37 matches found
CVE-2011-1511
Oracle GlassFish Server Administration Console (GlassFish Server 2.1.1 and 3.0.1) contains CVE-2011-1511, an authentication bypass in the Admin Console. Related connected advisories describe a vulnerability exploited via crafted HTTP TRACE requests, enabling remote access to restricted informatio...
CVE-2010-3512
CVE-2010-3512 affects Oracle iPlanet Web Server (Sun Java System Web Server) 7.0u8. The vulnerability is an unspecified issue in the WebDAV-related functionality that could allow remote authenticated users to affect confidentiality. The NVD entry describes an unspecified vulnerability in the WebD...
CVE-2010-3514
CVE-2010-3514 affects Oracle iPlanet Web Server (Sun Java System Web Server) 7.0.x prior to 7.0.9. The vulnerability is in the Web Container and enables HTTP response splitting via crafted responses (CR/LF handling in headers). CVSS 2.0 base score is 4.3 (Network, Medium complexity, no auth; inte...
CVE-2012-0516
Oracle iPlanet Web Server 7.0.x (pre-7.0.15) is affected by CVE-2012-0516 due to multiple cross-site scripting vulnerabilities in the Administration console (admingui). Exploitation involves crafting a URL that triggers XSS via interfaces like cchelp2/Masthead.jsp, potentially enabling arbitrary ...
CVE-2010-0883
CVE-2010-0883 concerns Sun Cluster in Oracle Sun Product Suite 3.1/3.2. Affected are Solaris/Sun Cluster environments, with references tying this CVE to Data Service for Oracle E-Business Suite. The connected Nessus entries indicate Solaris 8/9/10 patches (e.g., 143047-02, 143048-02, 143049-02; 1...
CVE-2010-3564
CVE-2010-3564 is evidenced in connected documents as a Kerberos AP-REQ check vulnerability in OpenJDK/OpenJDK, which could cause a denial of service in the Java VM. Remediation in the sources shown includes OpenJDK/IcedTea updates (e.g., RHSA-2010:0768, ELSA-2010-0768) upgrading to patched OpenJD...
CVE-2012-0208
CVE-2012-0208 affects Oracle Grid Engine (Sun/Open Grid Engine) 6.1/6.2. The root cause is that the execution environment is not sanitized before creating processes, enabling remote authenticated users to escalate privileges (to root per Debian advisory). Remediation in vendor/debian disclosures ...
CVE-2011-3506
CVE-2011-3506 is cited in RHSA-2012:1125 as a flaw in Oracle OpenSSO authentication/administration components. The Red Hat advisory states remote attackers could affect integrity/availability of a service using Oracle OpenSSO. The fix is included in Red Hat’s JBoss Enterprise SOA Platform 5.3.0, ...
CVE-2010-0888
CVE-2010-0888 affects Sun Ray Server Software within Oracle Sun Product Suite 4.0–4.2. The Sun Ray vulnerability is described as unspecified with remote impact to confidentiality, integrity, and availability via unknown vectors related to Device Services. Provided sources indicate a historical Or...
CVE-2010-0897
CVE-2010-0897 affects Sun Microsystems Directory Server (Oracle Sun Product Suite). Connected sources describe multiple vulnerabilities in the DSML/DSML-over-HTTP and LDAP implementations. The flaws can enable denial of service via DSML-over-HTTP POST requests or malformed LDAP queries, and can a...
CVE-2010-3544
CVE-2010-3544 is a CSRF vulnerability in Oracle iPlanet Web Server (Sun Java System Web Server) prior to 7.0U9 that allows an attacker to stop a server instance via the management console when a user views a malicious page while authenticated. The issue is documented across multiple sources (JVN/...
CVE-2010-0884
CVE-2010-0884 is described as an unspecified vulnerability in the Sun Cluster component of Oracle Sun Product Suite 3.1/3.2 affecting confidentiality via unknown vectors in the Data Service for Oracle E-Business Suite. Connected Nessus/NASL data reference Solaris patches (e.g., 126049-07 for Sola...
CVE-2011-2260
CVE-2011-2260 affects Oracle GlassFish Server 2.1.1 (Sun GlassFish Enterprise Server) and is a cross-site scripting (XSS) vulnerability tied to username handling. The stored XSS variant described in SOS-11-009 shows an unauthenticated remote attacker can inject script via the username field, pote...
CVE-2010-0885
CVE-2010-0885 concerns Sun Java System Communications Express within Oracle Sun Product Suite 6 (2005Q4, 6.2) and 6.3. The vulnerability is described as unspecified, allowing remote authenticated users to affect confidentiality via unknown vectors related to the Address Book. Connected sources in...
CVE-2011-0844
CVE-2011-0844 describes an unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components (Oracle Sun Products Suite 7.1 and 8.0) that allows remote attackers to affect integrity via unknown vectors related to authentication. The connected documents confirm the ...
CVE-2010-0896
CVE-2010-0896 affects Sun Convergence 1.0 in Oracle Sun Product Suite 1.0; NVD reports an unspecified vulnerability allowing remote confidentiality impact via unknown vectors in Address Book and Mail Filter (C:P). Nessus plugins for Solaris 10 (sparc/x86) show core patches 137631-17 and 137632-17...
CVE-2011-3507
CVE-2011-3507 is an unspecified vulnerability in the Oracle Communications Unified component of Oracle Sun Products Suite 7.0. The connected Nessus entries show Solaris 10 patches (137204-31/33/34/35/36/37/38) for the Messaging Server (64-bit) 7.0.5.x line, indicating the issue was addressed by c...
