Solaris Security Vulnerabilities and Issues — Solaris CVE List

Lucene search

SunSolaris

12 matches found

CVE•added 2007/06/28 6:30 p.m.•61 views

CVE-2007-3471

Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.

7.2CVSS7.8AI score0.00094EPSS

CVE•added 2007/06/06 9:30 p.m.•50 views

CVE-2007-3093

Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.

10CVSS7.6AI score0.1406EPSS

CVE•added 2007/06/06 9:30 p.m.•50 views

CVE-2007-3094

Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.

9CVSS7.4AI score0.02031EPSS

CVE•added 2007/06/14 11:30 p.m.•49 views

CVE-2007-3223

Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk_getint32 functions.

7.8CVSS6.6AI score0.02139EPSS

CVE•added 2007/06/28 6:30 p.m.•49 views

CVE-2007-3470

Multiple unspecified vulnerabilities in the KSSL kernel module in Sun Solaris 10, when configured with the KSSL proxy, allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors related to "memory buffers" of Secure Socket Layer (SSL) records.

7.8CVSS6.8AI score0.03491EPSS

CVE•added 2007/06/06 10:30 a.m.•48 views

CVE-2007-3069

xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session with Assistive Technology support is running, allows attackers with physical access to take control of the session after entering an Alt-Tab sequence.

4.6CVSS6AI score0.00073EPSS

CVE•added 2007/06/19 10:30 p.m.•43 views

CVE-2007-3283

GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.

6.8CVSS6.2AI score0.00048EPSS

CVE•added 2007/06/01 10:30 a.m.•41 views

CVE-2007-2990

Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file.

4.9CVSS6.2AI score0.00061EPSS

CVE•added 2007/06/28 6:30 p.m.•41 views

CVE-2007-3469

Unspecified vulnerability in the TCP Loopback/Fusion implementation in Sun Solaris 10 allows local users to cause a denial of service (resource exhaustion and service hang) via unspecified vectors.

4.9CVSS6.2AI score0.00061EPSS

CVE•added 2007/06/18 10:30 a.m.•37 views

CVE-2007-3248

Unspecified vulnerability in Sun Solaris 10 before 20070614, when IPv6 interfaces are present but not configured for IPsec, allows remote attackers to cause a denial of service (system crash) via certain network traffic.

7.8CVSS6.7AI score0.02139EPSS

CVE•added 2007/06/27 5:30 p.m.•36 views

CVE-2007-3458

The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.

4.9CVSS6AI score0.00061EPSS

CVE•added 2007/06/01 10:30 a.m.•35 views

CVE-2007-2989

The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different from 500. NOTE: this issue might overlap CVE-2006-22...

7.8CVSS6.4AI score0.03788EPSS