Lucene search
K
OracleSun Products Suite

37 matches found

CVE
CVE
added 2011/07/20 10:36 p.m.172 views

CVE-2011-1511

Oracle GlassFish Server Administration Console (GlassFish Server 2.1.1 and 3.0.1) contains CVE-2011-1511, an authentication bypass in the Admin Console. Related connected advisories describe a vulnerability exploited via crafted HTTP TRACE requests, enabling remote access to restricted informatio...

6.4CVSS6.8AI score0.14646EPSS
CVE
CVE
added 2010/10/13 11:0 p.m.74 views

CVE-2010-3512

CVE-2010-3512 affects Oracle iPlanet Web Server (Sun Java System Web Server) 7.0u8. The vulnerability is an unspecified issue in the WebDAV-related functionality that could allow remote authenticated users to affect confidentiality. The NVD entry describes an unspecified vulnerability in the WebD...

3.5CVSS5.7AI score0.01331EPSS
CVE
CVE
added 2010/10/13 11:0 p.m.67 views

CVE-2010-3514

CVE-2010-3514 affects Oracle iPlanet Web Server (Sun Java System Web Server) 7.0.x prior to 7.0.9. The vulnerability is in the Web Container and enables HTTP response splitting via crafted responses (CR/LF handling in headers). CVSS 2.0 base score is 4.3 (Network, Medium complexity, no auth; inte...

4.3CVSS5.7AI score0.04485EPSS
CVE
CVE
added 2012/05/03 5:18 p.m.65 views

CVE-2012-0516

Oracle iPlanet Web Server 7.0.x (pre-7.0.15) is affected by CVE-2012-0516 due to multiple cross-site scripting vulnerabilities in the Administration console (admingui). Exploitation involves crafting a URL that triggers XSS via interfaces like cchelp2/Masthead.jsp, potentially enabling arbitrary ...

6.8CVSS4.3AI score0.02912EPSS
In wild
CVE
CVE
added 2010/04/13 10:0 p.m.63 views

CVE-2010-0883

CVE-2010-0883 concerns Sun Cluster in Oracle Sun Product Suite 3.1/3.2. Affected are Solaris/Sun Cluster environments, with references tying this CVE to Data Service for Oracle E-Business Suite. The connected Nessus entries indicate Solaris 8/9/10 patches (e.g., 143047-02, 143048-02, 143049-02; 1...

2.1CVSS5.3AI score0.00409EPSS
CVE
CVE
added 2010/10/14 5:0 p.m.63 views

CVE-2010-3564

CVE-2010-3564 is evidenced in connected documents as a Kerberos AP-REQ check vulnerability in OpenJDK/OpenJDK, which could cause a denial of service in the Java VM. Remediation in the sources shown includes OpenJDK/IcedTea updates (e.g., RHSA-2010:0768, ELSA-2010-0768) upgrading to patched OpenJD...

6.4CVSS7.9AI score0.04093EPSS
CVE
CVE
added 2012/05/03 5:18 p.m.63 views

CVE-2012-0208

CVE-2012-0208 affects Oracle Grid Engine (Sun/Open Grid Engine) 6.1/6.2. The root cause is that the execution environment is not sanitized before creating processes, enabling remote authenticated users to escalate privileges (to root per Debian advisory). Remediation in vendor/debian disclosures ...

9CVSS5.3AI score0.02961EPSS
CVE
CVE
added 2011/10/18 10:0 p.m.62 views

CVE-2011-3506

CVE-2011-3506 is cited in RHSA-2012:1125 as a flaw in Oracle OpenSSO authentication/administration components. The Red Hat advisory states remote attackers could affect integrity/availability of a service using Oracle OpenSSO. The fix is included in Red Hat’s JBoss Enterprise SOA Platform 5.3.0, ...

4.3CVSS5.8AI score0.01887EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.61 views

CVE-2010-0888

CVE-2010-0888 affects Sun Ray Server Software within Oracle Sun Product Suite 4.0–4.2. The Sun Ray vulnerability is described as unspecified with remote impact to confidentiality, integrity, and availability via unknown vectors related to Device Services. Provided sources indicate a historical Or...

10CVSS6AI score0.04222EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.61 views

CVE-2010-0897

CVE-2010-0897 affects Sun Microsystems Directory Server (Oracle Sun Product Suite). Connected sources describe multiple vulnerabilities in the DSML/DSML-over-HTTP and LDAP implementations. The flaws can enable denial of service via DSML-over-HTTP POST requests or malformed LDAP queries, and can a...

7.5CVSS5.8AI score0.02921EPSS
CVE
CVE
added 2010/10/14 5:0 p.m.59 views

CVE-2010-3544

CVE-2010-3544 is a CSRF vulnerability in Oracle iPlanet Web Server (Sun Java System Web Server) prior to 7.0U9 that allows an attacker to stop a server instance via the management console when a user views a malicious page while authenticated. The issue is documented across multiple sources (JVN/...

5.8CVSS5.7AI score0.02371EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.58 views

CVE-2010-0884

CVE-2010-0884 is described as an unspecified vulnerability in the Sun Cluster component of Oracle Sun Product Suite 3.1/3.2 affecting confidentiality via unknown vectors in the Data Service for Oracle E-Business Suite. Connected Nessus/NASL data reference Solaris patches (e.g., 126049-07 for Sola...

