Max CVSS | 10.0 | Min CVSS | 1.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-1331 | 9.3 |
Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."
|
28-06-2024 - 14:18 | 12-06-2013 - 03:29 | |
CVE-2007-1667 | 9.3 |
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive inf
|
26-06-2024 - 15:53 | 24-03-2007 - 21:19 | |
CVE-2009-2857 | 4.9 |
The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) v
|
15-02-2024 - 20:42 | 19-08-2009 - 17:30 | |
CVE-2013-1315 | 9.3 |
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to exec
|
03-10-2023 - 15:37 | 11-09-2013 - 14:03 | |
CVE-2009-3555 | 5.8 |
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Secu
|
13-02-2023 - 02:20 | 09-11-2009 - 17:30 | |
CVE-2008-1947 | 4.3 |
Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
|
13-02-2023 - 02:19 | 04-06-2008 - 19:32 | |
CVE-2008-2370 | 5.0 |
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traver
|
13-02-2023 - 02:19 | 04-08-2008 - 01:41 | |
CVE-2007-6284 | 5.0 |
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
|
13-02-2023 - 02:18 | 12-01-2008 - 02:46 | |
CVE-2008-1232 | 4.3 |
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to
|
13-02-2023 - 02:18 | 04-08-2008 - 01:41 | |
CVE-2007-2754 | 6.8 |
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overf
|
13-02-2023 - 02:17 | 17-05-2007 - 22:30 | |
CVE-2007-2356 | 6.8 |
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
|
07-02-2022 - 19:21 | 30-04-2007 - 22:19 | |
CVE-2007-2949 | 6.8 |
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
|
07-02-2022 - 17:48 | 04-07-2007 - 15:30 | |
CVE-2007-4476 | 7.5 |
Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
|
17-05-2021 - 19:55 | 05-09-2007 - 01:17 | |
CVE-2007-2798 | 9.0 |
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
|
02-02-2021 - 18:32 | 26-06-2007 - 22:30 | |
CVE-2010-3190 | 9.3 |
Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3
|
16-11-2020 - 19:33 | 31-08-2010 - 20:00 | |
CVE-2013-3129 | 9.3 |
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Serv
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2013-3129 | 9.3 |
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Serv
|
28-09-2020 - 12:58 | 10-07-2013 - 03:46 | |
CVE-2008-1447 | 5.0 |
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
|
24-03-2020 - 18:19 | 08-07-2008 - 23:41 | |
CVE-2007-3999 | 10.0 |
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third
|
21-01-2020 - 15:45 | 05-09-2007 - 10:17 | |
CVE-2006-5215 | 2.6 |
The Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060317, and Solaris 8 through 10 before 20061006, allows local users to overwrite arbitrary files, or read another user's Xsession errors file, via a sy
|
30-10-2018 - 16:26 | 10-10-2006 - 04:06 | |
CVE-2006-3664 | 5.0 |
Unspecified vulnerability in NIS server on Sun Solaris 8, 9, and 10 allows local and remote attackers to cause a denial of service (ypserv hang) via unknown vectors.
|
30-10-2018 - 16:26 | 18-07-2006 - 15:47 | |
CVE-2006-4319 | 7.2 |
Buffer overflow in the format command in Solaris 8, 9, and 10 allows local users with access to format (such as the "File System Management" RBAC profile) to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2006-4307.
|
30-10-2018 - 16:26 | 24-08-2006 - 01:04 | |
CVE-2004-2686 | 7.2 |
Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but
|
30-10-2018 - 16:26 | 31-12-2004 - 05:00 | |
CVE-2004-1767 | 7.2 |
The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function.
|
30-10-2018 - 16:26 | 31-12-2004 - 05:00 | |
CVE-2006-6275 | 4.7 |
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.
|
30-10-2018 - 16:25 | 04-12-2006 - 11:28 | |
CVE-2007-5225 | 4.9 |
Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.
|
30-10-2018 - 16:25 | 05-10-2007 - 00:17 | |
CVE-2006-7140 | 5.8 |
The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed
|
30-10-2018 - 16:25 | 07-03-2007 - 20:19 | |
CVE-2007-5921 | 4.7 |
Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346.
