Sun Alert Archive and Mappings for Legacy SunSolve Document ID Numbers

Sun Microsystems published security advisories to alert users about vulnerabilities affecting Sun products. These advisories were known as Security Sun Alerts and were published on SunSolve Support portal. Security Sun Alerts were available free of cost to all customers and users of Sun's products. Security vulnerabilities are now covered by the Oracle Security Alert process. Details can be found on the Critical Patch Updates and Security Alerts site.

All security Sun Alerts are now accessible to customers through My Oracle Support (MOS) website. The Document ID numbers under Oracle support portal are new and different from the document ID numbers published under SunSolve. SunSolve itself had transitioned to different knowledge management systems resulting in multiple legacy document IDs for the same Sun Alert. We are providing an archival index of all the Security Sun Alerts and mappings for previously used ID numbers as a reference.

MOS ID[1]SunSolve ID[2]Old ID[3]Older ID[4]Last UpdatedTitle
1000001.120000210247901-Aug-2006Cross-Site Scripting Vulnerability in Sun ONE and Sun Java System Application Server
1000007.12000081014795754005-Nov-2006CDE dtsession Patches 113240-07, 113240-08, 109354-21, and 109354-22 WITHDRAWN, May Cause Lockscreen to Fail or Hang
1000010.120001310227806-Nov-2006Security Vulnerability in the SunPlex Manager Software Delivered With Sun Cluster 3.1 4/04
1000012.120001510209006-Nov-2006Solaris 10 Sun Update Connection Web Proxy Password Disclosure Vulnerability
1000013.120001610214806-Nov-2006SecurityVulnerabilities in Sun StorEdge Enterprise Backup Software (EBS)
1000015.120001810194916-Oct-2005Security Vulnerability in Solaris 10 Allows Unprivileged User Visibility of Process Working Directories
1000016.120001910216413-May-2010Cross Site Scripting Vulnerability in Sun ONE and Sun Java System Applications
1000019.120002210173915-Jun-2006Simultaneous Multi-Threading Processors May Leak Information
1000021.12000261011735043901-Oct-2010CVS Versions on all Sun Cobalt Legacy Products and Sun Linux 5.0.3 are Vulnerable to a "Double Free" Vulnerability
1000025.12000301011414913113-Apr-2003Security Vulnerability Involving the priocntl(2) System Call
1000027.120003210317906-Jul-2010Security Vulnerabilities in the Apache 1.3 and 2.0 Web Server Daemon and "mod_status" Module May Lead to Cross Site Scripting (XSS) or Denial of Service (DoS).
1000028.120003310317105-Jan-2008Security Vulnerability in FreeType 2 Font Engine May Allow Privilege Escalation Due to Heap Overflow
1000029.12000341012585510119-Jan-2010An Untrusted Applet may Access Restricted Resources
1000030.12000351012575510019-Jan-2010An Untrusted Applet May Access Information From a Trusted Applet
1000032.120004010311221-Oct-2007Vulnerability in Java Runtime Environment Virtual Machine May Allow Untrusted Application or Applet to Elevate Privileges
1000033.120004110307804-Sep-2008Security Vulnerabilities in Java Runtime Environment May Allow Network Access Restrictions to be Circumvented
1000037.120004510308808-Oct-2007Security Vulnerability in the Solaris 10 Virtual File System (VFS) may Lead to a Denial of Service (DoS) Condition
1000039.120005110294229-Oct-2007Sun Fire X2100 M2/X2200 M2 ELOM is Vulnerable to Unauthorized Use as a Proxy For Sending Unsolicited Bulk E-mail (Spam)
1000041.120005410299225-Oct-2007Security Vulnerability in Processing XSLT Stylesheets Affects Sun Java System Application Server and Web Server
1000045.120006010291913-Jun-2007Security Vulnerability in IPv6 Implementation (ip6(7p)) Related to the Handling of IPsec Packets may Lead to a System Panic, Resulting in a Denial of Service (DoS)
1000046.120006110296917-Jun-2007Security Vulnerability in Solaris 10 BIND DNSSEC May Cause a Denial of Service
1000047.120006210252103-Jun-2007Security Vulnerability in Sun Java System Application Server and Sun Java System Web Server May Allow a Remote Unprivileged User to Read Certain Files
1000048.120006410290304-Jun-2007Security Vulnerability in the Logging Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges
1000051.120006710290111-Mar-2008Xorg(1) Contains a Denial of Service Within the X Render Extension's Trapezoid Rendering
1000052.120006810289120-May-2010Security Vulnerability in Sun Remote Services (SRS) Net Connect Software
1000053.120006910300301-Aug-2007Vulnerability in Redirect Functionality Affects Sun Java System Web Server
1000054.120007010272007-Sep-2008Security Vulnerability in GIMP(1) May Lead to Denial of Service (DoS) or Execution of Arbitrary Code
1000055.120007110299609-Jul-2007Security Vulnerability in Java Web Start URL Parsing Code May Allow Untrusted Applications to Elevate Privileges
1000056.120007210299309-Jul-2007Java Runtime Environment Does Not Securely Process XSLT Stylesheets Contained in XML Signatures
1000058.120007410276015-Jul-2007Security Vulnerability in Processing GIF Images in the Java Runtime Environment May Allow an Untrusted Applet to Elevate Privileges
1000063.120007910308425-Sep-2007A Security Vulnerability in the Handling of Thread Contexts in the Solaris Kernel May Allow a Denial of Service (DoS)
1000064.120008010301502-Aug-2007A Security Vulnerability in Processing XSLT Style Sheets Affects Sun Java System Portal Server Software 7.0
1000065.120008110302916-Aug-2007Two Security Vulnerabilities in Solaris 8 Role Based Access Control (rbac(5)) may Allow Unauthorized Remote Access
1000066.120008210276404-Jan-2007Security Vulnerability in the Sun Java System Content Delivery Server May Allow Unauthorized Viewing of Content Details
1000068.120008410290030-Apr-2007Solaris 9 Systems With Solaris Auditing (BSM) Enabled may Panic if Certain Audit Classes are Being Audited
1000070.120008610289602-May-2007Directory Server May Hang Due to a Memory Leak in the Network Security Services (NSS) Software
1000075.120009110278111-Apr-2007RSA Signature Forgery Issues in Mozilla 1.7 for Solaris 8, 9 and 10
1000076.120009210288522-Apr-2007Multiple Security Vulnerabilities in Mozilla Layout Engine for Solaris 8, 9 and 10
1000079.120009510276613-Mar-2007Multiple Security Vulnerabilities in the gzip(1) Command May Lead to Denial of Service (DoS) or Execution of Arbitrary Code
1000082.120009810273308-May-2008Security Vulnerability With HTTP Requests in Sun Java System Server(s)
1000084.120010010270530-Jan-2007Security Vulnerabilities (Integer Overflows and a Denial of Service) in the FreeType 2 Font Engine
1000085.120010110272807-Feb-2007Security Vulnerability in the kcms_calibrate(1) Command
1000087.120010310279612-Feb-2007A Security Vulnerability in the TCP Implementation of Solaris 10 Systems May Result in a System Panic Under High TCP/IP Traffic
1000089.120010510256929-Jan-2007On Solaris 10 a System Panic Due to a Race Condition May OccurWhen SNMP Queries are Processed (such as when netstat(1M) or ifconfig(1M) are run)
1000090.120010610272918-Dec-2006Security Vulnerabilities in the Java Runtime Environment may Allow Untrusted Applets to Elevate Privileges and Execute Arbitrary Code
1000092.120010810226806-Nov-2006Security Vulnerability in Sun Grid Engine/N1 Grid Engine rsh(1) Binary
1000101.12001391012665534020-Jul-2003Automountd(1M) May Stop and/or OpenSSH May Experience Authentication Issues
1000102.12001401012065208119-Jan-2010On Sun Linux and Cobalt Legacy Products, an Unauthorized Local User May be Able to Gain Root Access Rights Due to an Issue With The ptrace() Function
1000103.12001411012945588124-Jan-2010Sun Linux 5.0 Buffer Overflow in Window Maker 0.80.0 and Earlier
1000105.12001451013715740019-Jan-2010Vulnerability in Solaris "AnswerBook2 Documentation Server" Admin Script
1000108.12001501012445418128-Apr-2003A System Wide Denial of Service May be Caused Through The in.telnetd(1M) Daemon
1000111.120015310320031-Jan-2008Multiple Security Vulnerabilities in the Solaris X Server Extensions May Lead to a Denial of Service (DoS) Condition or Allow Execution of Arbitrary Code
1000113.12001561008792751310-Apr-2003Buffer Overflow in XView
1000116.12001611012555506024-Jan-2010Access Control List (ACL) Permissions May Not be Consistently Set on New VERITAS File System (VxFS) Files
1000117.120016210307221-Oct-2007An Untrusted Java Web Start Application or Java Applet May Move or Copy Arbitrary Files by Requesting the User to Drag and Drop a File from Application or Applet Window to a Desktop Application
1000118.120016310305511-Feb-2008Security Vulnerability in Solaris 8 Directory Functions
1000120.120016510306507-Oct-2007Security Vulnerability in the vuidmice(7M) STREAMS Modules May Lead to a Denial of Service (DoS) Condition
1000121.12001661011665024013-Mar-2003Solaris FTP Server (in.ftpd(1M)) is Vulnerable to Denial of Service Attack
1000122.12001671012075210219-Jan-2010Sun ONE Directory Server may be Terminated by Unprivileged LDAP Client Operations
1000123.12001681012085211120-Mar-2003On Solaris 9 a Security Issue with the newtask(1) Command May Lead to Unauthorized Root Access
1000125.12001711011765060324-Jan-2010Sun ONE/iPlanet Web Server Enable HTTP TRACE Method by Default
1000128.12001741011885108123-Feb-2003In Debug Mode, the ftp(1) Command Displays the Password on Screen in Clear Text
1000129.12001751011895108226-Feb-2003RPC Services Using TCP Ports are Susceptible to Denial of Service Attacks
1000130.12001761010304454127-Feb-2003Solaris admintool(1M) Media Installation Path Buffer Overflow
1000132.12001781011625008319-Jan-2010Java Virtual Machine May Allow Illegal Access to Protected Fields or Methods
1000133.12001791011815075109-Feb-2003Security Vulnerability in mail(1) in Solaris
1000135.12001811014295747620-May-2010Security Vulnerability in SunForum Involving the H.323 Protocol
1000136.120018210294728-Nov-2007A Security Vulnerability Resulting From Solaris 10 fcp(7D) and devfs(7FS) Interaction May Allow Certain File Operations to Cause a System Hang
1000137.120018310250807-Feb-2008Security Vulnerability May Allow Firewall Compromise or Creation of Denial of Service (DoS) Condition
1000138.12001841015275759524-Jan-2010Sparse Files Written to Shared Sun StorEdge QFS or Sun StorEdge SAM-QFS File Systems May Contain Deleted File Content
1000139.120018510301121-Oct-2007Security Vulnerability in Mozilla 1.7 May Allow Arbitrary JavaScript Commands to be Run
1000144.120019010299415-Oct-2007Manipulated TIFF Files or Documents Containing Manipulated TIFF Files May Lead to Heap Overflows and Arbitrary Code Execution
1000145.120019110311826-Jun-2008Two Security Vulnerabilities in the bzip2(1) Command may Allow the Permissions of Arbitrary Files to be Modified or Allow for Arbitrarily Large Files to be Created
1000148.120019610264822-Oct-2010Security Vulnerability in RSA Signature Verification Impacting Multiple SUN Products
1000150.120019810291401-Jul-2007A Security Vulnerability in the Implementation of the RPCSEC_GSS API Affects the Kerberos Administration Daemon (kadmind(1M))
1000151.120019910290204-Jun-2007Security Vulnerability in the Authentication Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges
1000156.12002051014265747321-May-2006Security Vulnerabilities in "Safe.pm" and "CGI.pm" Perl Modules
1000159.120020810202428-May-2006Security Vulnerability in Sun N1 System Manager 1.1
1000162.120021110201623-Apr-2006The Solaris Management Console (SMC) Enables TRACE HTTP by Default
1000163.120021210203323-Apr-2006Vulnerabilities in lpsched(1M) May Allow an Unprivileged User to Remove System Files or Disable the LP Service
1000176.120022510181031-Jan-2006Security Vulnerability in the Kerberos krb5_recvauth() Library Routine
1000177.12002261015495761901-Feb-2006X Display Manager (xdm(1)) May Crash Due to Invalid XDMCP Request
1000180.120022910190512-Sep-2005Security Vulnerability in Sun Java System Application Server Exposes Contents of "jar" File of Deployed Web Applications
1000188.120024110184109-Aug-2005Updated Solaris 8 Patches for Apache Security Vulnerabilities
1000190.120024310189918-Sep-2005A Security Vulnerability in the Solaris 10 "tl" Driver May Allow a Local Unprivileged User the Ability to Panic the System
1000193.120024610195302-Oct-2005Security Vulnerability in XFree86 Server for JDS
1000197.120025010189722-Aug-2005Security Vulnerability in Solaris 10 "DHCP" Clients
1000200.12002551016525774020-May-2010Security Vulnerability With Java Web Start (J2SE 5.0)
1000201.12002561016235770614-Dec-2004Security Vulnerability in the kcms_configure(1) Command May Allow Local Users the Ability to Modify Any File on the System
1000204.12002601016155769602-Dec-2004Security Vulnerability When sendmail(1) Does Not Check Length of DNS Replies
1000205.12002611015785765519-Jan-2010The FTP Daemon of Heimdal is Vulnerable to Multiple Signal Handler Race Conditions
1000208.12002661015675764319-Jan-2010Netscape NSS Library Vulnerability Affects Sun Java Enterprise System
1000212.12002731014545750923-Feb-2004Security Vulnerability in "/usr/lib/print/conv_fix" May Allow Unauthorized Privileges and/or Denial of Service
1000218.12002921014085745108-Dec-2003Security Vulnerabilities in Solaris Printing
1000224.120029910180724-Jul-2005Security Vulnerability In the Multilanguage Environment Library "libmle" Shipped with the Japanese Locale
1000230.12003051016505773724-Jan-2010Security Vulnerabilities in Solaris AnswerBook2 Documentation
1000232.12003071016395772517-Jan-2005A Local or Remote Unprivileged User May be Able to Cause a Denial of Service (DoS) of an FTP Server
1000235.120031010194003-Oct-2005Security Vulnerability in Solaris UFS When Logging is Enabled
1000238.12003141016545774224-Jan-2010Cross Site Scripting Vulnerability in Sun Java System Application Server
1000239.12003161016275771016-Dec-2004Security Vulnerability in the newgrp(1) Command May Allow Unauthorized Root Privileges
1000241.12003251015825765917-Oct-2004Security Vulnerability in the in.rwhod(1M) Daemon
1000244.12003331015375760619-Jan-2010Buffer Overflow Vulnerabilities in Sun Java System Web Proxy Server 3.6 Service Pack 4
1000245.12003361014825754504-Apr-2004A Security Vulnerability With the Solaris TCP/IP Networking Stack May Allow an Unprivileged User to Cause a Denial of Service
1000250.12003551013445686029-Sep-2003sendmail(1M) Buffer Overflow Vulnerability in Address Parsing Function prescan()
1000251.12003561013645722120-May-2010A Vulnerability in JRE May Allow an Untrusted Applet to Escalate Privileges
1000252.12003581013115616124-Jan-2010Sun Linux Vulnerability in VNC Package May Allow Local or Remote Unauthorized Access
1000253.12003601011074778401-Oct-2010Sun Linux/Sun Cobalt Security Vulnerability in "fetchmail"
1000254.12003611012845566019-Jan-2010Sun Linux 5.0 Security Vulnerability With SSL Enabled Software May Allow "Man-in-the-Middle" Attack on KDE Software
