| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges. |
| In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files. |
| Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request. |
| Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. |
| service.cgi in Cobalt RAQ 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long service argument. |
| 64 bit Solaris 7 procfs allows local users to perform a denial of service. |
| Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program. |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. |
| Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL. |
| The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled. |
| Sun Java JRE 1.1.x through 1.4.x writes temporary files with long filenames that become predictable on a file system that uses 8.3 style short names, which allows remote attackers to write arbitrary files to known locations and facilitates the exploitation of vulnerabilities in applications that rely on unpredictable file names. |
| The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference. |
| Unknown vulnerability in the sysinfo system call for Solaris for SPARC 2.6 through 9, and Solaris for x86 2.6, 7, and 8, allows local users to read kernel memory. |
| Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file. |
| Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt). |
| Buffer overflow in the kcsSUNWIOsolf.so library in Solaris 7 and 8 allows local attackers to execute arbitrary commands via the KCMS_PROFILES environment variable, e.g. as demonstrated using the kcms_configure program. |
| X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. |
| Unspecified vulnerability in Sun Java System Communications Express 2005Q1 and 2004Q2 allows local and remote attackers to read sensitive information from configuration files. |
| Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. |
