Cross-site scripting (XSS) vulnerability in Sun Java System Web Server 6.1 before SP8 and 7.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566204.
Max CVSS
4.3
EPSS Score
0.25%
Published
2007-12-28
Updated
2017-08-08
Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6611356.
Max CVSS
4.3
EPSS Score
0.25%
Published
2007-12-28
Updated
2017-08-08
Cross-site scripting (XSS) vulnerability in the View URL Database functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 and 3.x before 3.6 SP11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566309.
Max CVSS
4.3
EPSS Score
0.31%
Published
2007-12-28
Updated
2017-08-08
Cross-site scripting (XSS) vulnerability in the View Error Log functionality in Sun Java System Web Proxy Server 4.x before 4.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka BugID 6566246.
Max CVSS
4.3
EPSS Score
0.25%
Published
2007-12-28
Updated
2011-03-08
Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities.
Max CVSS
3.5
EPSS Score
0.12%
Published
2007-12-20
Updated
2017-09-29
Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors.
Max CVSS
7.8
EPSS Score
4.37%
Published
2007-12-20
Updated
2018-10-30
Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to create or delete arbitrary directories via unspecified vectors.
Max CVSS
6.4
EPSS Score
0.81%
Published
2007-12-20
Updated
2017-08-08
The Oracle database component in Sun Management Center (Sun MC) 3.6.1, 3.6, and 3.5 Update 1 has a default account, which allows remote attackers to obtain database access and execute arbitrary code.
Max CVSS
9.4
EPSS Score
4.72%
Published
2007-12-20
Updated
2018-10-30
Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120011-* and 120012-* patches, allows remote attackers to bypass certain netgroup restrictions and obtain root access to a filesystem via NFS requests from a client root user.
Max CVSS
9.3
EPSS Score
1.52%
Published
2007-12-17
Updated
2017-08-08
Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attackers to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3) http network traffic that triggers memory exhaustion.
Max CVSS
7.8
EPSS Score
6.17%
Published
2007-12-15
Updated
2017-08-08
Unspecified vulnerability in Sun Solaris 10, when 64bit mode is used on the x86 platform, allows local users in a Linux (lx) branded zone to cause a denial of service (panic) via unspecified vectors.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-12-04
Updated
2017-07-29
Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs.
Max CVSS
4.7
EPSS Score
0.04%
Published
2007-12-04
Updated
2018-10-30
12 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!