CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN : Security Vulnerabilities Published In 2004 (Denial Of Service)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Copy Results Download Results Select Table
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2004-2758 DoS 2004-12-31 2010-05-29
7.5
 None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
2 CVE-2004-2641 DoS 2004-12-31 2008-09-05
5.0
 None Remote Low Not required None None Partial
Unspecified vulnerability in Sun Fire 3800/4800/4810/6800, Sun Fire V1280, and Netra 1280 allows remote attackers to cause a denial of service (system controller hang) via IP Packets With Type of Service (TOS) Bits set.
3 CVE-2004-2540 DoS 2004-12-31 2008-09-05
5.0
 None Remote Low Not required None None Partial
readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.
4 CVE-2004-2216 DoS 2004-12-31 2008-09-05
5.0
 None Remote Low Not required None None Partial
Unknown vulnerability in Sun Java System Web Server 6.0 SP7 and earlier and 6.1 SP1 and earlier, and Application Server 7 Update 4 and earlier, allows remote attackers to cause a denial of service (crash) via a malformed client certificate.
5 CVE-2004-1816 DoS 2004-03-15 2010-02-10
5.0
 None Remote Low Not required None None Partial
Unknown vulnerability in Sun Java System Application Server 7.0 Update 2 and earlier, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
6 CVE-2004-1815 DoS 2004-03-15 2008-09-05
5.0
 None Remote Low Not required None None Partial
Unknown vulnerability in ColdFusion MX 6.0 and 6.1, and JRun 4.0, when a SOAP web service expects an array of objects as an argument, allows remote attackers to cause a denial of service (memory consumption).
7 CVE-2004-1503 DoS Overflow 2004-12-31 2008-09-05
5.0
 None Remote Low Not required None None Partial
Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative.
8 CVE-2004-1393 DoS 2004-12-31 2008-09-10
5.0
 None Remote Low Not required None None Partial
Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang).
9 CVE-2004-1356 DoS 2004-04-23 2008-09-10
2.1
 None Local Low Not required None None Partial
Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
10 CVE-2004-1355 DoS 2004-04-26 2008-09-10
2.1
 None Local Low Not required None None Partial
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
11 CVE-2004-1348 DoS 2004-09-06 2008-09-10
5.0
 None Remote Low Not required None None Partial
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).
12 CVE-2004-1347 DoS 2004-08-10 2008-09-10
5.0
 None Remote Low Not required None None Partial
X Display Manager (XDM) on Solaris 8 allows remote attackers to cause a denial of service (XDM crash) via an invalid X Display Manager Control Protocol (XDMCP) request.
13 CVE-2004-1346 DoS 2004-06-19 2008-09-10
2.1
 None Local Low Not required None None Partial
The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.
14 CVE-2004-1180 DoS 2004-02-16 2008-09-10
5.0
 None Remote Low Not required None None Partial
Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash).
15 CVE-2004-0827 DoS Exec Code Overflow 2004-09-16 2010-08-21
7.5
 User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
16 CVE-2004-0654 DoS 2004-08-06 2008-09-10
2.1
 None Local Low Not required None None Partial
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic).
17 CVE-2004-0651 DoS 2004-08-06 2008-09-05
5.0
 None Remote Low Not required None None Partial
Unknown vulnerability in Sun Java Runtime Environment (JRE) 1.4.2 through 1.4.2_03 allows remote attackers to cause a denial of service (virtual machine hang).
18 CVE-2004-0112 DoS 2004-11-23 2010-08-21
5.0
 None Remote Low Not required None None Partial
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
19 CVE-2004-0081 DoS 2004-11-23 2010-08-21
5.0
 None Remote Low Not required None None Partial
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
20 CVE-2004-0079 DoS 2004-11-23 2010-08-21
5.0
 None Remote Low Not required None None Partial
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Total number of vulnerabilities : 20   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.