CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

SUN : Security Vulnerabilities (CVSS score between 4 and 4.99)

CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Copy Results Download Results Select Table
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2013-2433 2013-04-17 2013-04-18
4.3
 None Remote Medium Not required None Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.
2 CVE-2013-2418 2013-04-17 2013-04-18
4.6
 None Local Low Not required Partial Partial Partial
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
3 CVE-2013-1540 2013-04-17 2013-04-18
4.3
 None Remote Medium Not required None Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2433.
4 CVE-2013-1507 2013-04-17 2013-04-17
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Filesystem.
5 CVE-2013-1498 2013-04-17 2013-04-17
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1496.
6 CVE-2013-1496 2013-04-17 2013-04-17
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/IO, a different vulnerability than CVE-2013-1498.
7 CVE-2013-1494 2013-04-17 2013-04-17
4.7
 None Local Medium Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10, when running on SPARC T4 servers, allows local users to affect availability via unknown vectors related to Kernel.
8 CVE-2013-0443 2013-02-01 2013-05-14
4.0
 None Remote High Not required Partial Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect validation of Diffie-Hellman keys, which allows remote attackers to conduct a "small subgroup attack" to force the use of weak session keys or obtain sensitive information about the private key.
9 CVE-2013-0438 2013-02-01 2013-02-25
4.3
 None Remote Medium Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.
10 CVE-2013-0413 2013-04-17 2013-04-17
4.4
 None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Remote Execution Service.
11 CVE-2013-0407 2013-01-16 2013-01-17
4.6
 None Local Low Single system None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/DTrace Framework.
12 CVE-2013-0406 2013-04-17 2013-04-17
4.3
 None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors via vectors related to Kernel/IPsec.
13 CVE-2012-5095 2012-10-17 2012-10-17
4.4
 None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to inetd.
14 CVE-2012-4233 DoS 2012-11-19 2013-01-03
4.3
 None Remote Medium Not required None None Partial
LibreOffice 3.5.x before 3.5.7.2 and 3.6.x before 3.6.1, and OpenOffice.org (OOo), allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted (1) odt file to vcllo.dll, (2) ODG (Drawing document) file to svxcorelo.dll, (3) PolyPolygon record in a .wmf (Window Meta File) file embedded in a ppt (PowerPoint) file to tllo.dll, or (4) xls (Excel) file to scfiltlo.dll.
15 CVE-2012-3212 2012-10-16 2013-01-31
4.7
 None Local Medium Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11, when running on SPARC T4 servers, allows local users to affect availability via unknown vectors related to Kernel.
16 CVE-2012-3211 2012-10-16 2013-01-31
4.6
 None Local Low Single system None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/System Call.
17 CVE-2012-3208 2012-10-16 2013-01-31
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability, related to Kernel/RCTL.
18 CVE-2012-3207 2012-10-16 2013-01-31
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kernel.
19 CVE-2012-3131 2012-07-17 2012-12-27
4.3
 None Remote Medium Not required Partial None None
Unspecified vulnerability in Oracle Sun Solaris 9, 10, and 11 allows remote attackers to affect confidentiality, related to Network/NFS.
20 CVE-2012-3130 2012-07-17 2012-12-27
4.3
 None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect integrity via unknown vectors related to pkg.depotd.
21 CVE-2012-3112 2012-07-17 2012-12-27
4.3
 None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to affect integrity via unknown vectors related to Solaris Management Console.
22 CVE-2012-1765 2012-07-17 2012-09-07
4.7
 None Local Medium Not required None Complete None
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via unknown vectors related to Branded Zone.
23 CVE-2012-1752 2012-07-17 2012-11-06
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability, related to Kernel/NFS.
24 CVE-2012-1750 2012-07-17 2012-11-06
4.4
 None Local Medium Not required Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to mailx.
25 CVE-2012-1696 2012-05-03 2012-12-28
4.0
 None Remote Low Single system None None Partial
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
26 CVE-2012-1692 2012-05-03 2012-12-18
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability, related to SCTP.
27 CVE-2012-1684 2012-05-03 2012-12-18
4.3
 None Local Low Single system Partial Partial Partial
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Password Policy.
28 CVE-2012-1681 2012-05-03 2012-12-18
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect availability via unknown vectors related to Kernel/sockfs.
29 CVE-2012-0506 2012-02-15 2013-02-14
4.3
 None Remote Medium Not required None Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to CORBA.
30 CVE-2012-0103 2012-01-18 2012-01-30
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to Kernel.
31 CVE-2011-3542 2011-10-18 2011-10-29
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to Kernel/Performance Counter BackEnd Module (pcbe).
32 CVE-2011-2713 119 DoS Overflow 2011-10-21 2013-04-18
4.3
 None Remote Medium Not required None None Partial
oowriter in OpenOffice.org 3.3.0 and LibreOffice before 3.4.3 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted DOC file that triggers an out-of-bounds read in the DOC sprm parser.
33 CVE-2011-2313 2011-10-18 2012-05-14
4.3
 None Local Low Multiple systems None None Complete
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to ZFS.
34 CVE-2011-2296 2011-07-20 2011-10-04
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to Kernel/SCTP.
35 CVE-2011-2295 2011-07-20 2011-10-04
4.7
 None Local Medium Not required None None Complete
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to Driver/USB.
36 CVE-2011-2293 2011-07-20 2011-10-04
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to Zones.
37 CVE-2011-2290 2011-07-20 2011-10-04
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel/sockfs.
38 CVE-2011-2259 2011-07-20 2011-10-04
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability, related to UFS.
39 CVE-2011-2258 2011-07-20 2011-10-04
4.6
 None Local Low Not required Partial Partial Partial
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect confidentiality, integrity, and availability via unknown vectors related to rksh.
40 CVE-2011-0829 2011-04-20 2012-08-03
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/SPARC.
41 CVE-2011-0813 2011-04-20 2012-08-03
4.9
 None Local Low Not required None None Complete
Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect availability via unknown vectors related to Kernel.
42 CVE-2010-4475 2011-02-17 2012-10-29
4.3
 None Remote Medium Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment.
43 CVE-2010-4468 2011-02-17 2012-01-26
4.0
 None Remote High Not required Partial Partial None
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to JDBC.
44 CVE-2010-4459 2011-01-19 2011-01-26
4.6
 None Local Low Single system None None Complete
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to SCTP and Kernel/sockfs.
45 CVE-2010-4458 2011-01-19 2011-01-26
4.1
 None Local Medium Multiple systems None None Complete
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to ZFS.
46 CVE-2010-4456 2011-01-19 2011-01-26
4.3
 None Remote Medium Not required None Partial None
Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors related to Web Mail.
47 CVE-2010-4447 2011-02-17 2012-10-29
4.3
 None Remote Medium Not required Partial None None
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Deployment.
48 CVE-2010-4446 2011-01-19 2011-01-26
4.6
 None Local Low Single system None None Complete
Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to RDS and Kernel/InfiniBand.
49 CVE-2010-4443 2011-01-19 2011-01-26
4.4
 None Local Medium Single system None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/NFS.
50 CVE-2010-4442 2011-01-19 2011-01-26
4.4
 None Local Medium Single system None None Complete
Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to the Kernel.
Total number of vulnerabilities : 274   Page : 1 (This Page)2 3 4 5 6
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.