors vulnerability in SUN Jdk, JRE and SDK Stack-based buffer overflow in the setDiffICM function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via a crafted argument, aka Bug Id 6872357. | 9.3 |