|
30-10-2018 - 16:25 | 10-11-2007 - 02:46 | |
CVE-2006-6494 | 6.6 |
Directory traversal vulnerability in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via a .. (dot dot) sequence in the LANG environment variable that points to a locale file containing attacker-controlled format stri
|
30-10-2018 - 16:25 | 13-12-2006 - 01:28 | |
CVE-2006-6495 | 6.6 |
Stack-based buffer overflow in ld.so.1 in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via large precision padding values in a format string specifier in the format parameter of the doprf function. NOTE: this issue normally
|
30-10-2018 - 16:25 | 13-12-2006 - 01:28 | |
CVE-2006-4306 | 7.2 |
Unspecified vulnerability in Sun Solaris 8 and 9 before 20060821 allows local users to execute arbitrary commands via unspecified vectors, involving the default Role-Based Access Control (RBAC) settings in the "File System Management" profile.
|
30-10-2018 - 16:25 | 23-08-2006 - 19:04 | |
CVE-2007-3717 | 6.9 |
rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue
|
30-10-2018 - 16:25 | 12-07-2007 - 16:30 | |
CVE-2006-5073 | 7.8 |
Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013.
|
30-10-2018 - 16:25 | 29-09-2006 - 00:07 | |
CVE-2006-3606 | 5.0 |
Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9 allows context-dependent attackers to cause a denial of service (application crash) to applications that use the library.
|
30-10-2018 - 16:25 | 18-07-2006 - 15:46 | |
CVE-2008-1778 | 6.6 |
Unspecified vulnerability in the floating point context switch implementation in Sun Solaris 9 and 10 on x86 platforms might allow local users to cause a denial of service (application exit), corrupt data, or trigger incorrect calculations via unknow
|
30-10-2018 - 16:25 | 14-04-2008 - 16:05 | |
CVE-2002-1323 | 4.6 |
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
|
30-10-2018 - 16:25 | 11-12-2002 - 05:00 | |
CVE-2006-4307 | 7.2 |
Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than
|
30-10-2018 - 16:25 | 23-08-2006 - 19:04 | |
CVE-2006-5214 | 1.2 |
Race condition in the Xsession script, as used by X Display Manager (xdm) in NetBSD before 20060212, X.Org before 20060225, and Solaris 8 through 10 before 20061006, causes a user's Xsession errors file to have weak permissions before a chmod is perf
|
30-10-2018 - 16:25 | 10-10-2006 - 04:06 | |
CVE-2008-2144 | 10.0 |
Multiple unspecified vulnerabilities in Solaris print service for Sun Solaris 8, 9, and 10 allow remote attackers to cause a denial of service or execute arbitrary code via unknown vectors.
|
30-10-2018 - 16:25 | 12-05-2008 - 19:20 | |
CVE-2007-2045 | 5.0 |
Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments.
|
30-10-2018 - 16:25 | 16-04-2007 - 22:19 | |
CVE-2006-3920 | 5.0 |
The TCP implementation in Sun Solaris 8, 9, and 10 before 20060726 allows remote attackers to cause a denial of service (resource exhaustion) via a TCP packet with an incorrect sequence number, which triggers an ACK storm.
|
30-10-2018 - 16:25 | 28-07-2006 - 22:04 | |
CVE-2008-3450 | 7.2 |
Unspecified vulnerability in the namefs kernel module in Sun Solaris 8 through 10 allows local users to gain privileges or cause a denial of service (panic) via unspecified vectors.
|
30-10-2018 - 16:25 | 04-08-2008 - 18:41 | |
CVE-2008-0964 | 9.3 |
Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet.
|
30-10-2018 - 16:25 | 08-08-2008 - 18:41 | |
CVE-2007-0165 | 7.8 |
Unspecified vulnerability in libnsl in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (crash) via malformed RPC requests that trigger a crash in rpcbind.
|
30-10-2018 - 16:25 | 10-01-2007 - 00:28 | |
CVE-2008-1095 | 6.8 |
Unspecified vulnerability in the Internet Protocol (IP) implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service (panic) via unknown vectors, possibly related to ICMP packets
|
30-10-2018 - 16:25 | 29-02-2008 - 11:44 | |
CVE-2008-1480 | 4.3 |
rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.
|
30-10-2018 - 16:25 | 24-03-2008 - 22:44 | |
CVE-2008-0965 | 9.3 |
Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.
|
30-10-2018 - 16:25 | 08-08-2008 - 18:41 | |
CVE-2007-0470 | 7.2 |
Multiple unspecified vulnerabilities in tip in Sun Solaris 8, 9, and 10 allow local users to gain uucp account privileges via unspecified vectors.