1000257.12003641014285747524-Jan-2010SunPlex (Sun Cluster) Multiple Security Vulnerabilities in OpenSSL Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Protocols
1000258.12003661012755554025-Feb-2004Solaris 8 and Solaris 9 NIS Clients May Not Allow Users With +/-Passwd Syntax Entries to Login
1000259.12003671013985743429-Jan-2004Remote Denial-Of-Service Vulnerability in BIND DNS Daemon (in.named)
1000262.12003701014455749705-Feb-2004Security Vulnerability in Solaris Systems With Basic Security Module (BSM) Configured to Audit the "ad" or "as" Audit Class
1000267.12003771014885755106-May-2004Memory Leak in llc1(7D) Driver and Utilization of kstat(1M) on Solaris 9 May Cause a System Panic
1000268.12003781014045744103-Dec-2003Security Vulnerability in dtprintinfo(1)
1000271.120038610191818-Sep-2008Security Vulnerability in the Logging Output of Sun Java System Access Manager
1000272.120038710294310-Oct-2007Multiple Memory Corruption Vulnerabilities in Mozilla 1.7 for Solaris 8, 9, and 10
1000275.120039010286623-Sep-2007Security Vulnerability in the IP Implementation for Solaris 8 and 9 May Allow a Denial of Service
1000277.120039210302414-Aug-2007Vulnerability in the Java Runtime Environment Font Parsing Code may Allow an Untrusted Applet to Elevate Privileges
1000290.120040510195204-Mar-2007Multiple Security Vulnerabilities in Mozilla 1.4
1000292.120040710266429-Jan-2007A "Use-after-free" Vulnerability in Sendmail Versions Before 8.13.8 may Allow a Denial of Service (DoS)
1000295.12004101014785753917-Jan-2007Security Vulnerability Involving the Common Desktop Environment (CDE) dtlogin(1X) Command When Parsing XDMCP Requests (CERT VU#179804)
1000297.120041210271311-Nov-2008A Security Vulnerability in Solaris libnsl(3LIB) may lead to a Denial of Service (DoS) to the rpcbind(1M) Service
1000298.120041310265228-Jan-2007Security Vulnerability in X Display Manager (xdm(1)) Xsession Script
1000299.120041410269729-Jan-2007A Security Vulnerability in Solaris 10 ICMP Handling May Allow a SystemPanic and Result in Denial of Service (DoS)
1000301.120041610249706-Nov-2006Security Vulnerability in Webmail May Allow Messages Embedded With Javascript to be Executed in End User's Browser
1000304.120042010249618-Oct-2006Security Vulnerability May Allow a Local Unprivileged User to Partially Read Arbitrary Files
1000305.120042210246027-Aug-2006A Security Vulnerability in sendmail(1M) Versions Prior to 8.13.7 May Allow a Denial of Service (DoS) To Occur
1000308.120042510269301-Nov-2006Security Vulnerability With Graphics Driver for Solaris 10 and Linux on Certain Systems
1000310.120042810204107-Nov-2006Security Vulnerability in the libexif JPEG Image Processing Library
1000311.120042910205407-Nov-2006Security Vulnerability in Symantec/VERITAS NetBackup
1000315.120043310201205-Nov-2006Security Vulnerability With Sun Java System Application Server Reverse SSL Proxy Plugin
1000317.120043510198713-Oct-2005Security Vulnerability May Allow a Local Unprivileged User to Cause a System Panic in the "/proc" Filesystem
1000320.12004381012165244310-May-2006Solaris Security Vulnerability due to a Buffer Overflow in lpq(1B)
1000324.120044310210826-Apr-2006Security Vulnerability Using find(1) to Search "/proc" May Cause a Denial of Service (DoS) Condition
1000329.120044810221520-Apr-2006Security Vulnerability With The "/usr/ucb/ps" Command
1000334.120045310278214-Feb-2007Security Vulnerability in rm(1) may Lead to Unauthorized Deletion of Files or Directories
1000335.120045410277322-Jan-2007Security Vulnerabilities in the tip(1) Command May Allow Execution of Arbitrary Code With Elevated Privileges
1000336.120045510273118-Dec-2006Security Vulnerabilities Related to Serialization in the Java Runtime Environment may Allow Untrusted Applets to Elevate Privileges
1000337.120045610273218-Dec-2006Security Vulnerabilities in the Java Runtime Environment may Allow an Untrusted Applet to Access Data in Other Applets
1000339.120045910192402-Jan-2007Security Vulnerability in the Sun Ray Utility utxconfig(1)
1000340.120046010214906-Nov-2006Security Vulnerability in x64 Kernel Processing may Cause a System Panic
1000341.120046310232426-Sep-2006Sun Cobalt sendmail(8) Security Issue Involving Signal Handling Daemon
1000345.120046710250902-Aug-2006Security Vulnerability in Sun's Internet Protocol (IP) Implementation May Allow Local Users to Bypass the Routing Table
1000349.120047110267030-Oct-2006A Vulnerability in Network Security Services (NSS) Affects Sun Java System Web Server and Sun ONE Application Server
1000350.12004721016435773005-Nov-2006Security Vulnerability in Samba(7) Versions Prior to 3.0.10 May Allow Unauthorized Root Privileges
1000352.120047410265706-Dec-2006Security Vulnerability With RSA Signature Affects the Sun Secure Global Desktop Software
1000354.120047610251906-Nov-2006Security Vulnerability Due to Buffer Overflow in The format(1M) Command May Allow Privilege Elevation For Certain RBAC Profiles
1000358.120048010188112-Oct-2005Security Vulnerabilities In Solaris 10 SCTP Socket Option Processing
1000359.120048110198913-Oct-2005Netscape NSS Tools Vulnerability Affects Sun Java Enterprise System and Solaris
1000361.120048310220626-Jul-2006Solaris Hosts are Vulnerable to a Denial of Service Induced by an Internet Transmission Control Protocol (TCP) "ACK Storm"
1000364.120048610250312-Jul-2006Security Vulnerability in the X Inter Client Exchange Library (libICE)
1000366.120048810211722-May-2006Security Vulnerability in PC Netlink 2.0 "slsadmin" May Allow Files to be Opened Insecurely
1000372.120049410226203-Jan-2010Security Vulnerability in sendmail(1M) Versions Prior to 8.13.6
1000375.12004971015935767318-Apr-2006Security Vulnerability With ARP Handling Could Cause System to Hang
1000387.12005091016745776614-Apr-2005Certain Network Services Disruptions or "Spoofs" Could Occur as a Result of Possible Network Port Theft
1000388.12005101016915778604-May-2005automountd(1M) May Stop When Accessing "/xfn/_x500"
1000389.12005121016645775419-Jan-2010The Sun ONE and Sun Java System Directory Servers Contain a Buffer Overflow in the Access Control Implementation for LDAP Requests
1000395.120051810181627-Oct-2005Security Vulnerabilities in the gzip(1) Command
1000396.120051910179430-Oct-2005Security Vulnerability in the Solaris Runtime Linker (ld.so.1(1))
1000399.120052210196009-Oct-2005Security Vulnerability Involving the umount(8) Utility
1000401.120052410188631-Aug-2005Security Vulnerabilities in the Sun StorEdge Enterprise Backup Software
1000404.12005291016135769419-Jan-2010Security Vulnerability When Samba Trims Certain Directory Names Down to Absolute Paths
1000408.12005361015445761426-Jul-2004The in.named(1M) Process May Die Upon Receiving Dynamic Updates
1000410.12005381013085612107-Sep-2003Security Vulnerability in the Solaris 9 in.ftpd(1M) Server May Allow Unauthorized "root" Access
1000411.12005391013035604004-Aug-2003Sun Linux 5.0 Vulnerability in "file" Utility May Allow a Local Unprivileged User to Execute Arbitrary Code
1000412.12005401013045604104-Aug-2003Sun Linux 5.0 Security Vulnerability in "fileutils" Package May Give Local Users Unauthorized Privileges
1000413.12005421013165630007-Aug-2003Solaris 2.6 and 7 cachefs Patches May Overwrite the inetd.conf(4) File
1000417.12005491013725740424-Jan-2010Security Vulnerability Issues With Solstice X.25 snmpx25d daemon
1000418.12005501013735740516-Oct-2003Security Vulnerability in Solaris zlib(libz(3)) Compression Library Function gzprintf()
1000421.12005531012695542017-Jun-2003A Buffer Overflow Vulnerability in the dbm_open(ndbm(3C) and dbm(3UCB)) and dbminit(3UCB) Database Functions May Allow Unauthorized Root Privileges
1000425.120055810318008-Sep-2008Multiple Security Vulnerabilities in the Sun Java System Identity Manager May Allow HTML Injection, Cross-Site Scripting Exploits or Unauthorized Redirection
1000426.120055910319704-Feb-2008Multiple Security Vulnerabilities in PostgreSQL Shipped with Solaris 10 May Allow Elevation of Privileges or Denial of Service (DoS)
1000430.12005641012305358015-Apr-2003Security Vulnerability in Samba(7) Versions 2.2.2 Through 2.2.6 May Allow Remote User Unauthorized Privileges
1000433.12005671012605514119-Jan-2010Sun Management Center (SunMC) May Create Directories or Files Writable by Unpriveleged Users
1000440.12005761011845090417-Feb-2003Sun sendmail(1M) does not Handle Some ".forward" Constructs Correctly
1000442.120058010315329-Nov-2007Users in lx(5) Branded Zones May be Able to Panic Solaris 10 x86 Systems
1000443.120058110311920-May-2010Security Vulnerability in the Sun Remote Services (SRS) Net Connect Software
1000444.120058210314306-Nov-2007A Security Vulnerability in Solaris Volume Manager (SVM) May Allow a Denial of Service (DoS)
1000447.120058510274707-Nov-2007Security Vulnerabilities in OpenSSL May Lead to a Denial of Service (DoS) to Applications
1000449.120058710312121-Oct-2007Multiple Memory Corruption Vulnerabilities in Layout Engine for Mozilla 1.7
1000450.120058810296423-Oct-2007Multiple Security Vulnerabilities in samba(7) May Allow Remote Code Execution, Elevation of Privileges, Remote Shell Command Execution, or Denial of Service (DoS)
1000452.120059010308212-Oct-2007Security Vulnerability in the Solaris RPC Services Library (librpcsvc(3LIB)) may Lead to a Denial of Service (DoS) Against Networked File Systems
1000453.120059110287403-Sep-2007A Security Vulnerability in Sun Cluster Software may Lead to Data Corruption and "send_mondo" Panics
1000454.120059210288625-Jul-2007Multiple vulnerabilities in libfreetype, Xsun(1) and Xorg(1)
1000456.120059410292625-Jun-2007Security Vulnerability in the Solaris libsldap Library May Allow a Denial of Service to nscd(1M)
1000457.120059510283403-Jun-2007A Security Vulnerability in How xscreensaver(1) Interacts With GNOME Assistive Technology May Allow Arbitrary Command Execution
1000459.120059710291123-May-2007Security Vulnerability in NFS Client Module May Lead to a Denial of Service Condition
1000460.120059810292128-May-2007A Security Vulnerability in the Solaris 10 inetd(1M) Service May Lead to a Denial of Service (DoS) Condition
1000461.120059910299709-Jul-2007Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition
1000466.120060410298514-Aug-2007Security Vulnerability in the Kerberos Administration Daemon (kadmind(1M)) May Lead to Arbitrary Code Execution
1000467.120060510297119-Aug-2007Multiple Memory Corruption Vulnerabilities in Mozilla 1.7 for Solaris 8, 9 and 10
1000468.120060610298820-Aug-2007Security Vulnerabilities in the ata(7D) Disk Driver May Lead to a Denial of Service Condition
1000470.120060810273508-Jan-2007Security Vulnerability With StarOffice/StarSuite Versions 6, 7 and 8 Related to the '.wmf' File Format
1000472.120061010265608-Nov-2006Security Vulnerability Issue of Forged RSA Signatures for Java Enterprise System and Solaris
1000474.120061210174028-Nov-2006Solaris 10 Security Issue With C Library (libc(3LIB)) and libproject(3LIB)
1000475.120061310290929-May-2007Cross-site Scripting Vulnerability in Sun Java System Messaging Server
1000482.120062010282825-Apr-2007Security Vulnerability in the Sun Fire X2100M2 and X2200M2 Implementation of IPMI
1000486.120062410214022-Mar-2007Security Vulnerability in Sun Java System Access Manager May Allow Administrator Access to Users Logged in As Root
1000489.120062710266228-Feb-2007Security Vulnerabilities in the Apache 2.0 Web Server "mod_rewrite", "mod_imap" and "mod_ssl" Modules
1000492.120063010276305-Feb-2007Multiple Security Vulnerabilites in Mozilla 1.7 for Solaris 8, 9, and 10
1000496.120063510316405-Feb-2008Security Vulnerability in the vuidmice(7M) STREAMS Modules May Lead to a System Panic
1000498.120063710314110-Dec-2007Manipulated Database Documents for StarOffice/StarSuite 8 May Lead to Arbitrary Code Execution
1000501.12006401011124790313-Apr-2003Security Vulnerability in the ypserv(1M) and ypxfrd(1M) Daemons
1000502.120064110316527-Jan-2008A Security Vulnerability in libdevinfo(3LIB) May Allow Unauthorized Access to Files on the System
1000503.120064210311428-Jan-2008Multiple Security Issues Within The X Font Server (xfs(1)) QueryXBitmaps and QueryXExtents Protocol Handlers
1000506.120064710306101-Oct-2007Security Vulnerability in Solaris Named Pipes (pipe(2)) May Allow Unauthorized Data Access
1000507.120064810300220-Dec-2007Cross-site Scripting Vulnerability in Sun Java System Web Server and Web Proxy Server
1000511.12006541011615008121-May-2010Incorrect Certificate Validation in Java Secure Socket Extension (JSSE), Java Plug-In and Java Web Start
1000515.12006581011104781501-Jan-2003NFS Denial of Service can be Caused by a Client Application Killing the lockd(1M) Daemon
1000516.12006591011775062605-Feb-2003Certain UDP RPC Packets May Cause a Denial of Service in Solaris
1000518.120066110308327-Nov-2007Race Condition in the Solaris Remote Procedure Calls (RPC) Module May Result in a System Panic
1000520.12006631016035768308-Nov-2007Security Vulnerability in Netscape 6.x and 7 With PNG Files
1000524.120066710312728-Oct-2007Sun Fire X2100/X2200 M2 Servers ELOM Software is Vulnerable to Arbitrary Command Execution
1000531.120067610286516-Apr-2007Security Vulnerability in Mozilla 1.7 JavaScript Engine for Solaris
1000532.12006771013385672016-Apr-2007GNOME 2.0 XScreenSaver Will Not Lock as Root
1000533.120067810283508-Mar-2007Security Vulnerability When Using java.policy With RMI-IIOP
1000539.120068410277924-Jan-2007Security Vulnerability in the Sun Ray Server Software Admin GUI
1000542.12006871016995779520-Dec-2006Security Vulnerability in the WU-FTPD "wu_fnmatch" Function May Result in a Denial of Service (DoS)
1000543.120068810217106-Nov-2006Security Vulnerabilities in the Java Runtime Environment may Allow an Untrusted Applet to Elevate its Privileges
1000544.120069010219807-Sep-2006Security Vulnerabilities in the Apache 2 Web Server
1000558.120070410279416-May-2007Due to a Security Vulnerability in StarOffice, Manipulated StarCalc 1.0 Files May Allow Arbitrary Code Execution
1000560.120070810269606-Apr-2008A Security Vulnerability in RSA Signature Verification Affects Sun Java System Application Server, Proxy Server and Web Server
1000565.120071310289428-May-2007Security Vulnerability in PostgreSQL SECURITY DEFINER Functions May Allow Escalation of Privileges
1000566.120071410272529-May-2007A Malformed Packet Received by snmpd(1) via TCP may Cause a Denial of Service (DoS)
1000568.120071710229402-May-2007Sun Java System Directory Server: Denial of Service May Occur Due to Large Memory Allocation for Specific LDAP Requests
1000569.120071810286906-May-2007Security Vulnerability Relating to the acl(2) System Call May Allow Denial of Service (DoS) to the System
