Vulnerabilities > SUN > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-10-30 | CVE-2007-5717 | Remote Arbitrary Command Execution vulnerability in Sun Fire X2100 M2 And X2200 M2 ELOM Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) on x86 before firmware 2.70 allows remote attackers to execute arbitrary commands as root on the Service Processor (SP) via unspecified vectors, a different vulnerability than CVE-2007-5170. | 10.0 |
2007-10-29 | CVE-2007-5689 | Remote Privilege Escalation vulnerability in SUN Jdk, JRE and SDK The Java Virtual Machine (JVM) in Sun Java Runtime Environment (JRE) in SDK and JRE 1.3.x through 1.3.1_20 and 1.4.x through 1.4.2_15, and JDK and JRE 5.x through 5.0 Update 12 and 6.x through 6 Update 2, allows remote attackers to execute arbitrary programs, or read or modify arbitrary files, via applets that grant privileges to themselves. | 10.0 |
2007-09-20 | CVE-2007-5019 | Buffer Errors vulnerability in SUN Java web Start, JRE and SDK Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X allows remote attackers to have an unknown impact via a long argument to the dnsResolve (isInstalled.dnsResolve) method. | 10.0 |
2007-09-18 | CVE-2007-2834 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow. | 9.3 |
2007-08-17 | CVE-2007-4381 | Remote Privilege Escalation vulnerability in SUN Jdk, JRE and SDK Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.2_14 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself. | 9.3 |
2007-07-15 | CVE-2007-3794 | Buffer Overflow vulnerability in Multiple Hitachi Products GIF Image Buffer overflow in Hitachi Cosminexus V4 through V7, Processing Kit for XML before 20070511, Developer's Kit for Java before 20070312, and third-party products that use this software, allows attackers to have an unknown impact via certain GIF images, related to use of GIF image processing APIs by a Java application. | 10.0 |
2007-07-11 | CVE-2007-3716 | Improper Input Validation vulnerability in SUN JDK and JRE The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute arbitrary code via a crafted stylesheet, a related issue to CVE-2007-3715. | 9.3 |
2007-07-11 | CVE-2007-3715 | Improper Input Validation vulnerability in SUN products Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted stylesheet, a related issue to CVE-2007-3716. | 9.3 |
2007-06-30 | CVE-2007-3504 | Path Traversal vulnerability in SUN Jdk, JRE and SDK Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite privileges to itself. | 9.3 |
2007-06-06 | CVE-2007-3094 | Remote Privilege Escalation vulnerability in Sun Solaris Management Console Authentication Mechanism Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server. | 9.0 |