cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed even when the screen is locked, a different vulnerability than CVE-2009-1276.
Max CVSS
4.9
EPSS Score
0.06%
Published
2009-08-07
Updated
2017-09-19
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds."
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-07-29
Updated
2017-09-19
Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.
Max CVSS
10.0
EPSS Score
86.65%
Published
2009-05-26
Updated
2018-10-11
Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.
Max CVSS
10.0
EPSS Score
64.42%
Published
2009-05-26
Updated
2018-10-11
Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-06-16
Updated
2018-10-30
Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors.
Max CVSS
7.6
EPSS Score
0.13%
Published
2007-11-30
Updated
2017-07-29
Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_mlist_enter functions.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-10-23
Updated
2017-09-29
Unspecified vulnerability in the Sun Solaris RPC services library (librpcsvc) on Solaris 8 through 10 allows remote attackers to cause a denial of service (mountd crash) via unspecified packets to a server that exports many filesystems, and allows local users to cause a denial of service (automountd crash) via unspecified requests to mount filesystems from a server that exports many filesystems.
Max CVSS
7.8
EPSS Score
3.64%
Published
2007-10-15
Updated
2017-07-29
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
Max CVSS
7.2
EPSS Score
95.41%
Published
2007-10-11
Updated
2018-10-15
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors related to "the handling of thread contexts."
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-09-27
Updated
2017-09-29
Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and 10 before 20070925 allows local users to cause a denial of service (panic) via unspecified vectors.
Max CVSS
4.7
EPSS Score
0.04%
Published
2007-09-27
Updated
2017-09-29
Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-09-06
Updated
2017-09-29
Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun Solaris 8 through 10 before 20070725 allows local users to read arbitrary files with root group ownership via unknown vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-07-30
Updated
2017-09-29
Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-06-28
Updated
2017-09-29
The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-06-27
Updated
2017-10-11
GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.
Max CVSS
6.8
EPSS Score
0.06%
Published
2007-06-19
Updated
2017-10-11
The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-2298.
Max CVSS
7.8
EPSS Score
5.28%
Published
2007-06-01
Updated
2017-10-11
Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level as it is being deleted, which causes rm to chdir to a ".." directory that is higher than expected, possibly up to the root file system, a related issue to CVE-2002-0435.
Max CVSS
2.6
EPSS Score
0.04%
Published
2007-02-13
Updated
2018-10-30
Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-01-25
Updated
2018-10-30
Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-01-24
Updated
2018-10-30
Sun Solaris 9 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.
Max CVSS
4.6
EPSS Score
0.04%
Published
2007-01-19
Updated
2018-10-16
Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
Max CVSS
7.8
EPSS Score
41.44%
Published
2007-01-10
Updated
2018-10-30
Single CPU Sun systems running Solaris 7, 8, or 9, such as Netra, allows remote attackers to cause a denial of service (console hang) via a flood of small TCP/IP packets. NOTE: this issue has not been replicated by third parties. In addition, the cause is unknown, although it might be related to "jabber" and generation of a large amount of interrupts within the console, or a hardware error.
Max CVSS
7.8
EPSS Score
22.66%
Published
2007-02-23
Updated
2018-10-30
Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally does not cross privilege boundaries, except in cases of external introduction of malicious message files, or if it is leveraged with other vulnerabilities such as CVE-2006-6494.
Max CVSS
6.6
EPSS Score
0.04%
Published
2006-12-13
Updated
2018-10-30
Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format string specifiers.
Max CVSS
6.6
EPSS Score
0.04%
Published
2006-12-13
Updated
2018-10-30
127 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!