Vulnerabilities > SUN > Solaris > 8.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-01-28 | CVE-2004-2766 | Information Exposure vulnerability in SUN Iplanet Messaging Server and ONE Messaging Server Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02 allows remote attackers to obtain unspecified "access" to e-mail via a crafted e-mail message, related to a "session hijacking" issue, a different vulnerability than CVE-2005-2022 and CVE-2006-5486. | 4.3 |
2010-01-28 | CVE-2004-2765 | Cross-Site Scripting vulnerability in SUN Iplanet Messaging Server and ONE Messaging Server Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, a different vulnerability than CVE-2005-2022 and CVE-2006-5486. | 4.3 |
2010-01-28 | CVE-2003-1576 | Buffer Errors vulnerability in SUN Change Manager 1.0 Buffer overflow in pamverifier in Change Manager (CM) 1.0 for Sun Management Center (SunMC) 3.0 on Solaris 8 and 9 on the sparc platform allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2010-01-28 | CVE-2003-1575 | Permissions, Privileges, and Access Controls vulnerability in Symantec Vxfs 3.3.3/3.4/3.5 VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissions by accessing a file on a VxFS filesystem. | 4.6 |
2009-08-07 | CVE-2009-2711 | Information Exposure vulnerability in multiple products XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276. | 4.9 |
2009-07-05 | CVE-2009-2314 | Race Condition vulnerability in SUN Lightweight Availability Collection Tool 3.0 Race condition in the Sun Lightweight Availability Collection Tool 3.0 on Solaris 7 through 10 allows local users to overwrite arbitrary files via unspecified vectors. | 2.1 |
2009-06-11 | CVE-2009-2029 | Remote Denial Of Service vulnerability in SUN Opensolaris and Solaris Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks. | 5.0 |
2009-05-26 | CVE-2008-3870 | Numeric Errors vulnerability in SUN Solaris 8.0/9.0 Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation. | 10.0 |
2009-05-26 | CVE-2008-3869 | Buffer Errors vulnerability in SUN Solaris 8.0/9.0 Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters. | 10.0 |
2007-11-30 | CVE-2007-6180 | Race Condition vulnerability in SUN Solaris 10.0/8.0/9.0 Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors. | 7.6 |