2.1CVSS5.3AI score0.00409EPSS
CVE
CVE
added 2011/07/20 11:0 p.m.57 views

CVE-2011-2260

CVE-2011-2260 affects Oracle GlassFish Server 2.1.1 (Sun GlassFish Enterprise Server) and is a cross-site scripting (XSS) vulnerability tied to username handling. The stored XSS variant described in SOS-11-009 shows an unauthenticated remote attacker can inject script via the username field, pote...

5.8CVSS5.4AI score0.03294EPSS
Web
CVE
CVE
added 2010/04/13 10:0 p.m.56 views

CVE-2010-0885

CVE-2010-0885 concerns Sun Java System Communications Express within Oracle Sun Product Suite 6 (2005Q4, 6.2) and 6.3. The vulnerability is described as unspecified, allowing remote authenticated users to affect confidentiality via unknown vectors related to the Address Book. Connected sources in...

6.8CVSS5.3AI score0.02277EPSS
CVE
CVE
added 2011/04/20 10:0 a.m.56 views

CVE-2011-0844

CVE-2011-0844 describes an unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components (Oracle Sun Products Suite 7.1 and 8.0) that allows remote attackers to affect integrity via unknown vectors related to authentication. The connected documents confirm the ...

4.3CVSS5.9AI score0.01453EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.55 views

CVE-2010-0896

CVE-2010-0896 affects Sun Convergence 1.0 in Oracle Sun Product Suite 1.0; NVD reports an unspecified vulnerability allowing remote confidentiality impact via unknown vectors in Address Book and Mail Filter (C:P). Nessus plugins for Solaris 10 (sparc/x86) show core patches 137631-17 and 137632-17...

7.1CVSS5.8AI score0.01444EPSS
CVE
CVE
added 2011/10/18 10:0 p.m.55 views

CVE-2011-3507

CVE-2011-3507 is an unspecified vulnerability in the Oracle Communications Unified component of Oracle Sun Products Suite 7.0. The connected Nessus entries show Solaris 10 patches (137204-31/33/34/35/36/37/38) for the Messaging Server (64-bit) 7.0.5.x line, indicating the issue was addressed by c...

3.5CVSS5.1AI score0.01369EPSS
CVE
CVE
added 2011/10/18 10:0 p.m.54 views

CVE-2011-3535

CVE-2011-3535 concerns an unspecified vulnerability in the Solaris component of Oracle Sun Products Suite (versions 8–11 Express) that could affect availability via the Remote Quota Server (rquotad). The linked documents confirm Solaris patches related to this family of issues (e.g., 121194-02 fo...

5CVSS6AI score0.02326EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.53 views

CVE-2010-0882

Technical details about CVE-2010-0882 are not provided in the supplied documents. The initial description notes an unspecified local vulnerability in Solaris/OpenSolaris Trusted Extensions but does not disclose affected components, versions, vectors, or remediation. Monitor for updates from Oracl...

7.2CVSS5.6AI score0.00432EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.53 views

CVE-2010-0893

CVE-2010-0893 affects Sun Convergence 1.0 in Oracle Sun Product Suite 1.0, with unknown vectors impacting confidentiality via Mail. The Solaris patches 137631-17 (SPARC) and 137632-17 (x86) contain the fix; apply them to remediate. The vulnerability’s exploitation status is not specified in the p...

4.3CVSS5.7AI score0.02354EPSS
CVE
CVE
added 2010/10/14 5:0 p.m.53 views

CVE-2010-3545

CVE-2010-3545 affects Oracle iPlanet Web Server (Sun Java System Web Server), part of Oracle Sun Product Suite 7.0. The vulnerability is in the Administration component and allows remote attackers to affect confidentiality and integrity via unknown vectors. Public sources in connected docs corrob...

5.8CVSS5.5AI score0.01713EPSS
CVE
CVE
added 2011/04/20 10:0 a.m.53 views

CVE-2011-0847

CVE-2011-0847 concerns an unspecified vulnerability in Oracle Sun OpenSSO/ Sun Java System Access Manager components (Oracle Sun Products Suite 7.1 and 8.0). The NVD entry states remote authenticated users can affect confidentiality via unknown vectors related to Authentication (CVSSv2 base score...

4CVSS5.3AI score0.01409EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.51 views

CVE-2010-0894

Technical details about CVE-2010-0894 are not publicly provided in the supplied documents. Monitor for updates.

5.8CVSS6AI score0.02451EPSS
CVE
CVE
added 2010/10/14 5:0 p.m.51 views

CVE-2010-3535

CVE-2010-3535 affects the Directory Server Enterprise Edition component of Oracle Sun Product Suite (versions 6.0–6.3). The vulnerability is described as unspecified and exploitable via Identity Synchronization for Windows, with potential impact to confidentiality, integrity, and availability. Th...

