cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system.
Max CVSS
3.6
EPSS Score
0.06%
Published
1999-11-08
Updated
2016-10-18
StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.
Max CVSS
3.6
EPSS Score
0.04%
Published
2001-01-09
Updated
2017-12-19
MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.
Max CVSS
3.7
EPSS Score
0.04%
Published
2002-08-12
Updated
2008-09-10
The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.
Max CVSS
3.7
EPSS Score
0.06%
Published
2003-12-03
Updated
2018-10-30
Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files.
Max CVSS
3.6
EPSS Score
0.04%
Published
2005-05-02
Updated
2008-09-05
Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits.
Max CVSS
3.6
EPSS Score
0.04%
Published
2005-12-31
Updated
2018-10-30
Sun Java Studio Enterprise 8, when installed as root, creates certain files with world-writable permissions, which allows local users to execute arbitrary commands via unspecified vectors.
Max CVSS
3.7
EPSS Score
0.04%
Published
2006-04-19
Updated
2017-07-20
pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions (755 or 777) if the pkgmap file contains a "?" (question mark) in the mode field, which allows local users to modify arbitrary files or directories, a different vulnerability than CVE-2002-1871.
Max CVSS
3.6
EPSS Score
0.04%
Published
2006-08-29
Updated
2017-10-11

CVE-2006-4842

Public exploit
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files.
Max CVSS
3.6
EPSS Score
0.06%
Published
2006-10-12
Updated
2018-10-17
Sun Solaris 10 before 20061006 uses "incorrect and insufficient permission checks" that allow local users to intercept or spoof packets by creating a raw socket on a link aggregation (network device aggregation).
Max CVSS
3.6
EPSS Score
0.04%
Published
2006-10-10
Updated
2017-07-20
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors.
Max CVSS
3.5
EPSS Score
0.21%
Published
2007-10-09
Updated
2017-09-29
Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities.
Max CVSS
3.5
EPSS Score
0.12%
Published
2007-12-20
Updated
2017-09-29
Sun Virtual Desktop Infrastructure (VDI) 3.0, when anonymous binding is enabled, does not properly handle a client's attempt to establish an authenticated and encrypted connection, which might allow remote attackers to read cleartext VDI configuration-data requests by sniffing LDAP sessions on the network.
Max CVSS
3.5
EPSS Score
0.15%
Published
2009-08-18
Updated
2009-08-21
Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager.
Max CVSS
3.3
EPSS Score
0.04%
Published
2010-03-29
Updated
2018-10-10
Unspecified vulnerability in Oracle Solaris 9 allows local users to affect confidentiality and integrity via unknown vectors related to XScreenSaver.
Max CVSS
3.6
EPSS Score
0.04%
Published
2011-01-19
Updated
2017-08-17
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable.
Max CVSS
3.7
EPSS Score
0.09%
Published
2011-02-17
Updated
2018-10-30
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Fault Manager Daemon.
Max CVSS
3.6
EPSS Score
0.04%
Published
2011-01-19
Updated
2017-08-17
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect confidentiality and integrity via unknown vectors related to cp.
Max CVSS
3.6
EPSS Score
0.04%
Published
2011-04-20
Updated
2011-04-20
Unspecified vulnerability in the Solaris component in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel.
Max CVSS
3.7
EPSS Score
0.04%
Published
2011-04-20
Updated
2012-08-03
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to uucp.
Max CVSS
3.0
EPSS Score
0.04%
Published
2011-04-20
Updated
2012-08-03
Unspecified vulnerability in Oracle Solaris 9, 10, and 11 Express allows local users to affect availability, related to LOFS.
Max CVSS
3.7
EPSS Score
0.04%
Published
2011-04-20
Updated
2012-08-03
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect integrity and availability via unknown vectors related to LiveUpgrade.
Max CVSS
3.6
EPSS Score
0.04%
Published
2011-07-21
Updated
2011-10-05
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS.
Max CVSS
3.5
EPSS Score
0.20%
Published
2011-10-19
Updated
2018-01-06
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality and availability, related to TCP/IP.
Max CVSS
3.6
EPSS Score
0.04%
Published
2012-01-18
Updated
2018-01-06
Unspecified vulnerability Oracle Sun Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Install/smpatch.
Max CVSS
3.3
EPSS Score
0.04%
Published
2013-01-17
Updated
2017-09-19
45 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!