Vulnerabilities > SUN > Solaris > 10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-06-14 | CVE-2007-3223 | Denial of Service vulnerability in Sun Solaris NFS Server XDR Handling Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions. | 7.8 |
| 2007-06-06 | CVE-2007-3094 | Remote Privilege Escalation vulnerability in Sun Solaris Management Console Authentication Mechanism Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server. | 9.0 |
| 2007-06-06 | CVE-2007-3093 | Remote Privilege Escalation vulnerability in Sun Solaris Management Console Logging Mechanism Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server. | 10.0 |
| 2007-06-06 | CVE-2007-3069 | Local Arbitrary Command Execution vulnerability in SUN Solaris 10.0 xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session with Assistive Technology support is running, allows attackers with physical access to take control of the session after entering an Alt-Tab sequence. | 4.6 |
| 2007-06-01 | CVE-2007-2990 | Local Denial of Service vulnerability in SUN Solaris 10.0 Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file. | 4.9 |
| 2007-05-30 | CVE-2007-2882 | Denial of Service vulnerability in Sun Solaris NFS Client Module ACL(2) Packets Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets. | 5.0 |
| 2007-05-11 | CVE-2007-2617 | Local Information Disclosure vulnerability in SUN NET Connect Software 3.2.3/3.2.4 srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options. | 2.1 |
| 2007-05-09 | CVE-2007-2529 | Local Denial Of Service vulnerability in Sun Solaris ACE_SETACL Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of service (kernel panic) and possibly gain privileges via a certain argument, related to ACE_SETACL. | 7.2 |
| 2007-04-19 | CVE-2007-1681 | Unspecified vulnerability in SUN Java web Console and Solaris Format string vulnerability in libwebconsole_services.so in Sun Java Web Console 2.2.2 through 2.2.5 allows remote attackers to cause a denial of service (application crash), obtain sensitive information, and possibly execute arbitrary code via unspecified vectors during a failed login attempt, related to syslog. | 7.5 |
| 2007-04-02 | CVE-2007-1794 | Remote Security vulnerability in Browser The Javascript engine in Mozilla 1.7 and earlier on Sun Solaris 8, 9, and 10 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. | 10.0 |