4.4CVSS5.6AI score0.00389EPSS
CVE
CVE
added 2012/05/03 5:18 p.m.51 views

CVE-2012-0523

Technical details about CVE-2012-0523 are not provided in the supplied documents; no affected products, impact, or remediation are disclosed. Monitor for updates.

7.2CVSS5.5AI score0.00417EPSS
CVE
CVE
added 2013/01/17 1:30 a.m.51 views

CVE-2013-0417

CVE-2013-0417 affects the Sun Storage Common Array Manager (CAM) component of Oracle Sun Products Suite, specifically CAM 6.9.0, due to a vulnerability in the Fault Management System (FMS). The issue allows remote, unauthenticated attackers to read a subset of CAM data (confidentiality impact). P...

5CVSS6.2AI score0.0122EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.50 views

CVE-2010-0890

CVE-2010-0890 affects Solaris/OpenSolaris: Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_01–snv_98 has an unspecified vulnerability that allows local users to affect availability via kernel-related vectors. The NVD entry provides limited detail (no explicit root cause, vect...

2.1CVSS5.6AI score0.00444EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.50 views

CVE-2010-0891

CVE-2010-0891 affects Sun Management Center in Oracle Sun Product Suite 3.6.1 and 4.0, with an unspecified vulnerability allowing remote impact to confidentiality and integrity via unknown vectors related to Solaris Container Manager. Public documents provide limited detail beyond affected produc...

5.8CVSS5.7AI score0.02354EPSS
CVE
CVE
added 2010/10/14 5:0 p.m.50 views

CVE-2010-3546

CVE-2010-3546 affects Sun Java System Identity Manager (Oracle Sun Products Suite 8.1). The vulnerability is described as unspecified, allowing remote attackers to affect confidentiality and integrity via unknown vectors. Oracle’s October 2010 CPU lists CVE-2010-3546 under the Sun Products Suite ...

5.8CVSS6AI score0.01713EPSS
CVE
CVE
added 2010/10/14 5:0 p.m.50 views

CVE-2010-3579

CVE-2010-3579 affects Sun Convergence 1 and Sun Java Communications Suite 7 components in Oracle Sun Product Suite 1.0/7.0, exploitable via Webmail over HTTP. The Oracle CPU October 2010 advisory indicates these vulnerabilities can be remotely exploitable without authentication, impacting confide...

6.4CVSS5.8AI score0.01919EPSS
CVE
CVE
added 2011/10/18 10:0 p.m.50 views

CVE-2011-2327

CVE-2011-2327 affects the Oracle Communications Unified component in Oracle Sun Products Suite 7.0. The vulnerability could allow local users to affect confidentiality via unknown vectors related to Delegated Administrator. The NVD entry lists a low base CVSS v2 score (2.1, Local access, Partial ...

2.1CVSS5.3AI score0.00403EPSS
CVE
CVE
added 2011/10/18 10:0 p.m.48 views

CVE-2011-3517

CVE-2011-3517 pertains to the Oracle OpenSSO component in Oracle Sun Products Suite 8.0, with an unspecified vulnerability that could affect availability via authentication. Connected documents reference OpenSSO and list the CVE in Red Hat’s RHSA-2012:1125-CVE-2011-3517, noting fixes within the 5...

7.8CVSS5.9AI score0.03514EPSS
CVE
CVE
added 2010/10/13 11:0 p.m.47 views

CVE-2010-3506

CVE-2010-3506 affects Oracle Sun Product Suite 6.4 (Oracle Explorer/Sun Explorer). Described as an unspecified vulnerability that could affect confidentiality and integrity via unknown vectors for local users. CVSS v2 base score 3.0 (LOW), vector AV:L/AC:M/Au:S/C:P/I:P/A:N. The Initial Descriptio...

3CVSS5.5AI score0.00329EPSS
CVE
CVE
added 2011/10/18 10:0 p.m.47 views

CVE-2011-2310

Technical details for CVE-2011-2310 are not publicly provided in the supplied documents. Monitor for updates from Oracle CPU advisories and vulnerability databases.

7.5CVSS6AI score0.01842EPSS
CVE
CVE
added 2010/10/13 11:0 p.m.44 views

CVE-2010-2414

CVE-2010-2414 affects Sun Convergence 1 and Sun Java Communications Suite 7 components in Oracle Sun Product Suite 1.0 and 7.0. Description indicates an unspecified vulnerability that could allow remote attackers to affect confidentiality via unknown vectors; CVSS context from Oracle CPU notes th...

2.6CVSS6.1AI score0.0164EPSS
CVE
CVE
added 2011/07/20 11:0 p.m.43 views

CVE-2011-2245

Technical details about CVE-2011-2245 are not publicly provided in the supplied documents; no affected product/version or exploit specifics are disclosed. Monitor for updates.

7.5CVSS6.3AI score0.02118EPSS
CVE
CVE
added 2012/07/17 10:39 p.m.43 views

CVE-2012-3126

CVE-2012-3126 affects the Solaris Cluster component of Oracle Sun Products Suite 3.3, with vulnerability arising from an unspecified flaw related to the Apache Tomcat Agent. The impact is stated as affecting confidentiality, integrity, and availability via unknown vectors; local access is implied...

6.2CVSS5.6AI score0.00336EPSS