Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:oracle:solaris:10:*:*:zh:*:*:sparc:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-3519 |
Multiple memory leaks in the IP module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_109, allow local users to cause a denial of service (memory consumption) via vectors related to (1) M_DATA, (2) M_PROTO, (3) M_PCPROTO, and (4) M_SIG STREAMS messages. Published: October 01, 2009; 11:30:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2009-2857 |
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file. Published: August 19, 2009; 1:30:01 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2009-2282 |
The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris 10, and OpenSolaris snv_41 through snv_108, on SPARC platforms does not check authorization for guest console access, which allows local control-domain users to gain guest-domain privileges via unknown vectors. Published: July 01, 2009; 9:00:01 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2008-2992 |
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104. Published: November 04, 2008; 1:29:47 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2008-4609 |
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. Published: October 20, 2008; 1:59:26 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.1 HIGH |
CVE-2007-0882 |
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account. Published: February 12, 2007; 3:28:00 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2004-0230 |
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. Published: August 18, 2004; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |