CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN : Security Vulnerabilities Published In 2012

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2012-5095 2012-10-17 2013-10-10
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to inetd.
2 CVE-2012-5089 2012-10-16 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
3 CVE-2012-5086 2012-10-16 2013-11-02
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.
4 CVE-2012-5085 2012-10-16 2013-11-02
0.0
None Remote Medium Single system None None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE.
5 CVE-2012-5084 2012-10-16 2013-11-02
7.6
None Remote High Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.
6 CVE-2012-5083 2012-10-16 2013-11-02
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
7 CVE-2012-5081 2012-10-16 2013-11-02
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.
8 CVE-2012-5079 2012-10-16 2013-11-02
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
9 CVE-2012-5077 2012-10-16 2013-11-02
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security.
10 CVE-2012-5075 2012-10-16 2013-11-02
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX.
11 CVE-2012-5073 2012-10-16 2013-11-02
5.0
None Remote Low Not required None Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.
12 CVE-2012-5072 2012-10-16 2013-11-02
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.
13 CVE-2012-5071 2012-10-16 2013-11-02
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.
14 CVE-2012-5069 2012-10-16 2013-11-02
5.8
None Remote Medium Not required Partial Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency.
15 CVE-2012-5068 2012-10-16 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
16 CVE-2012-4681 Exec Code Bypass 2012-08-27 2013-10-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
17 CVE-2012-4416 2012-10-16 2013-11-02
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot.
18 CVE-2012-4233 DoS 2012-11-19 2013-01-03
4.3
None Remote Medium Not required None None Partial
LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll.
19 CVE-2012-3216 2012-10-16 2013-11-02
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
20 CVE-2012-3215 2012-10-16 2013-10-10
1.7
None Local Low Single system Partial None None
Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users to affect confidentiality via unknown vectors related to Kernel.
21 CVE-2012-3212 2012-10-16 2013-10-10
4.7
None Local Medium Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC T4 servers, allows local users to affect availability via unknown vectors related to Kernel.
22 CVE-2012-3211 2012-10-16 2013-10-10
4.6
None Local Low Single system None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/System Call.
23 CVE-2012-3210 2012-10-16 2013-10-10
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability via unknown vectors related to Kernel.
24 CVE-2012-3209 2012-10-16 2013-10-10
5.6
None Local Low Not required None Partial Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC, allows local users to affect integrity and availability via unknown vectors related to Logical Domain (LDOM).
25 CVE-2012-3208 2012-10-16 2013-10-10
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability, related to Kernel/RCTL.
26 CVE-2012-3207 2012-10-16 2013-10-10
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kernel.
27 CVE-2012-3205 2012-10-16 2013-10-10
2.1
None Local Low Not required None Partial None
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via unknown vectors related to Vino server.
28 CVE-2012-3204 2012-10-16 2013-10-10
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Power Management.
29 CVE-2012-3203 2012-10-16 2013-10-10
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, related to Gnome Display Manager GDM.
30 CVE-2012-3199 2012-10-16 2013-10-10
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gnome Trusted Extension.
31 CVE-2012-3189 2012-10-16 2013-10-10
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability, related to COMSTAR.
32 CVE-2012-3187 2012-10-16 2013-10-10
6.9
None Local Medium Not required Complete Complete Complete
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel.
33 CVE-2012-3165 2012-10-16 2013-10-10
3.6
None Local Low Not required Partial Partial None
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality and integrity via unknown vectors related to mailx.
34 CVE-2012-3159 2012-10-16 2013-11-02
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
35 CVE-2012-3155 2012-10-16 2013-10-10
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the CORBA ORB component in Sun GlassFish Enterprise Server 2.1.1, Oracle GlassFish Server 3.0.1 and 3.1.2, and Sun Java System Application Server 8.1 and 8.2 allows remote attackers to affect availability, related to CORBA ORB.
36 CVE-2012-3143 2012-10-16 2013-11-02
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.
37 CVE-2012-3131 2012-07-17 2013-10-10
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows remote attackers to affect confidentiality, related to Network/NFS.
38 CVE-2012-3130 2012-07-17 2013-10-10
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect integrity via unknown vectors related to pkg.depotd.
39 CVE-2012-3129 2012-07-17 2013-10-10
5.1
None Remote High Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, integrity, and availability, related to Gnome PDF viewer.
40 CVE-2012-3127 2012-07-17 2013-10-10
5.4
None Remote High Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, related to SCTP.
41 CVE-2012-3125 2012-07-17 2013-10-10
7.1
None Remote Medium Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows remote attackers to affect availability, related to TCP/IP.
42 CVE-2012-3124 2012-07-17 2013-10-10
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect availability, related to Kernel/KSSL.
43 CVE-2012-3123 2012-07-17 2013-10-10
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect confidentiality, related to Apache HTTP Server.
44 CVE-2012-3122 2012-07-17 2013-10-10
2.6
None Local High Not required Partial Partial None
Unspecified vulnerability in Oracle Sun Solaris 8 and 9 allows local users to affect confidentiality and integrity via unknown vectors related to sort.
45 CVE-2012-3121 2012-07-17 2013-10-10
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Oracle Sun Solaris 9 and 10 allows remote attackers to affect availability via unknown vectors related to in.tnamed and NameServer.
46 CVE-2012-3120 2012-07-17 2013-10-10
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 8 allows remote attackers to affect availability, related to TCP/IP.
47 CVE-2012-3112 2012-07-17 2013-10-10
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Solaris Management Console.
48 CVE-2012-2665 119 DoS Exec Code Overflow 2012-08-06 2013-04-18
7.5
None Remote Low Not required Partial Partial Partial
Multiple heap-based buffer overflows in the XML manifest encryption tag parsing functionality in OpenOffice.org and LibreOffice before 3.5.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Open Document Text (.odt) file with (1) a child tag within an incorrect parent tag, (2) duplicate tags, or (3) a Base64 ChecksumAttribute whose length is not evenly divisible by four.
49 CVE-2012-1765 2012-07-17 2013-10-10
4.7
None Local Medium Not required None Complete None
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via unknown vectors related to Branded Zone.
50 CVE-2012-1752 2012-07-17 2013-10-10
4.9
None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, related to Kernel/NFS.
Total number of vulnerabilities : 99   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.