The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.
Max CVSS
3.7
EPSS Score
0.06%
Published
2003-12-03
Updated
2018-10-30
Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files.
Max CVSS
3.6
EPSS Score
0.04%
Published
2005-05-02
Updated
2008-09-05
Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits.
Max CVSS
3.6
EPSS Score
0.04%
Published
2005-12-31
Updated
2018-10-30
pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory permissions (755 or 777) if the pkgmap file contains a "?" (question mark) in the mode field, which allows local users to modify arbitrary files or directories, a different vulnerability than CVE-2002-1871.
Max CVSS
3.6
EPSS Score
0.04%
Published
2006-08-29
Updated
2017-10-11

CVE-2006-4842

Public exploit
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrary files.
Max CVSS
3.6
EPSS Score
0.06%
Published
2006-10-12
Updated
2018-10-17
Sun Solaris 10 before 20061006 uses "incorrect and insufficient permission checks" that allow local users to intercept or spoof packets by creating a raw socket on a link aggregation (network device aggregation).
Max CVSS
3.6
EPSS Score
0.04%
Published
2006-10-10
Updated
2017-07-20
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors.
Max CVSS
3.5
EPSS Score
0.21%
Published
2007-10-09
Updated
2017-09-29
Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it more difficult to conduct forensics activities.
Max CVSS
3.5
EPSS Score
0.12%
Published
2007-12-20
Updated
2017-09-29
Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager.
Max CVSS
3.3
EPSS Score
0.04%
Published
2010-03-29
Updated
2018-10-10
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!