1000570.12007201015055757331-May-2004Buffer Overflow in sendmail(1M) Ruleset Parsing May Result in Unauthorized Privileges
1000574.12007261014275747411-Jan-2004Security Vulnerability Involving the tcsetattr(3C) Library Function on SPARC Based Systems
1000579.12007391014925755519-May-2010Java Runtime Environment Remote Denial of Service (DoS) Vulnerability
1000584.12007441014065744419-Jan-2010Sun Grid Engine 5.3 Software May Experience Security Vulnerabilities in OpenSSL
1000588.12007651013515692223-Sep-2003Sun Linux 5.0 sendmail(1M) Buffer Overflow Vulnerability
1000590.12007721012385392219-Jan-2010Quick Removal of a Sun Ray Smartcard May Leave Desktop Session Open
1000591.12007731012895576024-Jan-2010Sun Linux 5.0 Vulnerability in pam_xauth(8) Module May Allow Forwarding of Root Authorization to Unprivileged Users
1000594.12007771011955140024-Jan-2010Sun Linux and Cobalt Legacy Products are Vulnerable to a sendmail(1M) Buffer Overflow
1000595.12007781012785560119-Jan-2010On Sun Linux, an Unauthorized Remote User May be Able to Execute Arbitrary Commands With the "xpdf" User's Privileges
1000601.12007851013455686109-Oct-2003Secure Shell Daemon (sshd(1M)) Buffer Management Security Vulnerability
1000602.12007861013695734012-Oct-2003Solaris Security Vulnerability Involving the sysinfo(2) System Call
1000604.12007891013815741429-Apr-2004Buffer Overflow Vulnerability in the CDE DtHelp Library May Allow Unauthorized "root" Access
1000605.12007901014775753801-Apr-2004The Sun Secure Shell Daemon (sshd(1M)) May Fail to Log SSH Client IP Addresses
1000606.12007911014105745309-Dec-2003The pfexec(1) Command May Execute a "Profile" Command With Additional Privileges
1000608.12007931012105222211-Dec-2003In Solaris 8 and Solaris 9 a Buffer Overflow in the LDAP Name Service May Lead to Unauthorized Root Access
1000609.12007941013745740621-Oct-2003NFS Server May Panic Upon Receipt of Certain Invalid Client Requests
1000610.12008061012625522124-Jan-2010Sun One Application Server May Disclose JSP Source
1000611.12008101013935742803-Sep-2008TCP Port Conflict Between Sun Cluster for OPS/RAC and Solaris Secure Shell Server, and Possible Denial of Service Attack by Unprivileged Users Upon Sun Cluster
1000612.12008131012995594024-Jan-2010Sun Linux 5.0 CRLF Injection Vulnerability in Lynx 2.8.4 and Earlier
1000613.12008141012715546019-Jan-2010Sun ONE Application Server May Incorrectly Validate User Authentication Information With LDAP
1000614.12008151012885574010-Jul-2003Sun Linux 5.0 Buffer Overflow Vulnerability In "Pine" May Allow Remote Unprivileged Users to Cause a Denial of Service
1000620.12008211013465686224-Jan-2010Sun Linux Vulnerability in OpenSSH May Allow a Remote Unprivileged User to Execute Arbitrary Code
1000621.12008221012425410024-Apr-2003Security Vulnerability With The lofiadm(1M) Command in Solaris 8
1000622.12008231010864672424-May-2010The PHP on Sun/Cobalt Platforms Have Exploitable Vulnerabilities
1000624.12008251011985188407-May-2003Security Vulnerability in the Network Services Library, libnsl(3LIB), Affecting rpcbind(1M)
1000625.12008281012215262008-Apr-2003sendmail(1M) Parses Addresses Incorrectly in Certain Corner Cases
1000630.120083710307121-Oct-2007Java Runtime Environment (JRE) May Allow Untrusted Applets or Applications to Display An Oversized Window so that the Warning Banner is Not Visible to User
1000631.120083810286325-Sep-2007Security Vulnerability in StarOffice 8 May Lead to Heap Overflow and Arbitrary Code Execution
1000632.120083910306909-Sep-2009Installation of Sun Java System Access Manager 7.1 on Sun Java System Application Server 9.1 or 8.x May Compromise Application Server Security
1000634.120084110307302-Oct-2007Multiple Security Vulnerabilities in Java Web Start Relating to Local File Access
1000637.120084410315001-Jan-2008A Security Vulnerability in unzip(1L) May Set Unintended Permissions on Extracted Files
1000642.120085110308728-Oct-2007Security Vulnerability in the Solaris 10 Internet Protocol (ip(7P)) may Lead to a Denial of Service (DoS) Condition
1000647.120085610293421-Oct-2007Security Vulnerabilities in the Java Runtime Environment Image Parsing Code May Allow a Untrusted Applet to Elevate Privileges
1000648.120085810313012-Feb-2008Security Vulnerability in Solaris 10 OpenSSL SSL_get_shared_ciphers() Function
1000649.120085910306317-Feb-2008Security Vulnerability in BIND 8 May Allow Cache Poisoning Attack
1000653.120086310294824-Jul-2007A Security Vulnerability in lbxproxy(1) may Allow Unauthorized Read Access to Files
1000654.120086410279819-Jan-2010Security Vulnerability in the TCP Implementation of Solaris Systems May Allow a Denial of Service When Accepting New Connections While Undergoing a TCP "SYN Flood" Attack
1000655.120086510291714-Jun-2007Security Vulnerability with Manipulated RTF Files May Lead to Heap Overflows and Arbitrary Code Execution
1000657.120086710296126-Jun-2007Security Vulnerability in scp(1) May Allow Execution of Unintended Commands
1000659.120087010295727-Jun-2007Security Vulnerability With Java Web Start May Allow Application to Escalate Privileges
1000660.120087110298704-Nov-2009libpng(3) Contains a Denial of Service (DoS) Vulnerability
1000664.120087510287612-Jun-2007Security Vulnerability in Sun Java System Directory Server Leaks Information About Existence of Attributes
1000665.120087610310908-Oct-2007Security Vulnerabilities in the Solaris Trusted Extensions "labeld" Service May Lead to a Denial of Service (DoS) Condition
1000666.120087710178305-Nov-2006Security Vulnerability in Samba's "ms_fnmatch()" Function May Result in a Denial of Service (DoS)
1000667.120087810266716-Oct-2006Security Vulnerability in the Solaris 10 TCP Fusion Code May Lead to a System Panic, Resulting in a Denial of Service (DoS)
1000671.120088310255710-Jun-2010Java Plug-in and Java Web Start May Allow Applets and Applications to Run With Unpatched JRE
1000673.12008851016655775505-Nov-2006Buffer Overflow in telnet(1) Client Software
1000679.120089110228627-Jul-2006A Local Unprivileged User May be Able to Cause a Denial of Service (DoS) to Solaris 10 Hosts via the "/net" Mount Point
1000684.12008961014535750810-May-2006Multiple Buffer Overflows in "/usr/bin/uucp" May Allow Unauthorized uucp(1C) User ID Access
1000693.12009061015585763101-Feb-2006Security Vulnerabilities in the Kerberos Key Distribution Center (KDC) Daemon and Kerberos V5 Libraries
1000700.120091810179909-Aug-2005Security Vulnerability in JRE Plug-in affects the Sun Java Desktop System for Linux
1000702.120092010169005-Jun-2005A Security Vulnerability in Sun ONE Application Server May Disclose Files
1000707.120092510178221-Sep-2005Mulitple Security Vulnerabilities in Oracle Affect SunMC
1000714.12009351016535774124-Jan-2010Security Vulnerability With Java Plug-in in JRE/SDK for JDS
1000718.12009421015905767019-Jan-2010Security Vulnerability With The HTTP TRACE Functionality in Sun Java System Application Server
1000726.12009571014315747919-Jan-2004Security Vulnerability With Loading Arbitrary Kernel Modules in Solaris Kernel
1000727.12009581014255747227-Jan-2004Security Vulnerability in ASN.1 May Affect Solaris Internet Key Exchange (IKE)
1000732.12009711016795777124-Jan-2010A Limited Number of Sun StorEdge 6130 Arrays May be Vulnerable to Unauthorized Access
1000734.12009741016705776019-Jan-2010Sun Java System Web Server Denial-of-Service Vulnerability
1000736.120097810184208-Aug-2005Security Vulnerability in the "printd" Daemon
1000738.12009801015845766412-Jun-2005Security Vulnerabilities in Samba May Allow Unauthorized Root Privileges
1000743.12009861015135758119-Jan-2010Systems With Sun StorEdge Enterprise Storage Manager 2.1 Installed May Allow an Unprivileged Local User to Gain Root Access
1000744.12009881014965755909-May-2004The Solaris Management Console (smc(1M)) Server May Disclose Information About Files on a Solaris System
1000745.12009891014915755411-May-2004Solaris 9 Patches WITHDRAWN - Security Vulnerability With ypserv(1M) and ypxfrd(1M)
1000749.12009941016325771703-Jan-2005SMC Default Configuration GUI Creates User Accounts With Blank Password Instead of Locked Account
1000751.12009981015805765713-Oct-2004Security Vulnerability When Using LDAP In Conjunction With RBAC
1000752.12009991015815765824-Jan-2010Security Vulnerabilities Involving the utempter(8) Utility
1000757.12010051015705764624-Jan-2010Security Vulnerabilities in Common Unix Printing System (CUPS) May Allow a Remote Unprivileged User to Execute Arbitrary Code
1000758.12010061015725764819-Jan-2010Security Vulnerabilities in ImageMagick(1) May Allow a Remote Unprivileged User to Execute Arbitrary Code
1000761.12010091015365760524-Jan-2010Vulnerability In Sample Application Included With Sun Java System Web Server
1000762.12010101015435761319-Jan-2010Java Runtime Environment May Allow Untrusted Applets to Escalate Privileges
1000763.12010111015035757131-May-2004Sun Crypto Accelerator 4000 v1.0 Software May be Susceptible to OpenSSL Security Vulnerabilities
1000766.12010291013605710019-Jan-2010Sun Linux Multiple Security Vulnerabilities in OpenSSL
1000767.12010301013025602019-Jan-2010Sun ONE Application Server May Disclose JSP Source
1000768.12010311012745552023-Jun-2003BSM Enabled (bsmconv(1M)) Systems With Third Party Login Mechanisms May Experience cron(1M) or at(1) Failures
1000771.12010351012915580013-Jul-2003Fix for Security Vulnerability in dtsession(1X) May Be Lost
1000776.12010421014305747821-Jan-2004Solaris 9 patches 114332-08 and 114929-06 are WITHDRAWN - Patches Disable the Auditing Functionality on Basic Security Module (BSM) Enabled Systems
1000778.12010471013395674017-Mar-2004Security Issue Involving the Solaris sadmind(1M) Daemon
1000782.120105910288309-Oct-2007Security Vulnerability in the Human Interface Device (HID) Class Driver for Solaris
1000788.120106510284729-Apr-2007Multiple Security Vulnerabilities in Adobe Reader May Lead to Execution of Arbitrary Code
1000789.120106610289502-May-2007Security Vulnerability in Sun Java System Directory Server May Cause Denial of Service (DoS)
1000794.12010721016775776903-May-2009Multiple Security Vulnerabilities in libtiff(3)
1000798.120107610262126-Feb-2007Cross-site Scripting Vulnerability in Sun Java System Access Manager
1000800.120107810264001-Mar-2007Security Vulnerability in Apache 2 Web Server Module 'mod_ssl'
1000801.120107910266301-Mar-2007Security Vulnerabilities in the Apache 1.3 Web Server "mod_rewrite" and "mod_imap" Modules
1000809.120108710219206-Nov-2006Integer Overflow Vulnerability in Perl May Lead to Application Crash or Code Execution
1000811.120109010259310-Sep-2006Security Vulnerability in the Sun Java System Content Delivery Server May Allow Unauthorized Data Access
1000812.120109110256825-Sep-2006A Security Issue With Solaris 10 x64 Systems Using IPv6 Forwarding May Result in a Denial of Service (DoS)
1000818.120109710214405-Oct-2006Vulnerability With Solaris IPv6 May Allow a Remote User the Ability to Create a Denial of Service Condition
1000819.120109810260605-Oct-2006Security Vulnerability in Solaris 10 Link Aggregation may Allow Local Users Total Access to Network Packets
1000821.120110110251306-Nov-2006pkgadd(1M) May Set Incorrect Permissions if The pkgmap(4) File Contains a "?"in The "Mode" Field
1000822.120110210201707-Nov-2006Security Vulnerability With Java Management Extensions in the Java Runtime Environment may Allow Untrusted Applet to Elevate Privileges
1000824.120110410203007-Nov-2006The in.named(1M) Process May Make Unnecessary Queries Causing a Denial of Service
1000826.12011061016715776105-Nov-2006Buffer Overflow in telnet(1) Client Software Also Affects Kerberized Telnet
1000830.120111010230512-Jun-2006Security Vulnerability With Sun StorADE Version 2.4 Installation
1000831.120111110206820-May-2010Security Vulnerability in Sun Java System Communications Services 6 Delegated Administrator 2005Q1
1000832.120111210206623-Apr-2006Security Vulnerability May Allow An Unprivileged Local User to Gain Root Access or Panic the OS
1000835.120111510229212-Apr-2006Sun Java Studio Enterprise 8 May Create World-Writable Files When Installed by Root
1000837.120111710215917-Apr-2006A Security Vulnerability Involving the "pagedata" Subsystem of the Process File System (/proc(4)) May Cause the System to Hang or Panic
1000838.120111810211319-Apr-2006Security Vulnerability in LDAP2 Client Commands
1000845.120112610197428-Nov-2005OpenSSL (see openssl(5)) May Allow an Agent to Force a Rollback to a Cryptographically Weak Protocol Version
1000846.120112710234506-Nov-2006Security Vulnerability in Sun Java System Directory Server Related to Initial Installation Data
1000850.120113110257008-Nov-2006Buffer Overflow Vulnerability in libX11
1000854.120113510232227-Jul-2006Security Vulnerability With Sun N1 Grid Engine Daemons
1000855.120113610235612-Jun-2006Security Vulnerability in the Solaris 9 in.ftpd(1M) Server May Allow Unauthorized Directory Access
1000861.120114210204024-Apr-2006A Security Vulnerability in the "libike" Library May Affect the in.iked(1M) Daemon
1000867.120114810228213-Apr-2006Security Vulnerability May Allow 'sh' Process to be Crashed Causing a Denial of Service
1000871.120115210206022-Nov-2005Security Vulnerabilities in the traceroute(1M) Utility may Allow Elevated Privileges
1000872.120115310180030-Nov-2005Security Vulnerability in the Xsun(1) and Xprt(1) Commands
1000880.12011661016475773418-Jan-2005Security Vulnerability in the Generic Security Services Library libgss(3LIB)
1000887.12011731015185758619-Jan-2010Proxy Authentication to Sun ONE Calendar Server May Fails if Portal Display Preferences Are Changed
1000888.12011751016255770819-Jan-2010Security Vulnerabilities With Java Plug-in in JRE/SDK
1000892.12011801015855766524-Jan-2010Security Vulnerability Involving Webmail
1000893.12011821015735764919-Jan-2010Security Vulnerability in "a2ps" May Allow A Local Unprivileged User to Execute Arbitrary Code
1000898.12011961011635010423-Feb-2004Security Issue with kcms_server Daemon
1000899.12011971014345748321-Jan-2004Basic Security Module (BSM) Functionality is Impaired on Solaris Systems Which Have Removed The SUNWscpu Package
1000908.12012201013075612006-Aug-2003Sun Linux 5.0 Vulnerability Involving the unzip(1) Command
1000909.12012211013855741909-Nov-2003Running Xsun Server in Direct Graphics Access (DGA) Mode May Allow Creation of Temporary Files Insecurely or Allow a "Denial of Service" Attack
1000912.12012241012655530109-Jun-2003Solaris 8 IPv6 Enabled Systems May Panic Handling Certain Packets
1000914.120122710317523-Sep-2008Security Vulnerabilities in the Sun Ray Device Manager Daemon
1000917.120123010319204-Feb-2008A Security Vulnerability in the Solaris X Window System (X(5)) PCF Font Handler May Lead to Execution of Arbitrary Code or a Denial of Service (DoS) Condition
