Vulnerabilities > SUN > Solaris > 10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-02-03 | CVE-2010-0453 | Improper Input Validation vulnerability in SUN Opensolaris and Solaris The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision. | 4.9 |
| 2010-01-14 | CVE-2010-0310 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris 10.0 Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates. | 6.8 |
| 2009-11-03 | CVE-2009-3851 | Denial-Of-Service vulnerability in SUN Solaris 10.0 Trusted Extensions in Sun Solaris 10 interferes with the operation of the xscreensaver-demo command for the XScreenSaver application, which makes it easier for physically proximate attackers to access an unattended workstation for which the intended screen locking did not occur, related to the "restart daemon." | 7.2 |
| 2009-11-02 | CVE-2009-3839 | Remote Privilege Escalation vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the Solaris Trusted Extensions Policy configuration in Sun Solaris 10, and OpenSolaris snv_37 through snv_125, might allow remote attackers to execute arbitrary code by leveraging access to the X server. network sun | 6.8 |
| 2009-10-16 | CVE-2009-3706 | Unspecified vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call. local sun | 4.4 |
| 2009-09-29 | CVE-2009-3468 | Local Privilege Escalation vulnerability in SUN Solaris 10.0 Multiple unspecified vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10, when Trusted Extensions is enabled, allow local users to execute arbitrary commands or bypass the Mandatory Access Control (MAC) policy via unknown vectors, related to a menu typo and the Style Manager. local sun | 6.9 |
| 2009-09-10 | CVE-2009-3164 | Denial-Of-Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interface is used, allows remote attackers to cause a denial of service (panic) via vectors involving jumbo frames. network sun | 7.1 |
| 2009-08-28 | CVE-2009-3000 | Resource Management Errors vulnerability in SUN Opensolaris and Solaris The sockfs module in the kernel in Sun Solaris 10 and OpenSolaris snv_41 through snv_122, when Network Cache Accelerator (NCA) logging is enabled, allows remote attackers to cause a denial of service (panic) via unspecified web-server traffic that triggers a NULL pointer dereference in the nl7c_http_log function, related to "improper http response handling." | 7.1 |
| 2009-08-18 | CVE-2009-2856 | Information Exposure vulnerability in SUN Virtual Desktop Infrastructure 3.0 Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow remote attackers to read cleartext VDI configuration-data requests by sniffing LDAP sessions on the network. | 3.5 |
| 2009-08-03 | CVE-2009-2652 | Remote Denial of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in Solaris Trusted Extensions in Sun Solaris 10, and OpenSolaris snv_37 through snv_120, allows remote attackers to cause a denial of service (panic) via vectors involving the parsing of labeled packets. | 6.8 |