Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets.
Max CVSS
7.8
EPSS Score
5.25%
Published
2007-01-31
Updated
2017-10-11
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Access Manager 6.1, 6.2, 6 2005Q1 (6.3), and 7 2005Q4 (7.0) before 20070129 allow remote attackers to inject arbitrary web script or HTML via the (1) goto or (2) gx-charset parameter. NOTE: some of these details are obtained from third party information.
Max CVSS
4.3
EPSS Score
0.72%
Published
2007-01-31
Updated
2017-07-29
Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors.
Max CVSS
6.9
EPSS Score
0.04%
Published
2007-01-25
Updated
2018-10-30
cgi-bin/main in Sun Ray Server Software 2.0 and 3.0 before 20070123 allows local users to obtain the utadmin password by reading a web server's log file, or by conducting a different, unspecified local attack.
Max CVSS
4.6
EPSS Score
0.04%
Published
2007-01-25
Updated
2017-07-29
Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-01-24
Updated
2018-10-30
Sun Solaris 9 does not properly verify the status of file descriptors before setuid execution, which allows local users to gain privileges by closing file descriptor 0, 1, or 2 and then invoking a setuid program, a variant of CVE-2002-0572.
Max CVSS
4.6
EPSS Score
0.04%
Published
2007-01-19
Updated
2018-10-16
Buffer overflow in Sun JDK and Java Runtime Environment (JRE) 5.0 Update 9 and earlier, SDK and JRE 1.4.2_12 and earlier, and SDK and JRE 1.3.1_18 and earlier allows applets to gain privileges via a GIF image with a block with a 0 width field, which triggers memory corruption.
Max CVSS
6.8
EPSS Score
42.36%
Published
2007-01-17
Updated
2018-10-30
Cross-site scripting (XSS) vulnerability in /search in iPlanet Web Server 4.x allows remote attackers to inject arbitrary web script or HTML via the NS-max-records parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
6.8
EPSS Score
0.99%
Published
2007-01-12
Updated
2008-11-15
Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
Max CVSS
7.8
EPSS Score
41.44%
Published
2007-01-10
Updated
2018-10-30
Sun Java System Content Delivery Server 5.0 and 5.0 PU1 allows remote attackers to obtain sensitive information regarding "content details" via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.94%
Published
2007-01-09
Updated
2017-07-29
ChainKey Java Code Protection allows attackers to decompile Java class files via a Java class loader with a modified defineClass method that saves the bytecode to a file before it is passed to the JVM.
Max CVSS
4.4
EPSS Score
0.05%
Published
2007-01-17
Updated
2018-10-16
11 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!