|
30-10-2018 - 16:25 | 24-01-2007 - 01:28 | |
CVE-2007-0895 | 2.6 |
Race condition in recursive directory deletion with the (1) -r or (2) -R option in rm in Solaris 8 through 10 before 20070208 allows local users to delete files and directories as the user running rm by moving a low-level directory to a higher level
|
30-10-2018 - 16:25 | 13-02-2007 - 01:28 | |
CVE-2007-0503 | 6.9 |
Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors.
|
30-10-2018 - 16:25 | 25-01-2007 - 21:28 | |
CVE-2006-0300 | 5.1 |
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
|
19-10-2018 - 15:44 | 24-02-2006 - 00:02 | |
CVE-2006-0225 | 4.6 |
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
|
19-10-2018 - 15:43 | 25-01-2006 - 11:03 | |
CVE-2005-1046 | 7.5 |
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file.
|
19-10-2018 - 15:31 | 02-05-2005 - 04:00 | |
CVE-2006-4924 | 7.8 |
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack d
|
17-10-2018 - 21:40 | 27-09-2006 - 01:07 | |
CVE-2006-4655 | 4.6 |
Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable v
|
17-10-2018 - 21:38 | 09-09-2006 - 00:04 | |
CVE-2007-2930 | 4.3 |
The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote
|
16-10-2018 - 16:46 | 12-09-2007 - 01:17 | |
CVE-2007-1352 | 3.8 |
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. The vendor has addressed t
|
16-10-2018 - 16:38 | 06-04-2007 - 01:19 | |
CVE-2007-1351 | 8.5 |
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflo
|
16-10-2018 - 16:38 | 06-04-2007 - 01:19 | |
CVE-2007-1003 | 9.0 |
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large
|
16-10-2018 - 16:36 | 06-04-2007 - 01:19 | |
CVE-2007-5958 | 5.0 |
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
|
15-10-2018 - 21:47 | 18-01-2008 - 23:00 | |
CVE-2007-5365 | 7.2 |
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemo
|
15-10-2018 - 21:44 | 11-10-2007 - 10:17 | |
CVE-2007-4771 | 9.3 |
Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of service (memory consumption) and possibly have uns
|
15-10-2018 - 21:37 | 29-01-2008 - 00:00 | |
CVE-2007-4770 | 6.8 |
libicu in International Components for Unicode (ICU) 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero (aka \0), which might allow context-dependent attackers to read from, or write to, out-of-bounds memory lo
|
15-10-2018 - 21:37 | 29-01-2008 - 00:00 | |
CVE-2007-4131 | 6.8 |
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
|
15-10-2018 - 21:33 | 25-08-2007 - 00:17 | |
CVE-2013-3889 | 9.3 |
Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Serve
|
12-10-2018 - 22:05 | 09-10-2013 - 14:53 | |
CVE-2009-2495 | 7.8 |
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obt
|
12-10-2018 - 21:51 | 29-07-2009 - 17:30 | |
CVE-2009-2493 | 9.3 |
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2,
|
12-10-2018 - 21:51 | 29-07-2009 - 17:30 | |
CVE-2009-1534 | 9.3 |
Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary c
|
12-10-2018 - 21:51 | 12-08-2009 - 17:30 | |
CVE-2009-0901 | 9.3 |
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Serv
|
12-10-2018 - 21:50 | 29-07-2009 - 17:30 | |
CVE-2009-0562 | 9.3 |
The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Accelerati
|
12-10-2018 - 21:50 | 12-08-2009 - 17:30 | |
CVE-2008-4256 | 8.5 |
The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote at
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-4255 | 9.3 |
Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Proj
|
12-10-2018 - 21:48 | 10-12-2008 - 14:00 | |
CVE-2008-3704 | 9.3 |
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP
|
12-10-2018 - 21:48 | 18-08-2008 - 19:41 | |
CVE-2007-0025 | 9.3 |
The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers
|
12-10-2018 - 21:42 | 13-02-2007 - 20:28 | |
CVE-2009-0361 | 4.6 |
Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pam_setcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files b
|
11-10-2018 - 21:01 | 13-02-2009 - 17:30 | |
CVE-2009-0360 | 6.2 |
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configurat
|
11-10-2018 - 21:01 | 13-02-2009 - 17:30 | |
CVE-2008-4556 | 10.0 |
Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request.
|
11-10-2018 - 20:52 | 14-10-2008 - 22:36 | |
CVE-2008-3870 | 10.0 |
Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.
|
11-10-2018 - 20:50 | 26-05-2009 - 21:30 | |
CVE-2008-3869 | 10.0 |
Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.
