| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16 bits are set to 0, as fixed by the NFS jumbo patch upgrade. |
| Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. |
| The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. |
| Denial of service in BIND named via consuming more than "fdmax" file descriptors. |
| Unspecified vulnerability in in.named in Solaris 9 allows attackers to cause a denial of service via unknown manipulations that cause in.named to "make unnecessary queries." |
| Teardrop IP denial of service. |
| Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative. |
| FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition. |
| Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack. |
| Unspecified vulnerability in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to gain privileges via unspecified attack vectors relating to "the utility used to update Java shared archives." |
| Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable. |
| Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. |
| Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument. |
| Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and earlier allows a local user to gain privileges via a long -o argument. |
| ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in. |
| Solaris 2.4 before kernel jumbo patch -35 allows set-gid programs to dump core even if the real user id is not in the set-gid group, which allows local users to overwrite or create files at higher privileges by causing a core dump, e.g. through dmesg. |
| The AIX FTP client can be forced to execute commands from a malicious server through shell metacharacters (e.g. a pipe character). |
| Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate. |