1000918.12012311012615516024-Jan-2010A Vulnerability in "Sun Management Center (SunMC) Change Manager" Program May Allow Unauthorized Root Privileges
1000924.12012381011344881827-Feb-2003Security vulnerabilities in BIND and libresolv (CERT CA-2002-31)
1000926.12012411011504947524-Jan-2010Security Vulnerabilities with Sun ONE Web Server 4.1SP11 and Earlier
1000928.12012431011094780024-Jan-2010Sun Linux Vulnerabilities in "unzip" and GNU "tar" Commands
1000931.120124710274412-Nov-2007Security Vulnerability With RSA Signatures Affects OpenSSL Shipped With Solaris
1000935.120125110311618-Sep-2008Cross-site Scripting (XSS) Vulnerability in the Sun Java System Access Manager Administration Console
1000936.120125210310125-Oct-2007Security Vulnerability in Solaris 10 SCTP INIT Processing
1000937.120125310310614-Oct-2007FTP Security Vulnerability May Cause a Denial of Service to Sun StorEdge 3510 Data Services
1000939.120125510300126-May-2008JSP Source Code Disclosure Vulnerability Affects Sun Java System Application Server and Web Server
1000942.120125910296714-Jun-2007Integer Overflow and Heap-Based Buffer Overflow Vulnerability in 3rd Party Module (Freetype)
1000943.120126010297020-Jun-2007Security Vulnerability in RSA Signature Verification Affects GnuTLS Library Versions Prior to 1.4.4
1000945.120126210291826-Jun-2007Security Vulnerabilities in the KSSL Kernel Module May Lead to a System Panic
1000946.120126310296326-Jun-2007A Security Vulnerability in the TCP Loopback/Fusion Code May Lead to a System Hang Resulting in a Denial of Service (DoS)
1000947.120126410296228-Jun-2007Security Vulnerability in the sshd(1M) Protocol Version 1 Implementation May Allow a Denial of Service to the Host
1000949.120126610292903-Jun-2007Security Vulnerability With snmpd(1M) When Processing Certain AgentX Subagent Requests
1000950.120126710296512-Jun-2007A Security Vulnerability in Solaris 10 NFS XDR Handling May Allow a Denial of Service to NFS Servers
1000951.120126810287512-Jun-2007Security Vulnerability in Sun Java System Directory Server May Allow Unauthorized Data Modifications
1000953.120127010280727-Apr-2008Security Vulnerability in StarOffice/StarSuite URL Handler
1000964.120128110274528-May-2007A Security Vulnerability in the in.iked(1M) Service May Lead To a Denial of Service (DoS)
1000965.120128210293229-May-2007Security Vulnerability in Adobe Flash Player May Allow Unauthorized Header Injection into HTTP Requests
1000973.120129110269907-Feb-2007A Security Vulnerability in the Solaris 10 Loopback FileSystem (LOFS) May Allow Files in a Non-global Zone to be Moved or Renamed From a Read-Only Fileystem
1000975.120129310268614-Feb-2007Security Vulnerability in RSA Signature Verification Affects Java 2 Platform, Standard Edition
1000976.120129410277204-Jun-2009Third-party Applications Using GSS-API May Be Vulnerable to Compromise
1000978.120129610218606-Nov-2006Security Vulnerability in the in.rexecd(1M) Daemon on Kerberos Systems
1000982.120130210254331-Jul-2006Security Vulnerability on Sun Fire T2000 With Solaris 10 (3/05 HW2)
1000986.12013081012505476020-May-2010Java Virtual Machine (JVM) May Crash Due to Vulnerability in the Java Media Framework (JMF)
1000987.120131010317217-Dec-2007Solaris 9 sshd(1M) Patches May Cause Incorrect Audit Data to be Logged
1000988.12013111010234430901-Apr-2003Buffer Overflow in cachefsd in Solaris
1000990.120131510315731-Jan-2008Security Vulnerability in Simplified Chinese, Traditional Chinese, Korean, and Thai Language Input Methods
1000991.120131610315804-Feb-2008A Security Vulnerability in the USB Mouse STREAMS Module May Lead to a System Panic
1000992.120131710316207-Jan-2008Solaris 10 Kernel Patches May Allow Privileged Remote Users to Gain Root Access to Files Shared by NFS Servers
1000994.120131910306021-Oct-2007Security Vulnerability in RPCSEC_GSS (rpcsec_gss(3NSL)) Affects Kerberos Administration Daemon (kadmind(1M))
1000995.120132010317009-Sep-2008Multiple Security Vulnerabilities Within the GIMP Plugins
1000998.12013241012035202219-Jan-2010Buffer Overflow in Web Connector Module of Application Server
1000999.12013251011655016130-Mar-2003Security Vulnerability with the at(1) Command on Solaris
1001000.12013261011605000813-Jan-2003Security Vulnerability with the Solaris "/usr/lib/utmp_update" Command
1001001.12013271011645014216-Jan-2003Several Kerberos Applications are Vulnerable to a Denial of Service
1001002.12013281010564550901-Oct-2010Sun Cobalt "mod_ssl" ("apache-openssl-1.3.x") May Allow Local Account Compromise
1001005.120133110316001-Sep-2008Security Vulnerabilities in libtiff(3) May Allow Denial of Service (DoS) or Privilege Elevation
1001006.120133210309902-Sep-2008Multiple Security Vulnerabilities in the Solaris Tag Image File Format Library libtiff(3)
1001007.120133310315920-Jul-2010Security Vulnerabilities in Early Versions of Sun SPARC Enterprise M4000/M5000/M8000/M9000 XSCF Control Package (XCP) firmware may Result in a Denial of Service (DoS) Condition
1001009.120133510313902-Sep-2008Multiple Security Vulnerabilities in the JavaScript Engine in Mozilla 1.7 for Solaris 8, 9 and 10
1001013.120133910306417-Oct-2007Security Vulnerabilities in Solaris Kernel Statistics Retrieval Process May Allow a Denial of Service (DoS)
1001014.120134010300930-Aug-2007A Security Vulnerability With the Special File System (SPECFS) strfreectty() Function May Allow a Local Unprivileged User to Panic a System
1001015.120134110196529-May-2008A Security Vulnerability in the Sun Cluster Global File System
1001021.120134810295802-Jul-2007Cross-site Scripting Vulnerability (XSS) Affecting Pages Generated with JavaDoc Tool
1001022.120134910297809-Jul-2007Security Vulnerability in the rcp(1) Command May Allow Execution of Unintended Commands
1001023.120135010285615-Jul-2007Security Vulnerabilities in the Network Security Services (NSS) May Affect SSL Clients and SSL Servers
1001025.120135210216106-Nov-2006Security Vulnerability in the hsfs(7FS) File System
1001028.120135510231629-Aug-2006Privileged Applications Linked to libpkcs11(3LIB) Which Obtain Password Entries Using getpwnam(3C) May Fail or Possibly Grant Elevated Privileges to Local Users
1001032.120135910246201-Aug-2006Security Vulnerability With NIS server ypserv(1M) May Allow a Denial of Service (DoS) to Occur
1001042.12013691014445749613-Dec-2006Security Vulnerability in the Apache Web Server "mod_alias" and "mod_rewrite" Modules
1001045.120137210200305-Nov-2006Security Vulnerabilities in the Java Runtime Environment May Allow an Untrusted Applet to Elevate Its Privileges
1001047.120137410309609-Oct-2007Security Vulnerability in the Solaris Auditing (BSM) Related to Network Auditing May Lead to Denial of Service (DoS)
1001054.120138110282230-May-2007Sun Java System Web Server May Allow A User with Revoked Client Certificate to Access Server Instance Under Certain Conditions
1001055.120138210285302-May-2007The Directory Server ("ns-slapd") May Exit Unexpectedly When Handling Certain Queries
1001059.120138610280012-Apr-2007Security Vulnerabilities in Mozilla 1.7 for Solaris 8, 9 and 10
1001060.120138710285416-Apr-2007Security Vulnerability in the Sun Java Web Console May Allow Access to Privileged Data or Lead to Denial of Service
1001063.120139010272221-Feb-2007Security Vulnerability With RSA Signature Affects Solaris Applications Utilizing the libike Library
1001064.120139110280227-Feb-2007Security Vulnerability in the in.telnetd(1M) Daemon May Allow Unauthorized Remote Users to Gain Access to a Solaris Host
1001068.120139510257420-Dec-2006A Security Vulnerability in the Solaris Kernel May Allow a Denial of Service (DoS) Condition to Occur
1001072.12014001012395392420-May-2010Sun Cobalt Samba Versions Earlier Than 2.2.8 May Allow Remote Unauthorized Root Privileges
1001080.12014321014235747005-Jan-2004Security Vulnerability With the Extended Library Function sendfilev(3EXT)
1001084.12014381013195638024-Jan-2010Timing Based Attack Vulnerabilities in the Java Secure Socket Extension
1001085.12014401012865570021-Jul-2003Sun Linux VIM Package May Give Unprivileged Users the Ability to Execute Arbitrary Commands
1001088.12014431012245270024-Jan-2010Sun Linux and Cobalt Legacy Products are Vulnerable to Additional sendmail(1M) Buffer Overflow
1001090.12014451012775560019-Jan-2010Sun Linux NIS server ("ypserv") is Vulnerable to a Denial of Service (DoS) Attack
1001091.12014481012635526003-Jun-2003A Security Vulnerability With The "/usr/lib/utmp_update" Command May Allow Local Unauthorized Privileges
1001092.12014511013125618024-Jan-2010SunOne/iPlanet Web Server Vulnerable to Denial of Service (DoS) Attack
1001093.12014521012435414724-Jan-2010Security Vulnerability in SSL/TLS Block Ciphers may affect Sun ONE/iPlanet Web Server and Application Server
1001094.12014531013845741824-Jan-2010Sun One Web Server Log Analyzer Vulnerability
1001095.12014541013885742324-Jan-2010Sun ONE Web Server "Denial of Service" Vulnerability
1001100.12014601011945134024-Jan-2010Security Vulnerability in Sun Cluster 2.2
1001101.12014621012025198027-Apr-2003The wall(1M) Command May be Used to Send Messages Containing a Forged User ID
1001104.12014771013575704024-Sep-2003The Am7990 ("LANCE") Ethernet Driver (le(7D)) Reuses Old Frame Buffer Data to Pad Packets
1001105.12014781013595708028-Sep-2003Use of "namefs" Mounted pipe(2) and Certain STREAMS Routines May Panic a Solaris System
1001107.12014801013095612213-Aug-2003Sun Linux 5.0 Python Creates Temporary Files Insecurely
1001109.12014821012855568028-Jul-2003Security Vulnerability in the Solaris Runtime Linker ld.so.1(1)
1001112.12014871012315358127-May-2003Security Vulnerability in Samba(7) versions 2.2.2 through 2.2.8 May Allow Remote User Unauthorized Privileges
1001115.12014921013405678019-Jan-2010Recent Mass Mailing of "Worms" or Mail Viruses May Cause Network and Application Performance Degradation
1001117.12014951012415404210-Nov-2003Solaris/SEAM Kerberos 5 Vulnerability due to Buffer Overflow/Underflow in Principal Name Handling
1001119.12014981007502341219-Jan-2010Vulnerability in Solaris "AnswerBook2 Documentation" Server Daemon
1001123.120150510312502-Sep-2008Multiple Security Vulnerabilities in JavaScript Engine in Mozilla 1.7 for Solaris 8, 9 and 10
1001124.120150610316710-Dec-2007Security Vulnerabilities in Adobe Flash Player May Allow Unauthorized System Access or Generation of HTTP Requests
1001126.120150810315217-Dec-2007Security Vulnerability in Sun Management Center (Sun MC) May Allow Unauthorized Access to System and Data
1001130.120151310318810-Jan-2008Security Vulnerability in Solaris 10 Related to the dotoprocs() Routine
1001131.120151410320110-Feb-2008Security Vulnerability in the libxml2 Library May Lead to a Denial of Service (DoS)
1001133.120151610317716-Mar-2008Multiple Security Vulnerabilities in Firefox and Thunderbird for Solaris 10 May Allow Execution of Arbitrary Code and Access to Unauthorized Data
1001134.120151910307904-Sep-2008Security Vulnerability in Java Runtime Environment With Applet Caching May Allow Network Access Restrictions to be Circumvented
1001138.12015261011905118102-Mar-2003sendmail(1M) Parses Headers Incorrectly in Certain Corner Cases
1001139.12015271011935130004-Mar-2003UFS File Systems With Logging Enabled are Vulnerable to a Denial of Service (DoS) Attack
1001141.120153110271102-Dec-2007Security Vulnerabilities in OpenSSL May Lead to a Denial of Service (DoS) to Applications or Execution of Arbitrary Code With Elevated Privileges
1001142.120153210313629-Oct-2007Multiple Security Vulnerabilities in the Layout Engine in Mozilla 1.7 for Solaris 8, 9 and 10
1001144.120153410275908-Nov-2007Security Vulnerabilities in OpenSSL Affect Solaris WAN Boot
1001146.120153710300025-Oct-2007JSP Source Code Exposure Issue on Windows Platform Affects Sun Java System Application Server
1001147.120153810303304-Jan-2009Sun Java System Access Manager Does Not Securely Process XSLT Stylesheets contained in XML Signatures contained in XML Signatures
1001148.120153910301803-Sep-2007Security Vulnerability in Solaris 10 BIND: Susceptible to Cache Poisoning Attack
1001150.120154210288824-Jul-2007Security Vulnerability in libX11 for Solaris
1001151.120154410295426-Jun-2007dtsession(1X) Contains a Buffer Overflow Vulnerability
1001152.120154510283330-May-2007Security Vulnerability in Sun Java System Web Server May Allow Unauthorized Access to Host Data With Certain URLs
1001158.120155110299517-Jul-2007A Security Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions
1001160.120155310292713-Sep-2007Security Vulnerabilities in the SOCKS Module of Sun Java System Web Proxy Server 4.0
1001161.120155410297205-Aug-2007Multiple Security Vulnerabilities in the Solaris Gnome PDF Viewer (gpdf(1)) may Allow a Denial of Service (DoS) Condition or Lead to Execution of Arbitrary Code
1001164.120155810250116-Jul-2006Security Vulnerability With Malformed XML Documents in StarOffice/ StarSuite
1001173.12015671015895766913-Apr-2006Security Vulnerabilities May Allow a Denial of Service in Sun Java System Web and Application Server Products
1001174.12015681015195758718-Apr-2006Solaris 9 Patches 112908-12 and 115168-03 WITHDRAWN, May Cause Passwords to be Logged as Clear Text on Kerberos Clients
1001181.120157510191307-Sep-2005Denial of Service Vunerabilities in Sun Java Web Proxy Server
1001186.12015811016875778028-Apr-2005NIS+ Client Users May Be Able to Cause a Denial of NIS+ Service
1001187.12015821016285771201-Mar-2005Security Vulnerability in Kerberos 5 Administration Library for Solaris/SEAM
1001190.12015851015555762811-Aug-2005Security Vulnerabilities in the Apache Web Server and Apache Modules
1001191.12015861007582360419-Jan-2010Potential Security Issue in ServerSocket.accept()
1001193.120158810176814-Jun-2005Security Vulnerability in the lpadmin(1M) Utility
1001195.120159010191030-Oct-2005Sun Java System Application Server May Disclose Source Code of Java Server Pages
1001197.120159210177028-Sep-2005Security Vulnerability in Webmail May Allow an Unprivileged User to Execute Arbitrary Code
1001201.12016011016115769124-Jan-2010Security Vulnerability in Webmail May Allow Unprivileged Users to Execute Arbitrary Code
1001203.12016031015595763219-Jan-2010Netscape NSS Library Vulnerability Affects Sun Java System Web Server and Sun Java System Application Server
1001205.12016061015475761724-Jan-2010Multiple Security Vulnerabilities in the Portable Network Graphics (PNG) Library libpng(3)
1001207.12016081015545762715-Aug-2004Buffer Overflow in the CDE Mailer dtmail(1X)
1001209.12016101015635763719-Jan-2010Security Vulnerabilities in QT Library May Allow a Remote Unprivileged User to Execute Arbitrary Code
