Vulnerabilities > SUN > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-12-31 | CVE-2005-2529 | Remote Security vulnerability in SUN Java 1.4.2 Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to "the utility used to update Java shared archives." | 10.0 |
| 2005-05-02 | CVE-2005-0836 | Remote Unauthorized Access vulnerability in Sun Java Web Start System Property Tags Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file. | 10.0 |
| 2005-03-01 | CVE-2004-1029 | Permissions, Privileges, and Access Controls vulnerability in multiple products The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. | 9.3 |
| 2005-01-10 | CVE-2004-1170 | a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. | 10.0 |
| 2004-12-31 | CVE-2004-2627 | Remote Security vulnerability in Java 2 Micro Edition Java 2 Micro Edition (J2ME) does not properly validate bytecode, which allows remote attackers to escape the Kilobyte Virtual Machine (KVM) sandbox and execute arbitrary code. | 10.0 |
| 2004-08-18 | CVE-2004-0523 | Principal Name Buffer Overrun vulnerability in MIT Kerberos 5 KRB5_AName_To_Localname Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. | 10.0 |
| 2004-07-27 | CVE-2004-0742 | Privilege Escalation vulnerability in SUN Java System Calendar Server 6.2 Sun Java System Portal Server 6.2 (formerly Sun ONE) allows remote authenticated users to obtain Calendar Server privileges and modify Calendar data by changing the display options to a non-default view. | 10.0 |
| 2003-10-06 | CVE-2003-0694 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | 10.0 |
| 2003-09-22 | CVE-2003-0722 | Remote Administrative Access vulnerability in Sun Solaris SAdmin Client Credentials The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets. | 10.0 |
| 2003-09-09 | CVE-2003-1081 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris and Sunos Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file. | 10.0 |