CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Oracle » Sun Products Suite : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-0417 2013-01-16 2013-10-10
5.0
None Remote Low Not required Partial None None
Unspecified vulnerability in the Sun Storage Common Array Manager (CAM) component in Oracle Sun Products Suite 6.9.0 allows remote attackers to affect confidentiality, related to Fault Management System (FMS).
2 CVE-2012-3126 2012-07-17 2013-10-10
6.2
None Local High Not required Complete Complete Complete
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent.
3 CVE-2012-0523 2012-05-03 2013-10-10
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to sgepasswd.
4 CVE-2012-0516 2012-05-03 2013-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console.
5 CVE-2012-0208 2012-05-03 2013-10-10
9.0
None Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to qrsh.
6 CVE-2011-3535 2011-10-18 2012-11-06
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Remote Quota Server (rquotad).
7 CVE-2011-3517 2011-10-18 2012-11-26
7.8
None Remote Low Not required None None Complete
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication.
8 CVE-2011-3507 2011-10-18 2012-11-06
3.5
None Remote Medium Single system None Partial None
Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suite 7.0 allows remote authenticated users to affect integrity via unknown vectors related to Messaging Server.
9 CVE-2011-3506 2011-10-18 2012-11-26
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.
10 CVE-2011-2327 2011-10-18 2012-01-11
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suite 7.0 allows local users to affect confidentiality via unknown vectors related to Delegated Administrator.
11 CVE-2011-2310 2011-10-18 2012-01-11
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Oracle Waveset component in Oracle Sun Products Suite 8.1.0 and 8.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to User Administration.
12 CVE-2011-2260 2011-07-20 2011-10-04
5.8
None Remote Medium Not required Partial Partial None
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration.
13 CVE-2011-2245 2011-07-20 2011-10-04
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 9 and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to SSH.
14 CVE-2011-1511 Exec Code 2011-07-20 2011-12-20
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 and 3.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to Administration.
15 CVE-2011-0847 2011-04-20 2012-08-02
4.0
None Remote Low Single system Partial None None
Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Authentication.
16 CVE-2011-0844 2011-04-20 2012-08-02
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.
17 CVE-2010-3579 2010-10-14 2013-02-07
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 components in Oracle Sun Products Suite 1.0 and 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail.
18 CVE-2010-3564 DoS 2010-10-14 2014-10-04
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.
19 CVE-2010-3546 2010-10-14 2013-02-07
5.8
None Remote Medium Not required Partial Partial None
Unspecified vulnerability in the Sun Java System Identity Manager component in Oracle Sun Products Suite 8.1 allows remote attackers to affect confidentiality and integrity via unknown vectors.
20 CVE-2010-3545 2010-10-14 2013-02-07
5.8
None Remote Medium Not required Partial Partial None
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration.
21 CVE-2010-3544 CSRF 2010-10-14 2013-02-07
5.8
None Remote Medium Not required None Partial Partial
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect integrity and availability via unknown vectors related to Administration. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable source that this is cross-site request forgery (CSRF) that allows remote attackers to stop an instance via the management console.
22 CVE-2010-3535 2010-10-14 2013-02-07
4.4
None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Products Suite 6.0, 6.1, 6.2, and 6.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Identity Synchronization for Windows.
23 CVE-2010-3514 2010-10-13 2010-11-11
4.3
None Remote Medium Not required None Partial None
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 6.1 and 7.0 allows remote attackers to affect integrity via unknown vectors related to Web Container.
24 CVE-2010-3512 2010-10-13 2010-11-11
3.5
None Remote Medium Single system Partial None None
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0u8 allows remote authenticated users to affect confidentiality, related to DAV (WebDAV).
25 CVE-2010-3506 2010-10-13 2010-11-11
3.0
None Local Medium Single system Partial Partial None
Unspecified vulnerability in the Oracle Explorer (Sun Explorer) component in Oracle Sun Products Suite 6.4 allows local users to affect confidentiality and integrity via unknown vectors.
26 CVE-2010-2414 2010-10-13 2010-11-11
2.6
None Remote High Not required Partial None None
Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 components in Oracle Sun Products Suite 1.0 and 7.0 allows remote attackers to affect confidentiality via unknown vectors.
27 CVE-2010-0897 2010-04-13 2013-02-07
7.5
None Remote Low Not required Partial Partial Partial
Unspecified vulnerability in the Sun Java System Directory Server component in Oracle Sun Product Suite 5.2, 6.0, 6.1, 6.2, 6.3, and 6.3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Directory Service Markup Language.
28 CVE-2010-0896 2010-04-13 2013-02-07
7.1
None Remote Medium Not required Complete None None
Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Address Book and Mail Filter.
29 CVE-2010-0894 2010-04-13 2013-02-07
5.8
None Remote Medium Not required Partial Partial None
Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors.
30 CVE-2010-0893 2010-04-13 2013-02-07
4.3
None Remote Medium Not required Partial None None
Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Mail.
31 CVE-2010-0891 2010-04-13 2013-02-07
5.8
None Remote Medium Not required Partial Partial None
Unspecified vulnerability in the Sun Management Center component in Oracle Sun Product Suite 3.6.1 and 4.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Solaris Container Manager.
32 CVE-2010-0890 2010-04-13 2013-02-07
2.1
None Local Low Not required None None Partial
Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_01 through snv_98 allows local users to affect availability via unknown vectors related to the Kernel.
33 CVE-2010-0888 2010-04-13 2013-02-08
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Sun Ray Server Software component in Oracle Sun Product Suite 4.0, 4.1, and 4.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Device Services.
34 CVE-2010-0885 2010-04-13 2013-02-08
6.8
None Remote Low Single system Complete None None
Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Product Suite 6 2005Q4 (6.2) and and 6.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Address Book.
35 CVE-2010-0884 2010-04-13 2013-02-08
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite.
36 CVE-2010-0883 2010-04-13 2013-02-08
2.1
None Local Low Not required Partial None None
Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite.
37 CVE-2010-0882 2010-04-13 2013-02-08
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_134 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Trusted Extensions.
Total number of vulnerabilities : 37   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.