1001210.12016111015695764519-Jan-2010Security Vulnerabilities in imlib Library May Allow a Remote Unprivileged User to Execute Arbitrary Code
1001212.12016151015325760028-Jun-2004The gzip(1) Command May Change the Permissions of Hard Linked Files on Solaris 8 Systems
1001213.12016161015315759920-May-2010ASN1 Decoder For Sun Java System Directory Server May Be Subject to Denial of Service (DoS)
1001216.12016231014205746419-Jan-2010Sun ONE Web Server Buffer Overflow Vulnerability May Result in "Denial of Service" (DoS)
1001223.12016361014115745409-Dec-2003Security Vulnerability Involving the passwd(1) Command
1001227.12016481016725776319-Jan-2010Buffer Overflow Vulnerabilities in Sun Java System Web Proxy Server 3.6
1001228.12016491016765776814-Apr-2005Multiple Security Vulnerabilities in Xsun and Xprt Server Font Handling
1001229.12016501015765765308-May-2005libXpm Security Vulnerabilities Affect the Motif Library (libXm)
1001233.12016561016415772711-Jan-2005Security Vulnerability in Solaris 8 DHCP Administration Utilities
1001235.120165810186410-Aug-2005Multiple Security Vulnerabilities in The "MySQL" Package
1001237.12016601015235759129-Aug-2005Security Vulnerability With Java Plug-in in JRE/SDK
1001242.12016691016515773813-Feb-2005Security Vulnerability in the "stfontserverd" Daemon
1001244.12016711016175769919-Jan-2010A Security Vulnerability in Sun Java System Web and Application Server May Allow Unprivileged Users the Ability to Access Session IDs
1001245.12016721016245770719-Jan-2010Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability
1001246.12016751016195770122-Dec-2004Multiple Security Vulnerabilities in Mozilla
1001247.12016771015755765205-Dec-2004Security Vulnerabilities in libXpm May Allow a Remote Unprivileged User to Execute Arbitrary Code
1001252.12016871015305759808-Jul-2004Security Vulnerability With Solaris Volume Manager (SVM)
1001257.12017041013145622024-Jan-2010Sun Linux 5.0 Security Vulnerability in "wu-ftpd" May Allow Unauthorized Root Access
1001262.12017101012955588224-Jan-2010Sun Linux 5.0 Denial of Service Vulnerability in "nfs-utils" Package Version 1.0.3 and Earlier
1001264.12017131014595751724-Jan-2010Sun Java System Application Server Denial-of-Service Vulnerability
1001267.12017181014645752419-Jan-2010Potential SSL Vulnerabilities in Sun Products
1001270.12017211014465749824-Jan-2010ASN.1 Parsing Issue May Lead to Denial-of-Service Condition in Sun Java System Web Server and Sun Java System Application Server
1001271.12017221014495750219-Jan-2010A Security Vulnerability in the Sun Cluster Global File System May Allow an Unprivileged Local User to Panic a Cluster Node
1001273.12017241014975756021-May-2010Java Secure Socket Extension (JSSE) May Incorrectly Validate Certificates
1001276.120173610295519-Aug-2007Security Vulnerability in JavaScript Engine in Mozilla 1.7 for Solaris 8, 9 and 10
1001277.120173710262213-Nov-2006A Security Vulnerability in the Java Runtime Environment Swing Library may Allow an Untrusted Applet to Access Data in Other Applets
1001282.120174210280330-May-2007Multiple Integer Overflow Vulnerabilities in the X Font Server (xfs(1)) and the X Render and DBE Extensions
1001284.120174410288129-Apr-2007Security Vulnerability With Java Web Start Related to Incorrect Use of System Classes
1001287.120174710284616-Apr-2007Security Vulnerability in the Mozilla js_dtoa() Routine May Result in Denial of Service
1001291.120175110282504-Mar-2007Two Security Vulnerabilities in PostgreSQL May Allow Denial of Service or Information Leakage
1001292.120175210278007-Mar-2007Two Integer Overflow Vulnerabilities Found in the Xorg(1) X Server
1001293.120175310266830-Jan-2007Security Vulnerabilities In OpenSSL Affect Sun Grid Engine 5.3 and N1 Grid Engine 6.0
1001294.120175410272430-Jan-2007Security Vulnerabilities in Solaris ld.so.1(1) may Lead to Execution of Arbitrary Code with Elevated Privileges
1001308.120176910234327-Jul-2006Potential Kernel Memory Disclosure Vulnerability in the Solaris sysinfo(2) System Call
1001313.120177410249019-Jul-2006Security Vulnerability With Macros in StarOffice/StarSuite
1001314.120177510247519-Jul-2006Security Vulnerability With Java Applets in StarOffice/StarSuite
1001316.12017771008812752501-Nov-2006Possible Security Issue with XView Text Clipboard
1001317.120177810251005-Oct-2006Security Vulnerability May Allow the syslog(3C) Service to be Disabled
1001318.12017801016585774606-Dec-2006Sun TCP Connections May Experience Performance Degradation If Certain ICMP Error Messages Are Received
1001319.120178110251406-Nov-2006Security Vulnerability May Allow Users With the "File System Management" RBAC Profile to Gain Elevated Privileges
1001321.120178310265014-May-2010Cross-site Scripting Vulnerabilities in the Sun Secure Global Desktop Software
1001323.120178510246126-Jul-2006Systems With Sun Java Enterprise System Installed May Hang Due to a Memory Leak in the Network Security Services (NSS) Software
1001325.120178710232127-Jul-2006Incomplete Authentication and Authorization in Sun Grid Engine 5.3 and N1 Grid Engine 6.0 Certificate Security Protocol (CSP) Mode
1001328.120179010225221-May-2006Security Vulnerabilities found in the Xorg(1) X11R6.9 and X11R7.0 Server
1001329.120179110233922-May-2006Security Vulnerability in the Xorg(1) Version of the Render Extension
1001330.120179210193320-Apr-2006Security Vulnerabilities in uucp(1C) and uustat(1C)
1001331.120179310212220-Apr-2006Security Vulnerability in PC Netlink 2.0 "slsmgr" May Allow Files to be Opened Insecurely
1001337.120179910180931-Jan-2006Security Vulnerabilities in the Kerberos Key Distribution Center (KDC) Daemon
1001338.12018001015125758001-Feb-2006Solaris/SEAM Kerberos 5 Vulnerability Due To Buffer Overflows In krb5_aname_to_localname()
1001341.120180310177619-Mar-2006Security Vulnerabilities in The "libgdk_pixbuf" Library May Allow a Remote Unprivileged User the ability to Execute Arbitrary Code
1001423.12019221010554550823-Jun-2003OpenSSH-2.9p2-12C4 May Allow root Exploit in Sun Cobalt RaQ 550
1001424.12019241009254052115-Jul-2003Anonymous FTP Sessions are not Audited When the Basic Security Module (BSM) is Used
1001428.12019311013705736012-Oct-2003Security Vulnerability on Sun Systems With a PGX32 Frame Buffer
1001430.12019331012685538015-Jun-2003Solaris 8 LDAP Clients May Log the Proxy Agent User's Password as Clear Text
1001432.12019351012705544018-Jun-2003syslogd(1M) Does Not Properly Handle Large syslog(3C) Packets and May Allow an Unprivileged User to Cause a Denial of Service
1017334.122838710251202-Aug-2006Local Users May be Able to Hang Systems That Have Loaded The Kernel Debugger kmdb(1)
1017335.122838810189511-Oct-2005A Security Vulnerability in Solaris 10 May Allow a Local Unprivileged User the Ability to Panic the System
1017342.122839710294503-Sep-2007Security Vulnerabilities in the Network Security Services (NSS) Library May Affect Sun Java System Application Server, Web Server and Web Proxy Server
1017347.122840610302129-Jul-2007Solaris 10 Systems May Panic or Hang When Running Certain DTrace D Programs
1017349.122840810256325-Sep-2006A Remote SSL Client May be Able to Cause a Denial of Service (DoS) of a Solaris 10 System Running a Kernel SSL Service Instance
1017350.122840910293012-Aug-2007Security Vulnerability in the Kerberos kadm5 Library May Allow Execution of Arbitrary Code
1017352.12284111014125745509-Dec-2003Security Issue Involving the tcsh(1) ls-F builtin on Solaris 8
1017357.122841910200213-Mar-2008Security Vulnerability in the Sun ONE and Sun Java System Directory Server's and the Sun Java System Directory Proxy Server's HTTP Administrative Interface
1017359.12284231015955767502-Nov-2004Security Vulnerability in ping(1M)
1017423.122852010286704-Apr-2007Security Vulnerability in the SEAM Kerberized telnetd(1M) Daemon May Allow Unauthorized Remote Users to Gain Access to a Solaris Host
1017424.12285211012155238816-Apr-2003Security Vulnerability with /usr/dt/bin/dtsession
1017426.122852410271408-Mar-2007Security Vulnerability With Integer Multiplication Within libXfont Affects Solaris X11 Servers
1017427.122852510248502-Aug-2006Security Vulnerabilities in The Solaris Event Port API May Result in a Denial of Service (DoS) Condition
1017428.122852610255010-Sep-2008Multiple Security Vulnerabilities in Mozilla 1.4 and 1.7 for Solaris and for Sun JDS for Linux
1017429.12285291012795560219-Jan-2010Sun Linux 5.0 Security Vulnerabilities in XFree86 Packages
1017430.12285321009974354116-Apr-2003Security issue with zlib (libz(3)) in Solaris and OpenWindows and GNOME
1017433.122853610224622-May-2006A Security Vulnerability in the "libike" Library May Potentially Cause a Denial of Service to the in.iked(1M) Daemon
1017440.12285441014055744304-Dec-2003Text Editor ed(1) Creates Temporary Files in an Unsafe Manner
1017443.122854710219714-Aug-2006Security Vulnerabilities in the Apache 1.3 Web Server
1017444.122854810194805-Nov-2006Security Vulnerability in Sun Java System Communications Express Software
1017448.12285541011855092218-Feb-2003rpcbind(1M) May be Terminated by Unprivileged Client Applications, Leading to Denial of RPC Services
1017451.122855710265811-Jan-2007Security Vulnerability in the Netscape Portable Runtime (NSPR) API Affects Solaris
1018535.123021310192625-Sep-2007Security Vulnerability in the Xsun(1) and Xorg(1) Servers
1018932.123078810217006-Nov-2006Security Vulnerability With Java Web Start
1018933.123078910205007-Nov-2006Security Vulnerability With Java Runtime Environment May Allow Untrusted Applet to Elevate Privileges
1018934.123079010174812-Jun-2005Security Vulnerability With Java Web Start
1018935.123079110174912-Jun-2005Security Vulnerability With Java Runtime Environment May Allow Untrusted Applet to Elevate Privileges
1018961.123090119-Jan-2010Security Vulnerability in the Solaris X Server May Lead to Unauthorized Disclosure of Information on Access Restricted Files and Directories
1018965.123124419-Jan-2010Some Sun SPARC Enterprise T5120 and T5220 Servers Shipped With an Incorrect Solaris 10 Image Containing an Insecure Configuration
1018967.123124629-Jan-2008A Vulnerability in the Java Runtime Environment XML Parsing Code May Allow URL Resources to be Accessed
1018968.123126104-Feb-2008Two Vulnerabilities in the Java Runtime Environment May Independently Allow an Untrusted Application or Applet to Elevate Privileges
1018970.123132119-Jan-2010Security Vulnerabilities in ImageMagick May Lead to Arbitrary Code Execution or Denial of Service (DoS)
1018975.123140217-Sep-2010Denial of Service Vulnerabilities in ldap_cachemgr(1M) Daemon
1018976.123140310-Mar-2008A Security Vulnerability Relating to Inter-Process Communication (IPC) May Lead to a Denial of Service (DoS)
1018977.123144124-Jan-2010Multiple Security Vulnerabilities in Solaris 10 Firefox and Thunderbird
1018980.123146613-Feb-2008Two Security Vulnerabilities Exist Within the cpc(3CPC) Sub-System of the Solaris Kernel
1018981.123146719-Jan-2010Cross-Site Scripting Vulnerability in Sun Java System Web Server Search Module
1018985.123152424-Jan-2010Security Vulnerability in Solaris 10 Perl 5.8
1018987.123152619-Jan-2010Security Vulnerability in Sun Java Web Console
1018994.123160119-Jan-2010Security Vulnerability With Quattro Pro Files in StarOffice 8/StarSuite 8
1018996.123164119-Jan-2010Security Vulnerability for ODF Text Documents Containing XForms in StarOffice 8/StarSuite 8
1018997.123164219-Jan-2010Security Vulnerability for OLE Files in StarOffice 7 and 8, StarSuite 7 and 8
1018998.123166119-Jan-2010Manipulated EMF Files May Lead to Heap Overflows and Arbitrary Code Execution
1019007.123180327-Apr-2008Security Vulnerability in the Solaris 10 DTrace Dynamic Tracing Framework May Allow Unauthorized Kernel Level Tracing
1019015.123328427-Apr-2008Security Vulnerability in inetd(1M) Daemon When Debug Logging is Enabled
1019016.123332119-Jan-2010Two Security Vulnerabilities in the Java Runtime Environment Virtual Machine
1019017.123332219-Jan-2010Security Vulnerability in the Java Runtime Environment With the Processing of XSLT Transformations
1019018.123332319-Jan-2010Multiple Security Vulnerabilities in Java Web Start May Allow an Untrusted Application to Elevate Privileges
1019019.123332419-Jan-2010A Security Vulnerability in the Java Plug-in May Allow an Untrusted Applet to Elevate Privileges
1019020.123332519-Jan-2010Vulnerabilties in the Java Runtime Environment image Parsing Library
1019021.123332619-Jan-2010Security Vulnerability in the Java Runtime Environment May Allow Untrusted JavaScript Code to Elevate Privileges Through Java APIs
1019022.123332719-Jan-2010Buffer Overflow Vulnerability in Java Web Start May Allow an Untrusted Application to Elevate its Privileges
1019033.123356119-Jan-2010Cross Site Scripting (XSS) Vulnerability in Sun Java Server Faces (JSF) Input Handling Routines May Lead to Elevation of Privileges
1019040.123362319-Jan-2010Cross Site Scripting (XSS) Vulnerabilities in the Apache 1.3 and 2.0 "mod_imap" and "mod_status" Modules
1019048.123376127-Feb-2008Security Vulnerability in the ipsecah(7P) Kernel Module May Lead to System Panic
1019056.123392119-Jan-2010A Security Vulnerability in Floating Point Context Switch Implementation May Result in a Denial of Service (DoS) or Data Integrity Issues
1019057.123392219-Jan-2010Multiple Security Vulnerabilities in ICU 3.2 Library Regular Expression Processing May Cause a Denial of Service (DoS)
1019070.123430224-Jan-2010Security Sun Alert Archive Reference for Year 2002
1019071.123430324-Jan-2010Security Sun Alert Archive Reference for Year 2001
1019072.123430424-Jan-2010Security Sun Alert Archive Reference for Year 2000
1019091.123466111-Mar-2008Security Vulnerability in the Solaris 10 Java Desktop System (JDS) XscreenSaver(1) Application May Allow Unauthorized Access to Data
1019093.123470117-Mar-2008A Security Vulnerability in Solaris 10 libexif May Allow Code Execution or a Denial of Service (DoS) Condition
1019100.123482227-Apr-2008A Security Vulnerability in The N1 Grid Engine 6.1 Qmaster Daemon May Lead to a Denial of Service (DoS)
1019116.123512210-Jun-2008Vulnerability in the Solaris 10 Event Port Implementation May Lead to a System Panic, Resulting in a Denial of Service (DoS)
1019128.123538119-Jan-2010Security Vulnerability in Sun Java System Directory Proxy Server May Grant Unauthorized Administrative Access
1019129.123542104-Jun-2008Security Vulnerability in Solaris 10 Trusted Extensions Labeled Networking Related to Data Transfer Between Labeled Zones
1019132.123552124-Jan-2010A Security Vulnerability in Sun Java System Calendar Server May Allow Denial of Service (DoS) When Access Logging is Enabled
1019145.123590102-Apr-2008A Security Vulnerability in the Handling of Self Encapsulated IP Packets may Lead to a Denial of Service (DOS) Condition.
