CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN » Sunos : Security Vulnerabilities (CVSS score between 5 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-0375 2015-01-21 2017-09-08
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confidentiality via unknown vectors related to Network.
2 CVE-2014-6575 2015-01-21 2016-12-07
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via unknown vectors related to Network, a different vulnerability than CVE-2004-0230.
3 CVE-2014-6529 2014-10-15 2014-11-19
6.8
None Local Network High Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hermon HCA PCIe driver.
4 CVE-2014-6518 2015-01-21 2016-12-07
6.6
None Local Low Not required None Complete Complete
Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to Unix File System (UFS).
5 CVE-2014-6490 2014-10-15 2015-11-06
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via vectors related to SMB server user component.
6 CVE-2014-6470 2014-10-15 2015-11-06
6.8
None Local Low ??? Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Archive Utility.
7 CVE-2014-4277 2014-10-15 2015-11-06
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect confidentiality via unknown vectors related to Automated Install Engine, a different vulnerability than CVE-2014-4283.
8 CVE-2014-4225 2014-07-17 2018-10-09
6.9
None Local Medium Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Patch installation scripts.
9 CVE-2013-5834 2014-01-15 2017-08-29
6.2
None Local High Not required Complete Complete Complete
Unspecified vulnerability in Oracle Solaris 8 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to ps.
10 CVE-2013-3813 2013-07-17 2017-09-19
5.8
None Remote Medium Not required Partial Partial None
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality and integrity via vectors related to Libraries/PAM-Unix.
11 CVE-2013-3786 2013-07-17 2017-09-19
6.0
None Local High ??? Complete Complete Complete
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.
12 CVE-2013-3757 2013-07-17 2017-09-19
6.4
None Remote Low Not required None Partial Partial
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect integrity and availability via vectors related to SMF/File Locking Services.
13 CVE-2013-0415 2013-01-17 2017-09-19
6.0
None Local High ??? Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Bind/Postinstall script for Bind package.
14 CVE-2013-0411 2013-04-17 2017-09-19
5.9
None Local High ??? Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via vectors related to RBAC Configuration.
15 CVE-2013-0408 2013-04-17 2017-09-19
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability via vectors related to CPU performance counters drivers.
16 CVE-2013-0405 2013-04-17 2017-09-19
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality and integrity via vectors related to NFS client mounts and IPv6.
17 CVE-2013-0400 2013-01-17 2017-09-19
6.6
None Local Medium ??? Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Filesystem/cachefs.
18 CVE-2013-0399 2013-01-17 2017-09-19
6.6
None Local Medium ??? Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Umount.
19 CVE-2013-0398 2013-07-17 2017-09-19
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 allows remote attackers to affect confidentiality via unknown vectors related to Utility/Remote Execution Server (in.rexecd).
20 CVE-2012-4298 189 Exec Code Overflow 2012-08-16 2017-09-19
5.4
None Local Network Medium Not required Partial Partial Partial
Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow.
21 CVE-2012-4294 119 Exec Code Overflow 2012-08-16 2017-09-19
5.8
None Local Network Low Not required Partial Partial Partial
Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value.
22 CVE-2012-4287 399 DoS 2012-08-16 2017-09-19
5.0
None Remote Low Not required None None Partial
epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length.
23 CVE-2012-3209 2012-10-17 2013-10-11
5.6
None Local Low Not required None Partial Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users to affect integrity and availability via unknown vectors related to Logical Domain (LDOM).
24 CVE-2012-3187 2012-10-17 2013-10-11
6.9
None Local Medium Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.
25 CVE-2012-3129 2012-07-17 2017-08-29
5.1
None Remote High Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, integrity, and availability, related to Gnome PDF viewer.
26 CVE-2012-3127 2012-07-17 2017-08-29
5.4
None Remote High Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, related to SCTP.
27 CVE-2012-3124 2012-07-17 2017-08-29
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, related to Kernel/KSSL.
28 CVE-2012-3123 2012-07-17 2017-12-22
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, related to Apache HTTP Server.
29 CVE-2012-3121 2012-07-17 2017-08-29
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows remote attackers to affect availability via unknown vectors related to in.tnamed and NameServer.
30 CVE-2012-1694 2012-05-03 2017-12-07
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality and integrity, related to libsasl.
31 CVE-2012-1691 2012-05-03 2017-12-07
6.6
None Local Medium ??? Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel/Privileges.
32 CVE-2012-1687 2012-07-17 2017-08-29
5.6
None Local Low Not required None Partial Complete
Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability, related to Logical Domains (LDOM).
33 CVE-2012-1683 2012-05-03 2017-12-07
5.9
None Local High ??? Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to gssd.
34 CVE-2012-0539 2012-05-03 2017-12-07
6.2
None Local High Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to (1) bsmconv and (2) bsmunconv.
35 CVE-2012-0100 2012-01-18 2018-01-06
6.8
None Local Low ??? Complete Complete Complete
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kerberos.
36 CVE-2012-0096 2012-01-18 2018-01-06
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Network.
37 CVE-2011-3515 2011-10-18 2017-08-29
5.6
None Local Low Not required None Partial Complete
Unspecified vulnerability in the Oracle Solaris 10 and 11 Express allows local users to affect integrity and availability via unknown vectors related to Process File System (procfs).
38 CVE-2011-2298 2011-07-21 2011-10-05
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote attackers to affect availability, related to KSSL.
39 CVE-2011-2294 2011-07-21 2011-10-05
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows remote attackers to affect availability, related to SSH.
40 CVE-2011-2249 2011-07-20 2011-10-05
5.2
None Local Network Medium ??? None None Complete
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote authenticated users to affect availability, related to TCP/IP.
41 CVE-2011-0820 2011-04-20 2012-08-03
5.4
None Remote High Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Kernel.
42 CVE-2011-0800 2011-04-20 2011-04-20
6.5
None Local Low ??? Complete Complete Complete
Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Administration Utilities.
43 CVE-2010-4433 2011-01-19 2017-08-17
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality via unknown vectors related to Ethernet and the Driver sub-component.
44 CVE-2009-0873 264 Bypass 2009-03-11 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."
45 CVE-2008-1778 16 DoS 2008-04-14 2018-10-30
6.6
None Local Low Not required None Complete Complete
Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow local users to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknown vectors.
46 CVE-2008-1095 264 DoS Bypass 2008-02-29 2018-10-30
6.8
None Remote Low ??? None None Complete
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets and IP fragment reassembly.
47 CVE-2007-3717 +Priv 2007-07-12 2018-10-30
6.9
None Local Medium Not required Complete Complete Complete
rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue to CVE-2006-0225.
48 CVE-2007-2882 DoS 2007-05-30 2018-10-30
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets.
49 CVE-2007-2045 DoS 2007-04-16 2018-10-30
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments.
50 CVE-2007-0503 Exec Code 2007-01-25 2018-10-30
6.9
None Local Medium Not required Complete Complete Complete
Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors.
Total number of vulnerabilities : 109   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.