|
11-10-2018 - 20:50 | 26-05-2009 - 21:30 | |
CVE-2008-1483 | 6.9 |
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and
|
11-10-2018 - 20:35 | 24-03-2008 - 23:44 | |
CVE-2003-0615 | 4.3 |
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.
|
03-05-2018 - 01:29 | 27-08-2003 - 04:00 | |
CVE-2007-3283 | 6.8 |
GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.
|
11-10-2017 - 01:32 | 19-06-2007 - 22:30 | |
CVE-2007-3458 | 4.9 |
The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.
|
11-10-2017 - 01:32 | 27-06-2007 - 17:30 | |
CVE-2007-2617 | 2.1 |
srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.
|
11-10-2017 - 01:32 | 11-05-2007 - 16:19 | |
CVE-2009-2029 | 5.0 |
Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv_104, allows remote authenticated users to cause a denial of service (NIS+ daemon hang) via unspecified vectors related to NIS+ callbacks.
|
29-09-2017 - 01:34 | 11-06-2009 - 15:30 | |
CVE-2009-1673 | 4.9 |
The kernel in Sun Solaris 9 allows local users to cause a denial of service (panic) by calling fstat with a first argument of AT_FDCWD.
|
29-09-2017 - 01:34 | 18-05-2009 - 18:30 | |
CVE-2009-1207 | 4.4 |
Race condition in the dircmp script in Sun Solaris 8 through 10, and OpenSolaris snv_01 through snv_111, allows local users to overwrite arbitrary files, probably involving a symlink attack on temporary files.
|
29-09-2017 - 01:34 | 01-04-2009 - 10:30 | |
CVE-2009-0688 | 7.5 |
Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via strings that are used as input to the sasl_encode64 function in lib/sasl
|
29-09-2017 - 01:33 | 15-05-2009 - 15:30 | |
CVE-2009-0346 | 4.9 |
The IP-in-IP packet processing implementation in the IPsec and IP stacks in the kernel in Sun Solaris 9 and 10, and OpenSolaris snv_01 though snv_85, allows local users to cause a denial of service (panic) via a self-encapsulated packet that lacks IP
|
29-09-2017 - 01:33 | 29-01-2009 - 19:30 | |
CVE-2009-0480 | 4.9 |
The IP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_82, uses an improper arena when allocating minor numbers for sockets, which allows local users to cause a denial of service (32-bit application failure and login outage) by
|
29-09-2017 - 01:33 | 09-02-2009 - 16:30 | |
CVE-2009-0268 | 4.9 |
Race condition in the pseudo-terminal (aka pty) driver module in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows local users to cause a denial of service (panic) via unspecified vectors related to lack of "properly sequenced code" in
|
29-09-2017 - 01:33 | 26-01-2009 - 15:30 | |
CVE-2009-0267 | 5.0 |
libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-
|
29-09-2017 - 01:33 | 26-01-2009 - 15:30 | |
CVE-2009-0319 | 6.9 |
Unspecified vulnerability in the autofs module in the kernel in Sun Solaris 8 through 10, and OpenSolaris before snv_108, allows local users to cause a denial of service (autofs mount outage) or possibly gain privileges via vectors related to "xdr pr
|
29-09-2017 - 01:33 | 28-01-2009 - 18:30 | |
CVE-2008-4131 | 7.2 |
Multiple unspecified vulnerabilities in Sun Solaris 8 through 10 allow local users to gain privileges via vectors related to handling of tags with (1) the -t option and (2) the :tag command in the (a) vi, (b) ex, (c) vedit, (d) view, and (e) edit pro
|
29-09-2017 - 01:32 | 19-09-2008 - 17:15 | |
CVE-2008-5010 | 10.0 |
in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv_103, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unknown DHCP requests related to the "number of offers," aka
|
29-09-2017 - 01:32 | 10-11-2008 - 15:23 | |
CVE-2008-5684 | 5.0 |
Unspecified vulnerability in the X Inter Client Exchange library (aka libICE) in Sun Solaris 8 through 10 and OpenSolaris before snv_85 allows context-dependent attackers to cause a denial of service (application crash), as demonstrated by a port sca
|
29-09-2017 - 01:32 | 19-12-2008 - 17:30 | |
CVE-2008-5690 | 2.1 |
The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permis
|
29-09-2017 - 01:32 | 19-12-2008 - 17:30 | |
CVE-2008-4226 | 10.0 |
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
|
29-09-2017 - 01:32 | 25-11-2008 - 23:30 | |
CVE-2008-4225 | 7.8 |
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
|
29-09-2017 - 01:32 | 25-11-2008 - 23:30 | |
CVE-2008-4160 | 4.7 |
Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service (NULL pointer dereference and kernel panic) via unknown vectors related to the Solaris Access Control List (ACL) i
|
29-09-2017 - 01:32 | 22-09-2008 - 18:52 | |
CVE-2008-3875 | 7.2 |
The kernel in Sun Solaris 8 through 10 and OpenSolaris before snv_90 allows local users to bypass chroot, zones, and the Solaris Trusted Extensions multi-level security policy, and establish a covert communication channel, via unspecified vectors inv
|
29-09-2017 - 01:31 | 02-09-2008 - 14:24 | |
CVE-2008-2538 | 6.9 |
Unspecified vulnerability in crontab on Sun Solaris 8 through 10, and OpenSolaris before snv_93, allows local users to insert cron jobs into the crontab files of arbitrary users via unspecified vectors.