1019153.123614107-Apr-2008Security Vulnerabilities in the GNU Zebra and Quagga BGP Routing Daemon May Allow for Denial of Service
1019164.123632122-May-2008A Security Vulnerability in Solaris 10 Involving the SCTP Protocol May Result in a Panic and Denial of Service (DoS)
1019174.123648119-Jan-2010Cross-Site Scripting Vulnerability in the Sun Java System Web Server Advanced Search Mechanism
1019177.123652101-May-2008A Security Vulnerability in Solaris 10 Involving the SCTP Protocol May Result in a Denial of Network Services Due to Network Flooding
1019188.123670329-Jun-2008Multiple Security Vulnerabilities May Affect MySQL 4.0.x Bundled With Solaris 10
1019199.123688419-Jan-2010Security Vulnerabilities in Solaris Print Service May Lead to Denial of Service (DoS) or Execution of Arbitrary Code
1019202.123694419-Jan-2010A Security Vulnerability in Sun Ray Kiosk Mode 4.0 May Allow Escalation of Privileges
1019235.123744420-Jan-2010Security Vulnerability in Solaris SSH May Allow Unauthorized Access to X11 Sessions
1019237.123746519-Jan-2010Security Vulnerabilities in the Tcl GUI Toolkit Library may lead to arbitrary code execution or Denial of Service (DoS)
1019244.123758419-May-2008A Security Vulnerability in the Solaris 10 STREAMS Administrative Driver ("sad") May Allow a Denial of Service (System panic)
1019254.123776419-Jan-2010Two Security Vulnerabilities in samba(7) WINS Server Daemon (nmbd) May Allow Execution of Arbitrary Code or Lead to a Denial of Service (DoS) Condition
1019260.123786419-Jan-2010A Security Vulnerability in the Solaris crontab(1) utility may allow execution of Arbitrary Code
1019264.123794419-Jan-2010A Security Vulnerability in StarOffice/StarSuite 8 may allow file manipulation and Arbitrary Code execution
1019266.123796519-Jan-2010A Security Vulnerability in IP Multicast Filter processing of Sockets may lead to a system panic or possible execution of Arbitrary Code
1019267.123798519-Jan-2010A Security Vulnerability in the Solaris snmpXdmid(1M) may lead to a Denial of Service (DoS) condition
1019268.123798619-Jan-2010A Security Vulnerability in the namefs Kernel module may result in Arbitrary Code Execution or a Denial of Service (DoS)
1019269.123798716-Sep-2008Manipulated Tag Files used with Solaris Text Editors May Lead to Execution of Arbitrary Code
1019285.123818419-Jan-2010Multiple Security Vulnerabilities in Sun Java ASP Server may lead to execution of Arbitrary Code or Unauthorized Access to Data
1019294.123825019-Jan-2010Denial of Service (DoS) Vulnerability in the Solaris e1000g(7D) Gigabit Ethernet Driver
1019295.123825119-Jan-2010A Security Vulnerability in samba(7) Domain logons may allow execution of Arbitrary code with Root privileges
1019300.123830501-Jun-2008Multiple Security Vulnerabilities in Flash Player for Solaris
1019305.123836519-Jan-2010A Security Vulnerability in rpc.ypupdated(1M) May Allow Execution of Arbitrary Code When Run in Insecure Mode
1019316.123841420-May-2010Security Vulnerability in Service Tag Registry May Allow Denial of Service
1019317.123841623-Dec-2008A Vulnerability in Access Manager 7.1 may Allow Unauthorized Access to Resources
1019327.123849219-Jan-2010Multiple Security Vulnerabilities in Solaris 10 Firefox may Allow Execution of Arbitrary Code and Access to Unauthorized Data
1019328.123849319-Jan-2010Security Vulnerability in inet_network() Library Routine May Allow Denial of Service (DoS) to Applications
1019338.123862819-Jan-2010Security Vulnerabilities in the Java Runtime Environment related to the processing of XML Data
1019342.123866619-Jan-2010A Security Vulnerability with the processing of fonts in the Java Runtime Environment may allow Elevation of Privileges
1019343.123868619-Jan-2010Multiple Security Vulnerabilities in the Solaris X Server Extensions May lead to a Denial of Service (DoS) Condition or Allow Execution of Arbitrary Code
1019344.123868719-Jan-2010Security Vulnerabilities in the Java Runtime Environment Scripting Language Support
1019345.123868819-Jan-2010Kernel Security Vulnerability on Solaris Systems Using the Sun UltraSPARC T2 and UltraSPARC T2+ Processors May Allow Denial of Service (DoS)
1019363.123886519-Jan-2010SNMPv3 Authentication Bypass Vulnerability in snmpd(1M)
1019367.123890519-Jan-2010Multiple Security Vulnerabilities in Java Web Start may allow Privileges to be Elevated
1019373.123896519-Jan-2010Security Vulnerability in Java Management Extensions (JMX)
1019374.123896619-Jan-2010Security Vulnerability in JDK/JRE Secure Static Versioning
1019375.123896719-Jan-2010Security Vulnerability in the Java Runtime Environment Virtual Machine may allow an untrusted Application or Applet to Elevate Privileges
1019376.123896824-Jan-2010Security Vulnerabilities in the Java Runtime Environment may allow Same Origin Policy to be Bypassed
1019380.123900619-Jan-2010Multiple Security Vulnerabilities in the FreeType2 library for Printer Font Binary (PFB) or TrueType Font (TTF) format font files may lead to a Denial of Service (DoS) or allow Execution of Arbitrary Code
1019395.123918626-Aug-2008A Security Vulnerability in Solaris 10 involving the sendfilev() system call could result in Denial of Service (DoS) due to System Panic
1019397.123918819-Jan-2009Security Vulnerability Relating to the posix_fallocate(3C) System Call May Lead to a Denial of Service (DoS)
1019406.123928631-Jul-2008Multiple Security Vulnerabilities in the Adobe Reader may lead to Execution of Arbitrary Code
1019409.123930814-Aug-2008Cross Site Scripting (XSS) Vulnerability in Sun Java System Portal Server's Portlets may Lead to Execution of Arbitrary Code
1019412.123931204-Sep-2008Security Vulnerabilities in Tomcat 4.0 Shipped with Solaris 9 and 10
1019415.123938704-Aug-2008Security Vulnerabilities in the Solaris Priority Inherited pthread mutex API May Result in a Denial of Service (DoS) Condition
1019420.123939220-Aug-2009Security Vulnerability in the DNS Protocol May Lead to DNS Cache Poisoning
1019430.123954619-Jan-2010Security Vulnerabilities in Thunderbird for Solaris May Result in Privilege Escalation or Cross-Site Scripting (XSS)
1019431.123956629-Jul-2008Security Vulnerability in Sun Java System Web Server 7.0 plugin for Sun N1 Service Provisioning System (SPS)
1019442.123972829-Jul-2008A Security Vulnerability in picld(1M) May Allow a Denial of Service to System Monitoring and System Services
1019452.123978529-Jul-2008Security Vulnerability in the System Management Agent (SMA) SNMP daemon (snmpd(1M))
1019460.123988627-Jan-2009Security Vulnerabilities in the Embedded Lights Out Manager (ELOM) on Sun Fire X2100 M2 and X2200 M2 May Allow Unauthorized Logins
1019464.123990829-Sep-2008Security Vulnerability in VERITAS (Symantec) NetBackup 6.0/6.5 GUI
1019470.123993027-Aug-2008Security Vulnerability in Firmware for T5220, T5140 and T5240 Systems May Allow a Denial of Service (DoS)
1019479.124004807-Aug-2008DUPLICATE of Sun Alert 239392 - Security Vulnerability in the DNS Protocol may lead to DNS Cache Poisoning
1019486.124008627-Jan-2009A Security Vulnerability in the Solaris ip(7P) Kernel Module's IP-in-IP Packet Processing May Lead to a Denial of Service (DoS)
1019492.124009519-Jan-2010A Security Vulnerability in 'VBoxDrv.sys' driver of Sun xVM VirtualBox 1.6 may lead to Arbitrary Code Execution or Denial of Service (DoS)
1019496.124009906-Aug-2008Security Vulnerability in Solaris Trusted Extensions Labeled Networking may lead to remote unauthorized access to the Global Zone (zones(5)) of the System
1019497.124010104-Aug-2008Security Vulnerability in Solaris snoop(1M) when Displaying SMB Traffic
1019499.124010610-Sep-2008Multiple Security Vulnerabilities in the Adobe Reader may lead to Execution of Arbitrary Code and Overwrite Arbitrary Files
1019510.124032712-Aug-2008A Security Vulnerability in the ftp Subsystem of Sun Java System Web Proxy Server 4.0 May Lead to a Denial of Service (DoS)
1019513.124036504-Dec-2008Security Vulnerability in Sun Ray Server Software May Compromise the Sun Ray Administration Password
1019522.124050619-Jan-2010Security Vulnerabilities in Sun Ray Server Software and Sun Ray Windows Connector May Compromise the Sun Ray Administration Password
1019524.124054617-Aug-2008Denial of Service Vulnerability in NFSv4 Client Kernel Module
1019535.124070627-Aug-2008Covert Channel Security Vulnerability in the Solaris Kernel
1019536.124070815-Sep-2008Multiple Security Vulnerabilities in rdesktop May Lead to Execution of Arbitrary Code or Denial of Service (DOS)
1019543.124086601-Sep-2008Security Vulnerability in Solaris 10 NFS Remote Procedure Calls (RPCs) May Allow a Denial of Service (DoS) or Data Integrity Issues for Non-Global Zones
1019556.124106626-Aug-2008A Security Vulnerability in the Solaris NFS Kernel Module May Lead to a System Panic, Resulting in a Denial of Service (DoS)
1019559.124112614-Dec-2008A Security Vulnerability in IPv4 Forwarding may Allow a Remote User to Panic the System
1019583.124164629-Apr-2009Security Vulnerability in GNU tar May Lead to Arbitrary Code Execution or Denial of Service (DoS)
1019585.124168614-Sep-2008A Security Vulnerability within the SunMC PRM Web Page may result in a Denial of Service (DoS)
1019589.124178611-Sep-2008A Security Vulnerability in the bzip2(1) command may lead to a Denial of Service (DoS)
1019601.124200604-Jan-2009A Security Vulnerability in the Solaris Name Service Cache Daemon (nscd(1M)) May Allow Unauthorized Access to Data and Escalation of Privileges
1019602.124202619-Jan-2010A Security Vulnerability in Sun Java System Access Manager May Allow a Remote Unprivileged User to Determine the Existence of "guessed" Usernames
1019607.124216611-Jan-2009Security Vulnerability in Sun Java System Access Manager May Allow Unauthorized Access Through Revealed Passwords
1019608.124218624-Jan-2010Cross-Site Scripting (XSS) Vulnerability in Sun Java Messaging Server
1019611.124224622-Oct-2008Security Vulnerability in the Search Feature of the Sun Java System LDAP JDK
1019612.124226608-Jan-2009Security Vulnerability in Solaris IP Tunnel Parameter Processing May Lead to a System Panic or Possible Execution of Arbitrary Code by Unprivileged Users
1019613.124226702-Jun-2009Security Vulnerability in the ACL (acl(2)) Implementation for UFS File Systems May Allow a Local User to Panic the System
1019619.124238620-May-2010This Alert covers CVE-2010-0890 for the kernel component of the Solaris and OpenSolaris products.
