Filtered by vendor Sun
Subscribe
Total
1705 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-2749 | 1 Sun | 2 Java System Calendar Server, One Calendar Server | 2017-08-07 | 7.1 HIGH | N/A |
| Unspecified vulnerability in cshttpd in Sun Java System Calendar Server 6 and 6.3, and Sun ONE Calendar Server 6.0, when access logging (aka service.http.commandlog.all) is enabled, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. | |||||
| CVE-2008-2705 | 1 Sun | 1 Java System Access Manager | 2017-08-07 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and configurations of Sun Directory Server Enterprise Edition (DSEE), allows remote attackers to bypass authentication via unspecified vectors. | |||||
| CVE-2008-2404 | 1 Sun | 1 Java Asp Server | 2017-08-07 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the request handling implementation in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary code via an unspecified string field. | |||||
| CVE-2008-2405 | 1 Sun | 1 Java Active Server Pages | 2017-08-07 | 7.5 HIGH | N/A |
| Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in HTTP requests to unspecified ASP applications. | |||||
| CVE-2008-2406 | 1 Sun | 1 Java Asp Server | 2017-08-07 | 7.5 HIGH | N/A |
| The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to bypass authentication via direct requests on TCP port 5102. | |||||
| CVE-2008-2539 | 1 Sun | 1 Cluster | 2017-08-07 | 7.2 HIGH | N/A |
| The Sun Cluster Global File System in Sun Cluster 3.1 on Sun Solaris 8 through 10, when an underlying ufs filesystem is used, might allow local users to read data from arbitrary deleted files, or corrupt files in global filesystems, via unspecified vectors. | |||||
| CVE-2008-2518 | 1 Sun | 1 Java System Web Server | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the advanced search mechanism (webapps/search/advanced.jsp) in Sun Java System Web Server 6.1 before SP9 and 7.0 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the next parameter. | |||||
| CVE-2008-3548 | 1 Sun | 1 Netra T5220 Server | 2017-08-07 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Sun Netra T5220 Server with firmware 7.1.3 allows local users to cause a denial of service (panic) via unknown vectors. | |||||
| CVE-2008-3425 | 1 Sun | 2 Java System Web Server Plugin, N1 Service Provisioning System | 2017-08-07 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Sun Java System Web Server 7.0 plugin in Sun N1 Service Provisioning System (SPS) 5.2 and 6.0 allows remote authenticated SPS users to gain administrative access to the web server via unknown attack vectors. | |||||
| CVE-2008-2674 | 4 Fujitsu, Microsoft, Redhat and 1 more | 11 Interstage Application Server Enterprise, Interstage Application Server Plus, Interstage Application Server Plus Developer and 8 more | 2017-08-07 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Interstage Management Console, as used in Fujitsu Interstage Application Server 6.0 through 9.0.0A, Apworks Modelers-J 6.0 through 7.0, and Studio 8.0.1 and 9.0.0, allows remote attackers to read or delete arbitrary files via unspecified vectors. | |||||
| CVE-2008-2707 | 2 Intel, Sun | 4 Network Interface Controller, Opensolaris, Solaris and 1 more | 2017-08-07 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the e1000g driver in Sun Solaris 10 and OpenSolaris before snv_93 allows remote attackers to cause a denial of service (network connectivity loss) via unknown vectors. | |||||
| CVE-2008-2401 | 1 Sun | 1 Java Active Server | 2017-08-07 | 7.5 HIGH | N/A |
| The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 allows remote attackers to append to arbitrary new or existing files via the first argument to a certain file that is included by multiple unspecified ASP applications. | |||||
| CVE-2008-2402 | 1 Sun | 1 Java Asp Server | 2017-08-07 | 5.0 MEDIUM | N/A |
| The Admin Server in Sun Java Active Server Pages (ASP) Server before 4.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read password hashes and configuration data via direct requests for unspecified documents. | |||||
| CVE-2008-2403 | 1 Sun | 1 Java Asp Server | 2017-08-07 | 10.0 HIGH | N/A |
| Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method. | |||||
| CVE-2008-1780 | 1 Sun | 1 Solaris | 2017-08-07 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors. | |||||
| CVE-2008-2112 | 3 Novell, Redhat, Sun | 4 Suse Linux Enterprise Server, Enterprise Linux, Ray Server Software and 1 more | 2017-08-07 | 8.5 HIGH | N/A |
| Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig. | |||||
| CVE-2008-2120 | 1 Sun | 2 Java System Application Server, Java System Web Server | 2017-08-07 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Sun Java System Application Server 7 2004Q2 before Update 6, Web Server 6.1 before SP8, and Web Server 7.0 before Update 1 allows remote attackers to obtain source code of JSP files via unknown vectors. | |||||
| CVE-2008-1285 | 1 Sun | 1 Jsf | 2017-08-07 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java Server Faces (JSF) 1.2 before 1.2_08 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2008-1286 | 2 Linux, Sun | 3 Linux Kernel, Java Web Console, Solaris | 2017-08-07 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Sun Java Web Console 3.0.2, 3.0.3, and 3.0.4 allows remote attackers to bypass intended access restrictions and determine the existence of files or directories via unknown vectors. | |||||
| CVE-2008-1317 | 1 Sun | 1 Solaris | 2017-08-07 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Inter-Process Communication (IPC) message queue subsystem in Sun Solaris 10 allows local users to cause a denial of service (reboot) via blocked I/O message queues. | |||||