|
29-09-2017 - 01:31 | 03-06-2008 - 15:32 | |
CVE-2008-1779 | 6.8 |
Sun Solaris 8, 9, and 10 allows "remote privileged" users to cause a denial of service (panic) via unknown vectors related to self encapsulated IP packets.
|
29-09-2017 - 01:30 | 14-04-2008 - 16:05 | |
CVE-2008-0718 | 4.7 |
Unspecified vulnerability in the USB Mouse STREAMS module (usbms) in Sun Solaris 9 and 10, when 64-bit mode is enabled, allows local users to cause a denial of service (panic) via unspecified vectors.
|
29-09-2017 - 01:30 | 12-02-2008 - 02:00 | |
CVE-2007-5632 | 4.9 |
Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_m
|
29-09-2017 - 01:29 | 23-10-2007 - 17:46 | |
CVE-2007-5118 | 4.7 |
Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and 10 before 20070925 allows local users to cause a denial of service (panic) via unspecified vectors.
|
29-09-2017 - 01:29 | 27-09-2007 - 17:17 | |
CVE-2007-5132 | 4.9 |
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors related to "the handling of thread contexts."
|
29-09-2017 - 01:29 | 27-09-2007 - 19:17 | |
CVE-2007-6505 | 3.5 |
Solaris 9, with Solaris Auditing enabled and certain patches for sshd installed, can generate audit records with an audit-ID of 0 even when the user logging into ssh is not root, which makes it easier for attackers to avoid detection and can make it
|
29-09-2017 - 01:29 | 20-12-2007 - 23:46 | |
CVE-2007-5319 | 3.5 |
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors.
|
29-09-2017 - 01:29 | 09-10-2007 - 22:17 | |
CVE-2007-4732 | 4.9 |
Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.
|
29-09-2017 - 01:29 | 06-09-2007 - 19:17 | |
CVE-2007-3471 | 7.2 |
Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.
|
29-09-2017 - 01:29 | 28-06-2007 - 18:30 | |
CVE-2007-4070 | 4.9 |
Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun Solaris 8 through 10 before 20070725 allows local users to read arbitrary files with root group ownership via unknown vectors.
|
29-09-2017 - 01:29 | 30-07-2007 - 17:30 | |
CVE-2010-0097 | 4.3 |
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC (1) NSEC and (2) NSEC3 records, which allows remote attackers to add the Authenticated Data (AD) flag to a f
|
19-09-2017 - 01:30 | 22-01-2010 - 22:00 | |
CVE-2009-4022 | 2.6 |
Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, and 9.7 beta before 9.7.0b3, with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS c
|
19-09-2017 - 01:29 | 25-11-2009 - 16:30 | |
CVE-2009-2912 | 4.9 |
The (1) sendfile and (2) sendfilev functions in Sun Solaris 8 through 10, and OpenSolaris before snv_110, allow local users to cause a denial of service (panic) via vectors related to vnode function calls.
|
19-09-2017 - 01:29 | 21-08-2009 - 11:02 | |
CVE-2009-2644 | 4.9 |
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds
|
19-09-2017 - 01:29 | 29-07-2009 - 17:30 | |
CVE-2009-2711 | 4.9 |
XScreenSaver in Sun Solaris 9 and 10, OpenSolaris before snv_120, and X11 6.4.1 for Solaris 8, when the Xorg or Xnewt server is used, allows physically proximate attackers to obtain sensitive information by reading popup windows, which are displayed
|
19-09-2017 - 01:29 | 07-08-2009 - 19:00 | |
CVE-2009-2972 | 7.8 |
in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb."
|
19-09-2017 - 01:29 | 27-08-2009 - 17:30 |