1019623.124248609-Mar-2009Multiple Security Issues in the Doors Kernel Functionality
1019632.124262716-Jul-2009Security Vulnerability in StarOffice Related to .wmf Files May Lead to Heap Overflows and Arbitrary Code Execution
1019643.124280612-Nov-2008A Security Vulnerability in the Solaris Socket(3SOCKET) Function May Allow Unprivileged Users to Panic the System
1019652.124298626-Aug-2010A Heap Overflow Security Vulnerability in the Sun Java Web Proxy Server
1019658.124310606-Nov-2008Security Vulnerability in Solstice X.25 May Allow Denial of Service (DoS)
1019663.124322616-Jul-2009Security Vulnerability in StarOffice/StarSuite Related to EMF Files May Lead to Heap Overflows and Arbitrary Code Execution
1019669.124338619-Jan-2010Multiple Security Vulnerabilities in Sun Java System Identity Manager
1019673.124348609-Nov-2008A Security Vulnerability in the Sun Integrated Lights-Out Manager (ILOM) may Allow Unauthorized Access Through the Web Interface
1019677.124356611-Dec-2008Security Vulnerability in the X Inter Client Exchange Library (libICE) Shipped With Solaris May Allow a Denial of Service (DoS)
1019678.124360619-Jan-2010A Security Vulnerability in the Logical Domains (LDoms) Manager May Allow Unauthorized System Access and Escalation of Privileges
1019686.124378601-Dec-2008Security Vulnerability in the Sun Java Web Console May Allow Unauthorized Redirection
1019687.124380606-Nov-2008Security Vulnerabilities in DHCP Handling of DHCP Requests May Allow Remote Users to Execute Arbitrary Code or Cause a Denial of the DHCP Service
1019689.124388604-Dec-2008Security Vulnerability Related to Sun Java System Portal Server May Allow Information Disclosure
1019696.124402604-Feb-2009Security Vulnerability in the Process File System (proc(4)) Relating to Contract File System (contract(4)) Interaction May Lead to a System Panic or Possible Execution of Arbitrary Code by Unprivileged Users
1019731.124482619-Jan-2010A Security Vulnerability in the Sun System Firmware on Certain SPARC Systems May Allow Unauthorized Data Access
1019733.124486610-Dec-2008A Security Vulnerability in the Management of Solaris Kerberos (see kerberos(5)) may Lead to a User Denial of Service (DoS) Attack
1019736.124498619-Jan-2010The Java Runtime Environment Creates Temporary Files That Have "Guessable" File Names
1019737.124498719-Jan-2010Java Runtime Environment (JRE) Buffer Overflow Vulnerabilities in Processing Image Files and Fonts May Allow Applets or Java Web Start Applications to Elevate Their Privileges
1019738.124498819-Jan-2010Multiple Security Vulnerabilities in Java Web Start and Java Plug-in May Allow Privilege Escalation
1019739.124498919-Jan-2010The Java Runtime Environment (JRE) "Java Update" Mechanism Does Not Check the Digital Signature of the JRE that it Downloads
1019740.124499019-Jan-2010A Buffer Overflow Vulnerability in the Java Runtime Environment (JRE) May Allow Privileges to be Escalated
1019741.124499119-Jan-2010A Security Vulnerability in the Java Runtime Environment (JRE) Related to Deserializing Calendar Objects May Allow Privileges to be Escalated
1019742.124499219-Jan-2010A Buffer Overflow Vulnerability in the Java Runtime Environment (JRE) "Unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges
1019756.124520610-Nov-2008Security Vulnerability in Solaris IP Filter Network Address Translation (NAT) May Lead to DNS Cache Poisoning
1019759.124524620-Jan-2010The Java Runtime Environment UTF-8 Decoder May Allow Multiple Representations of UTF-8 Input
1019765.124544619-Jan-2010A Security Vulnerability in Sun Java System Application Server May Expose an Application's WEB-INF and META-INF Content
1019777.124580621-May-2009A Buffer Overflow Security Vulnerability in the Solaris sadmind(1M) Daemon May Lead to Execution of Arbitrary Code
1019779.124584613-Nov-2008A Security Vulnerability in the Solaris i915 DRM Driver May Cause a Kernel Panic
1019793.124626620-Jan-2010Security Vulnerability in Java Runtime Environment May Allow Applets to List the Contents of the Current User's Home Directory
1019794.124628620-Jan-2010Security Vulnerability in the Java Runtime Environment With Processing RSA Public Keys
1019797.124634603-Feb-2010A Security Vulnerability in Java Runtime Environment (JRE) With Authenticating Users Through Kerberos May Lead to a Denial of Service (DoS)
1019798.124636620-Jan-2010Security Vulnerabilities in the Java Runtime Environment (JRE) JAX-WS and JAXB Packages may Allow Privileges to be Escalated
1019799.124638620-Jan-2010A Security Vulnerability in Java Runtime Environment (JRE) With Parsing of Zip Files May Allow Reading of Arbitrary Memory Locations
1019800.124638720-Jan-2010A Security Vulnerability in the Java Runtime Environment may Allow Code Loaded From the Local Filesystem to Access LocalHost
1019814.124674606-Jul-2010An IP(7P) Spoofing Security Vulnerability in Mid-range Sun Fire Server's Firmware May Allow Unauthorized Access to System Controllers
1019819.124684602-Dec-2008A Security Vulnerability in the OpenSSL PKCS#11 Engine May Result in Denial of Service (DoS) Due to a Corrupted Session Cache
1019828.124704603-Mar-2009Cross Site Scripting (XSS) Vulnerability in Sun Management Center (SunMC) Performance Reporting Module
1019833.124718601-Apr-2009A Security Vulnerability in Solaris Secure Shell (SSH) May Expose Some Plain Text From Encrypted Traffic
1019839.124732619-Jan-2010Insecure Temporary File Creation Security Vulnerability in Sun xVM VirtualBox
1019840.124734614-Jan-2009A Security Vulnerability in the libxml2 Library May Lead to Denial of Service (DoS)
1019842.124738605-Nov-2010Part II - Multiple Printing Regressions in Solaris 10 Kernel Patches 127127-11 and 127128-11
1019843.124740620-Apr-2009Security Vulnerability with IKE Packet Handling in Solaris libike Library may Lead to a Crash of in.iked(1M)
1019851.124756620-May-2010Buffer Overflow Vulnerabilities in Sun Java Wireless Toolkit for CLDC may Allow an Application to Escalate Privileges
1019856.124766616-Dec-2008Security Vulnerabilities in the Apache 2.0 "mod_proxy_http" and "mod_proxy_ftp" Modules may Lead to Denial of Service (DoS) or Cross Site Scripting (XSS)
1019873.124798611-Jan-2009Security Vulnerability in aio_suspend(3RT) May Lead to a System Panic, Resulting in a Denial of Service (DoS)
1019875.124802629-Jan-2009Security Vulnerability in the Solaris IP(7p) Implementation, Related to Minor Number Allocation, may Lead to a Denial of Service (DoS) Condition
1019892.124838631-Aug-2009Security vulnerability in Solaris Related to the Apache 1.3 mod_perl(3) Module Component "PerlRun.pm" may Lead to Denial of Service (DoS)
1019901.124852611-Jan-2009A Security Vulnerability in the vncviewer(1) RFB Protocol Validation May Allow Execution of Arbitrary Code and Lead to a Denial of Service (DoS)
1019903.124856604-Jan-2009A Security Vulnerability in the NFS Version 4 Client Within Solaris May Lead to a System Panic
1019904.124858611-Jan-2009Multiple Security Vulnerabilities in the Flash Player Plugin for Solaris
1019907.124864623-Dec-2008Insecure Temporary File Usage Vulnerability in Sun SNMP Management Agent
1019908.124866620-May-2010This Alert Covers CVE-2010-0891 for the Sun Management Center Product
1019923.124908611-Jan-2009Security Vulnerability in samba(7) Specially Crafted Packet May Allow Execution of Arbitrary Code With Root Privileges
1019924.124908701-Feb-2009Security Vulnerability in samba(7) Specially Crafted Packet May Expose Arbitrary Buffer of Data
1019925.124910611-Jan-2009A Security Vulnerability in Sun Java System Access Manager May Allow Privilege Escalation of Sub-Realm Administrators
1019926.124912620-Jan-2009Incorrect Software Setting Prior to Shipping on Certain Sun SPARC M4000/M5000 Servers May Allow Unauthorized Access
1019927.124914605-May-2009The Solaris rpc.metad(1M) Daemon is Vulnerable to a Denial of Service (DoS) Attack
1019934.124930612-Jan-2009Security Vulnerabilities in the Solaris lpadmin(1M) and ppdmgr(1M) Utilities May Lead to a Denial of Service (DoS) Condition
1019937.124936602-Apr-2009Multiple Security Vulnerabilities in the Adobe Reader May Lead to Execution of Arbitrary Code
1019948.124958621-Jan-2009Security Vulnerability in the Solaris Pseudo-terminal Driver (pty(7D)) may Cause a System Panic
1019951.124964621-Sep-2009A Security Vulnerability in xscreensaver(1) May Display Portions of a Locked Desktop if the Screen is Resized
1019965.124992615-Mar-2009A Security Vulnerability in Kerberos Incremental Propagation May Lead to a Denial of Service (DoS) Against Slave KDC Systems
1019967.124996601-Feb-2009Security Vulnerability in the Solaris "autofs" Kernel Module may Allow a Local Unprivileged User to Execute Arbitrary Code
1019972.125006623-Mar-2009A Solaris Kernel Security Vulnerability on Systems Using the Sun UltraSPARC T2 and T2+ Processors May Allow Denial of Service (DoS)
1019973.125008619-Jan-2010A Security Vulnerability in Sun Java System Directory Server May Allow Specific Requests to Crash the Directory Server Causing a Denial of Service (DoS)
1019986.125030608-Mar-2009A Security Vulnerability in the Solaris NFS Daemon (nfsd(1M)) May Allow Unauthorized Access to Data
1020011.125082614-Apr-2009Security Vulnerability in OpenSSL due to Improper Usage of Signature
1020012.125084612-Mar-2009Security Vulnerability in Solaris BIND named(1M) due to Incorrect DNSSEC Signature Verification
1020022.125100602-Apr-2009A Security Vulnerability in Solaris IPv6 Implementation (ip6(7p)) May Cause a System Panic
1020026.125108611-Feb-2009A Security Vulnerability in the Sun Java System Server, Related to the Directory Proxy Server, May Lead to a Denial of Service (DoS) Condition
1020044.125140608-Feb-2009Security Vulnerabilities in the libxml2 Library Routines xmlBufferResize() and xmlSAX2Characters() May Lead to Arbitrary Code Execution or Denial of Service (DoS)
1020086.125198624-Feb-2009Security Vulnerabilities in Tomcat 5.5 may Lead to Cross Site Scripting (XSS) or Directory Traversal
1020099.125222614-Jul-2009A Security Vulnerability in Sun Ray Server Software may Allow Unauthorized Manipulation of Sessions
1020111.125246905-Mar-2009Denial of Service (DoS) Vulnerability in NFSv4 Server Kernel Module
1020129.125276720-May-2009A Security Vulnerability in the Solaris Kerberos PAM Module May Allow Use of a User Specified Kerberos Configuration File, Leading to Escalation of Privileges
1020130.125278728-Jul-2009A Security Vulnerability in Solaris Kerberos Credential Management May Lead to Unauthorized Access of Kerberized NFS Mount Points
1020159.125326719-Jan-2010Sun Java System Identity Manager Security Vulnerabilities
1020160.125328715-Apr-2009Security Vulnerability in the VERITAS (Symantec) NetBackup Network Daemon may Allow Escalation of Privileges
1020168.125346831-Mar-2009A Security Vulnerability in the Solaris dircmp(1) Shell Script may Allow Overwriting of Arbitrary Files
1020172.125356812-Mar-2009Security Vulnerability in the Solaris keysock Kernel Module may Lead to a System Panic
1020173.125358829-Mar-2009Security Vulnerability in the Solaris NFS Server Security Modes (nfssec(5)) may Lead to Unauthorized Access to Shared Resources
1020175.125360814-Jul-2009A Security Vulnerability in the Solaris SCTP Packet Processing may Lead to a System Panic Resulting in a Denial of Service (DoS)
1020190.125388914-Jul-2009Two Security Vulnerabilities in Sun Ray Server Software 4.0 on Systems with Trusted Extensions Enabled May Allow either a Denial of Service (DoS) of the Audio Service or Unauthorized Access to Other Users' Sessions
1020200.125408803-Mar-2009A Security Vulnerability With the Solaris Crypto Driver May Cause a System Panic
1020206.125420804-Mar-2009A Security Vulnerability in the xterm(1) program Delivered With OpenSolaris Involving the Parsing of Device Control Request Status String (DECRQSS) Sequences May Lead to Execution of Arbitrary Code
1020223.125456820-Jan-2010Security Vulnerability in Sun xVM VirtualBox for the Linux Platform may Lead to Escalation of Privileges
1020224.125456920-Jan-2010Security Vulnerabilities in the Java Runtime Environment (JRE) LDAP Implementation may Allow a Denial of Service (DoS) and Malicious Code to be Executed
1020225.125457020-Jan-2010Integer and Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) "unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges
1020226.125457120-Jan-2010Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) with Processing Image Files and Fonts may Allow Privileges to be Escalated
1020228.125460819-Jan-2010Security Vulnerabilities in the Java Runtime Environment (JRE) With Storing and Processing Font Files May Allow Denial of Service (DOS)
1020229.125460919-Jan-2010A Security Vulnerability in the Java Runtime Environment (JRE) HTTP Server Implementation May Allow a Denial of Service (DoS) Condition on a JAX-WS Service Endpoint
1020230.125461019-Jan-2010A Security Vulnerability in the Java Runtime Environment (JRE) Virtual Machine With Code Generation May Allow Escalation of Privileges
1020231.125461119-Jan-2010Multiple Security Vulnerabilities in Java Plug-in May Allow Privileges to be Escalated
1020232.125462815-Mar-2009Security Vulnerabilities in the UFS File System Relating to ufs_getpage() and ufs_putpage() Routines May Allow a Local User to Hang or Panic the System
1020254.125490905-Apr-2009Multiple Security Vulnerabilities in the Adobe Flash Player for Solaris 10 (Adobe Security Bulletin APSB09-01)
1020258.125500805-Apr-2009Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS)
1020273.125530826-Aug-2009A Security Vulnerability May Allow Popup Windows to Appear Through the Solaris XScreenSaver Program
1020287.125560825-Mar-2009A Security Vulnerability in OpenSolaris may Allow a Privileged User Inside a non-global Zone to Execute Arbitrary Code Within a Global Zone
1020302.125584819-Jan-2010A Security Vulnerability in the Sun Java System Directory Server May Allow Users to Probe for Filenames and View Limited Content of Files
1020305.125592820-May-2010Security Vulnerability with HTTP Response Splitting in Sun Java System Delegated Administrator
1020307.125596803-Jan-2010Security Vulnerability in Sun Java System Access Manager May Provide Security Information to the Wrong Client
1020321.125622820-Jan-2010Cross-Site Scripting (XSS) Vulnerability in Sun Java System Calendar Server
1020330.125640806-Apr-2009Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to Unauthorized Data
1020343.125656820-Jan-2010Cross-Site Scripting (XSS) Security Vulnerability in the Sun Java System Access Manager Cross-Domain Controller (CDC)
1020344.125658819-Jan-2010A Cross-Site Scripting (XSS) Vulnerability in Sun Java System Portal Server's Error Page May Lead to Execution of Arbitrary Code
1020348.125666819-Jan-2010A Security Vulnerability in Sun Java System Access Manager May Disclose Confidential Information
1020355.125672802-Aug-2009Multiple Security Vulnerabilities in the Solaris Kerberos 'Mech' Libraries May Lead To Execution of Arbitrary Code, Unauthorized Access to Data or a Denial of Service (DoS) Condition
1020356.125674808-Jun-2009A Security Vulnerability in the Solaris rpc.nisd(1M) Daemon may Cause a Denial of Service (DoS) Condition to a NIS+ Server
1020358.125678828-Jun-2009Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause a Denial of Service (DoS) (Adobe Security Bulletin APSB09-04)
1020369.125700801-Sep-2009Security Vulnerability with the Solaris IPv4 Networking Stack Involving the Cassini Gigabit-Ethernet Device Driver and Jumbo Frames