CVE-2011-3535
CVE-2011-3535 concerns an unspecified vulnerability in the Solaris component of Oracle Sun Products Suite (versions 8–11 Express) that could affect availability via the Remote Quota Server (rquotad). The linked documents confirm Solaris patches related to this family of issues (e.g., 121194-02 fo...
CVE-2010-0882
Technical details about CVE-2010-0882 are not provided in the supplied documents. The initial description notes an unspecified local vulnerability in Solaris/OpenSolaris Trusted Extensions but does not disclose affected components, versions, vectors, or remediation. Monitor for updates from Oracl...
CVE-2010-0893
CVE-2010-0893 affects Sun Convergence 1.0 in Oracle Sun Product Suite 1.0, with unknown vectors impacting confidentiality via Mail. The Solaris patches 137631-17 (SPARC) and 137632-17 (x86) contain the fix; apply them to remediate. The vulnerability’s exploitation status is not specified in the p...
CVE-2010-3545
CVE-2010-3545 affects Oracle iPlanet Web Server (Sun Java System Web Server), part of Oracle Sun Product Suite 7.0. The vulnerability is in the Administration component and allows remote attackers to affect confidentiality and integrity via unknown vectors. Public sources in connected docs corrob...
CVE-2011-0847
CVE-2011-0847 concerns an unspecified vulnerability in Oracle Sun OpenSSO/ Sun Java System Access Manager components (Oracle Sun Products Suite 7.1 and 8.0). The NVD entry states remote authenticated users can affect confidentiality via unknown vectors related to Authentication (CVSSv2 base score...
CVE-2010-0894
Technical details about CVE-2010-0894 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2010-3535
CVE-2010-3535 affects the Directory Server Enterprise Edition component of Oracle Sun Product Suite (versions 6.0–6.3). The vulnerability is described as unspecified and exploitable via Identity Synchronization for Windows, with potential impact to confidentiality, integrity, and availability. Th...
CVE-2012-0523
Technical details about CVE-2012-0523 are not provided in the supplied documents; no affected products, impact, or remediation are disclosed. Monitor for updates.
CVE-2013-0417
CVE-2013-0417 affects the Sun Storage Common Array Manager (CAM) component of Oracle Sun Products Suite, specifically CAM 6.9.0, due to a vulnerability in the Fault Management System (FMS). The issue allows remote, unauthenticated attackers to read a subset of CAM data (confidentiality impact). P...
CVE-2010-0890
CVE-2010-0890 affects Solaris/OpenSolaris: Solaris component in Oracle Sun Product Suite 10 and OpenSolaris snv_01–snv_98 has an unspecified vulnerability that allows local users to affect availability via kernel-related vectors. The NVD entry provides limited detail (no explicit root cause, vect...
CVE-2010-0891
CVE-2010-0891 affects Sun Management Center in Oracle Sun Product Suite 3.6.1 and 4.0, with an unspecified vulnerability allowing remote impact to confidentiality and integrity via unknown vectors related to Solaris Container Manager. Public documents provide limited detail beyond affected produc...
CVE-2010-3546
CVE-2010-3546 affects Sun Java System Identity Manager (Oracle Sun Products Suite 8.1). The vulnerability is described as unspecified, allowing remote attackers to affect confidentiality and integrity via unknown vectors. Oracle’s October 2010 CPU lists CVE-2010-3546 under the Sun Products Suite ...
CVE-2010-3579
CVE-2010-3579 affects Sun Convergence 1 and Sun Java Communications Suite 7 components in Oracle Sun Product Suite 1.0/7.0, exploitable via Webmail over HTTP. The Oracle CPU October 2010 advisory indicates these vulnerabilities can be remotely exploitable without authentication, impacting confide...
CVE-2011-2327
CVE-2011-2327 affects the Oracle Communications Unified component in Oracle Sun Products Suite 7.0. The vulnerability could allow local users to affect confidentiality via unknown vectors related to Delegated Administrator. The NVD entry lists a low base CVSS v2 score (2.1, Local access, Partial ...
CVE-2011-3517
CVE-2011-3517 pertains to the Oracle OpenSSO component in Oracle Sun Products Suite 8.0, with an unspecified vulnerability that could affect availability via authentication. Connected documents reference OpenSSO and list the CVE in Red Hat’s RHSA-2012:1125-CVE-2011-3517, noting fixes within the 5...
CVE-2010-3506
CVE-2010-3506 affects Oracle Sun Product Suite 6.4 (Oracle Explorer/Sun Explorer). Described as an unspecified vulnerability that could affect confidentiality and integrity via unknown vectors for local users. CVSS v2 base score 3.0 (LOW), vector AV:L/AC:M/Au:S/C:P/I:P/A:N. The Initial Descriptio...
CVE-2011-2310
Technical details for CVE-2011-2310 are not publicly provided in the supplied documents. Monitor for updates from Oracle CPU advisories and vulnerability databases.
CVE-2010-2414
CVE-2010-2414 affects Sun Convergence 1 and Sun Java Communications Suite 7 components in Oracle Sun Product Suite 1.0 and 7.0. Description indicates an unspecified vulnerability that could allow remote attackers to affect confidentiality via unknown vectors; CVSS context from Oracle CPU notes th...
CVE-2011-2245
Technical details about CVE-2011-2245 are not publicly provided in the supplied documents; no affected product/version or exploit specifics are disclosed. Monitor for updates.
CVE-2012-3126
CVE-2012-3126 affects the Solaris Cluster component of Oracle Sun Products Suite 3.3, with vulnerability arising from an unspecified flaw related to the Apache Tomcat Agent. The impact is stated as affecting confidentiality, integrity, and availability via unknown vectors; local access is implied...