1020386.125732913-Aug-2009A Security Vulnerability in Certain System Board Firmware Revisions of Sun Fire V215 Servers with XVR-100 Graphic Cards may Allow an Unprivileged User to Panic the System
1020388.125733119-Apr-2009Security Vulnerability in OpenSolaris SCTP Sockets May Allow Unprivileged Users to Panic the System
1020395.125754809-Jun-2009A Security Vulnerability in OpenSolaris smbfs(7FS) may Expose Data to Unauthorized Users
1020403.125770804-Jun-2009Security Vulnerabilities in DTrace (dtrace(1M)) ioctl(2) Handlers May Lead to a Denial of Service (DoS) Condition
1020411.125784816-Aug-2009Security Vulnerability in the Solaris Kernel Involving the Interaction of the Filesystem and Virtual Memory Subsystems
1020420.125798813-May-2009Security Vulnerability in Solaris 9 fstat(2) System Call May Lead to a System Panic, Resulting in a Denial of Service (DoS)
1020423.125804806-Jul-2010A Security Vulnerability in the ASN.1 Handling in Solaris OpenSSL May Lead to a Denial of Service (DoS) Condition
1020424.125806819-May-2009Cross-Site Scripting (XSS) Vulnerability in Sun Java System Communications Express
1020442.125850822-Jul-2009A Security Vulnerability in the Sun Java System Access Manager Policy Agent May Result in a Denial of Service (DoS) to Web Proxy Server 4.0
1020443.125852819-Jan-2010Multiple Security Vulnerabilities in Sun GlassFish Enterprise Server 2.1 (formerly Sun Java System Application Server 9.1UR2) May Lead to a Denial of Service (DoS) Condition or Execution of JavaScript Code
1020445.125858820-Jan-2010Security Vulnerability in the Solaris sendfile(3EXT) and sendfilev(3EXT) Extended Library Functions may Result in a Denial of Service (DoS) Condition due to a System Panic
1020452.125874819-Jan-2010Multiple Security Vulnerabilities in Mozilla Thunderbird Versions Prior to 2.0.0.19 May Allow Execution of Arbitrary Code or Unauthorized Access to Data
1020455.125880820-Jan-2010Security Vulnerability in PostgreSQL Shipped with Solaris may Allow a Denial of Service (DoS)
1020456.125882817-Jun-2009A Memory Leak in the Solaris Ultra-SPARC T2 crypto provider device driver (n2cp(7D)) may Result in Denial of Service (DoS) to the System as a Whole
1020461.125888805-Jul-2009A Security Vulnerability Involving the OpenSolaris Process File System (proc(4)) May Allow an Unprivileged Local User to Panic the System
1020463.125892824-Jan-2010A Security Vulnerability May Allow Popup Windows to Appear Through the Solaris XScreenSaver Program on Xorg(1) Servers
1020468.125902801-Sep-2009Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS)
1020474.125914828-Jul-2009Security Vulnerability in the Solaris Simple Authentication and Security Layer (SASL) Library (see libsasl(3LIB)) Routine sasl_encode64(3SASL) may Allow Unprivileged Users to Crash Applications Using this Function
1020486.125938810-Aug-2009A Security Vulnerability Involving xscreensaver(1) and Assistive Technology Support May Allow an Unauthorized User to Access the System
1020487.125940820-May-2009A Security Vulnerability in the Solaris Secure Digital Slot Driver (sdhost(7D)) May Allow Corruption of Kernel Memory and Memory Card Contents
1020498.125946821-May-2009Multiple Vulnerabilities in the Solaris 8 and 9 sadmind(1M) Daemon May Lead to Arbitrary Code Execution
1020504.125958802-Jun-2009Cross-Site Scripting (XSS) Vulnerability in the Sun Java System Web Server 6.1 Reverse Proxy Plug-in
1020521.125998910-Nov-2010Security Vulnerability in Solaris libpng(3) May Allow Denial of Service (DoS) or Privilege Escalation
1020542.126044917-Jun-2009Two Race Condition Vulnerabilities in the Solaris Event Port API May Allow Local Users to Panic the System, Causing a Denial of Service (DoS)
1020546.126050804-Jun-2009A Security Vulnerability in idmap(1M) of OpenSolaris may Allow a Denial of the CIFS (Common Internet File System) Service (DoS)
1020547.126052809-Jun-2009Security Vulnerability in the GnuTLS (libgnutls(3)) Library Certificate Chain Validation
1020570.126095114-Jul-2009A Security Vulnerability in the Solaris IP Filter (ipf(5)) May Lead to a Denial of Service (DoS) Condition
1020578.126108809-Jun-2009Multiple Security Vulnerabilities in Common UNIX Printing System (CUPS) May Allow a Remote User to Execute Arbitrary Code
1020599.126140820-May-2010Security Vulnerability in Lightweight Availability Collection Tool May Allow Unprivileged User to Overwrite Files
1020611.126168805-Aug-2009A Security Vulnerability in OpenSSO Enterprise and Sun Java System Access Manager May Cause Denial of Service (DoS)
1020621.126184920-Sep-2009A Security Vulnerability in the Solaris iSCSI Management Commands (iscsiadm(1M) and iscsitadm(1M)) may Allow Privilege Escalation
1020634.126204805-Jul-2009A patch regression in Solaris Kernel udp(7p) may Cause Certain Trusted Configurations of Solaris to Panic or Become Vulnerable to Triggered Panics Resulting in a Denial of Service (DoS)
1020636.126208824-Jun-2009Security Vulnerability in the Solaris auditconfig(3M) Command May Allow Users With an Associated RBAC Profile to Gain Elevated Privileges
1020647.126228813-Sep-2009Multiple Security Vulnerabilities in Solaris Ghostscript (GS(1)) May lead to Denial of Service (DoS) or Execution of Arbitrary Code
1020658.126240822-Jun-2009Security Vulnerability in the Solaris IP(7P) Multicast Reception May Lead to a Denial of Service (DoS) Condition
1020659.126242821-May-2010Cross-site Scripting (XSS) Security Vulnerability in Sun Java Web Console May Allow Execution of Arbitrary Code
1020661.126246824-Jun-2009Security Vulnerability in the Apache 1.3 "mod_jk" Module may Lead to Unauthorized Access to Data
1020673.126266829-Jun-2009Security Vulnerability in the Solaris Network File System Version 4 (NFSv4) 'nfs_portmon' Tunable May Allow Unauthorized Network Access
1020675.126270824-Jun-2009Security Vulnerability in the Virtual Network Terminal Server Daemon (vntsd(1M)) for Logical Domains (LDoms) May Allow Unauthorized Access to Guest Domain Console
1020679.126278814-Jul-2009Security Vulnerability in Solaris NFSv4 Kernel Module May Panic an NFSv4 Client System
1020685.126290807-Sep-2009Security Vulnerability in the SNMP daemon (snmpd(1M)) May Lead to a Denial of Service (DoS) Condition
1020706.126338810-Nov-2009Security Vulnerabilities in Solaris IP(7P) Module and STREAMS Framework May Lead to a Denial of Service (DoS) Condition
1020707.126340820-Jan-2010A Security Vulnerability in the Java Runtime Environment Audio System may Allow System Properties to be Accessed
1020708.126340920-Jan-2010Security Vulnerabilities With the Proxy Mechanism Implementation in the Java Runtime Environment (JRE) may Lead to Escalation of Privileges
1020709.126342820-Jan-2010Integer Overflow Vulnerability in the Java Runtime Environment When Parsing JPEG Images
1020710.126342920-Jan-2010A Security Vulnerability With Verifying HMAC-based XML Digital Signatures in the XML Digital Signature Implementation Included With the Java Runtime Environment (JRE) may Allow Authentication to be Bypassed
1020712.126348819-Jan-2010Integer Overflow Vulnerability in the Java Runtime Environment (JRE) "Unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges
1020713.126348919-Jan-2010A Security Vulnerability in the Java Runtime Environment (JRE) With Parsing XML Data May Allow a Remote Client to Create a Denial of Service (DoS) Condition
1020714.126349019-Jan-2010JDK and JRE Blacklist Entry for JNLPAppletLauncher Vulnerability
1020715.126350819-Jan-2010Security Vulnerability in StarOffice/StarSuite Related to Microsoft Word Document Handling may Lead to Arbitrary Code Execution
1020717.126352908-Oct-2009Security Vulnerabilities in Solaris Bundled Tomcat May Lead to Unauthorized Access to Data or Denial of Service (DoS)
1020726.126368920-May-2010This Alert covers CVE-2010-0882 for the Trusted Extensions component of the Solaris and OpenSolaris products.
1020746.126404821-Apr-2010Security Vulnerability in the Solaris XScreenSaver (xscreensaver(1)) Program May Allow Unauthorized Access to Sensitive Information
1020755.126424820-May-2010Security Vulnerability in the Simple Authentication and Security Layer (SASL) Library Bundled with the Java Enterprise System (JES) may Allow Unprivileged Users to Crash Applications Using the sasl_encode64 Function
1020757.126430828-Jul-2009Multiple Security Vulnerabilities in Firefox Versions Prior to 3.5b4 May Allow Execution of Arbitrary Code or Access to Unauthorized Data
1020765.126442819-Jan-2010Security Vulnerability in Solaris Auditing Related to Extended File Attributes May Allow Local Unprivileged Users to Panic the System
1020766.126442919-Jan-2010Race Condition Security Vulnerability in Solaris Auditing Related to Extended File Attributes May Allow Local Unprivileged Users to Panic the System
1020773.126460824-Aug-2009A Security Vulnerability in the Solaris Print Service (in.lpd(1M)) May Lead to a Denial of Service (DoS) Condition
1020775.126464819-Jan-2010Security Vulnerability in the Active Template Library in Various Releases of Microsoft Visual Studio Used by the Java Web Start ActiveX Control May Be Leveraged to Execute Arbitrary Code
1020780.126473002-Dec-2009A Security Vulnerability in Solaris Sockets Direct Protocol (SDP) Driver (sdp(7D)) may Allow Users to Exhaust Kernel Memory
1020787.126480828-Jul-2009Security Vulnerability in Solaris Trusted Extensions Involving the Parsing of Labeled Packets May Result in Denial of Service (DoS)
1020788.126482824-Jan-2010A Security Vulnerability in Solaris BIND named(1M) Due to Insufficient Input Validation of Dynamic Update Requests Can Lead to Denial of Service (DoS)
1020798.126503011-Aug-2009Multiple Security Vulnerabilities in libtiff(3) Handling of CODE_CLEAR Code
1020800.126506820-May-2010Multiple Security Vulnerabilities in Firefox Versions Prior to 3.5 May Allow Execution of Arbitrary Code or Access to Unauthorized Data
1020811.126524820-Aug-2009Security Vulnerability in Solaris pollwakeup(9F) May Allow an Unprivileged User to Panic the System
1020812.126526819-Jan-2010Security Vulnerability in Sun VirtualBox May Lead to Denial of Service (DoS)
1020815.126532906-Aug-2009Security Vulnerabilities in Sun Java System Access Manager Policy Agent 2.2 (Web Agents) May Cause Denial of Service (DoS)
1020816.126533031-Aug-2009Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS) (Adobe Security Bulletin APSB09-07)
1020824.126548814-May-2010A Security Vulnerability in Sun Virtual Desktop Infrastructure (VDI) Software 3.0 may Lead to Inadvertent use of an Insecure LDAP Connection
1020829.126560816-Jun-2010Security Vulnerability with the Solaris IPv6 Networking Stack Involving the Cassini Gigabit-Ethernet Device Driver and Jumbo Frames
1020841.126580819-Aug-2009Multiple Integer Overflow Vulnerabilities in the libtiff(3) Image Conversion Tools 'tiff2rgba' and 'rgb2ycbcr' May Lead to Arbitrary Code Execution
1020844.126588809-Sep-2009Security Vulnerability in Solaris sockfs Related to HTTP Request Handling May Allow Remote Users to Panic Web Servers Resulting in a Denial of Service (DoS)
1020845.126590813-Dec-2009A Security Vulnerability in the ZFS Filesystem May Allow An Unprivileged User to Take Ownership of Files Belonging to Another User
1020855.126608819-Jan-2010Security Vulnerability in StarOffice/StarSuite 8 and 9 Related to XML Document Processing may Lead to Arbitrary Code Execution
1020856.126610830-Aug-2009Multiple Security Vulnerabilities in the Flash Player for Solaris 10 (Adobe Security Bulletin APSB09-10)
1020858.126614820-Aug-2009Multiple Security Vulnerabilities in Firefox Versions Prior to 3.5.2 May Allow Execution of Arbitrary Code or Application Crash
1020861.126622808-Sep-2009Security Vulnerability in lx Branded Zones May Result in Denial of Service (DoS)
1020866.126634801-Nov-2009Security Vulnerability in the w(1) Utility may Lead to Execution of Arbitrary Code
1020868.126638803-Nov-2009Security Vulnerability in Solaris SCTP (Stream Control Transmission Protocol (see sctp(7P)) and SDP (Sockets Direct Protocol driver (see sdp(7D)) sockets May Allow Unprivileged Users to Cause a Denial of Service (DoS) …
1020871.126642801-Dec-2009Multiple Security Vulnerabilities in the XML Library (see libxml2(3)) Bundled With Sun Management Center (SunMC) May Result in Arbitrary Code Execution or a Denial of Service (DoS)
1020872.126642928-Sep-2010A Security Vulnerability in the Sun Java System Web Server Related to Handling of Dynamic Content May Lead to Unauthorized Information Disclosure
1020876.126648809-Nov-2009Security Vulnerability in Solaris TCP sockets May Allow Unprivileged Users to Cause a Denial of Service (DoS) Condition
1020887.126668828-Sep-2009Security Vulnerabilities in libxml2 Library Related to Parsing of Element Declarations, Notation and Enumeration Attribute Types may Lead to a Denial of Service (DoS)
1020896.126690814-Dec-2009Security vulnerability in Solaris Pidgin (see pidgin(1)), Versions Prior to 2.5.9 may Lead to Execution of Arbitrary Code or a Denial of Service (DoS) Condition
1020905.126703112-Oct-2009Heap Overflow in a Regular Expression Parser in Network Security Services (NSS) may Affect SSL Clients (CVE-2009-2404)
1020909.126708818-Jan-2010Multiple Security Vulnerabilities in Solaris TCP (see tcp(7P)) Implementation May Lead to a Denial of Service (DoS) Condition
1020912.126714821-Sep-2009A Security Vulnerability in Solaris Cluster 3.2 Configuration Utility (clsetup(1CL)) may Lead to Escalation of Privileges
1020930.126748822-Sep-2009Security Vulnerabilities in Solaris Trusted Extensions Common Desktop Environment (CDE) may allow Privilege Escalation or Mandatory Access Control (MAC) Policy Violation
1020933.126754821-Dec-2009Security Vulnerability in the Sun Ray Server Software Authentication Manager May Allow a Denial of Service (DoS)
1020934.126756819-May-2010This Alert Covers CVE-2010-0894 for the Sun Java System Access Manager Product
1020936.126762828-Sep-2009Security Vulnerability in Samba (SAMBA(7)) May Allow Unauthorized Changes to Access Control Lists (ACL)
1020945.126780805-Oct-2009Buffer Underflow Vulnerability in the Solaris Tag Image File Format Library libtiff(3) may Lead to a Denial of Service (DoS) Condition
1020966.126818819-Jan-2010Security Vulnerability in the VBoxNetAdpCtl Configuration Tool for Sun VirtualBox May Lead to Escalation of Privileges
1020967.126818903-Dec-2009Security Vulnerability in the Solaris IP(7p) Kernel Module May Allow Remote Users to Panic the System, Resulting in a Denial of Service (DoS)
1020969.126822809-Dec-2009Vulnerability in Sun Ray Server Software due to Logout Failure
1020972.126828819-Oct-2009A Regression in the Solaris 10 Gnome-XScreenSaver (see xscreensaver(1)) may Allow Pop-up Windows to Appear through XScreenSaver when the Accessibility Feature is On
1020974.126832814-May-2010A Security Vulnerability in Sun Virtual Desktop Infrastructure (VDI) Software 3.0 may Lead to Unauthorized Access to the VirtualBox Web Service
1020980.126844812-Oct-2009Multiple Security Vulnerabilities in Firefox Versions Before 3.5.3 May Allow Execution of Arbitrary Code, Access to Unauthorized Data, or Denial of Service (DoS)
1021007.126900812-Oct-2009Multiple Security Vulnerabilities in the JBIG2 Decoder in the OpenSolaris GNOME PDF Viewer may Lead to Execution of Arbitrary Code
1021017.126920828-Oct-2009A Security Vulnerability With Verifying HMAC-based XML Digital Signatures in the XML Digital Signature Implementation Included With the Sun GlassFish Enterprise Server v2.1 may Allow Authentication to be Bypassed
1021023.126936819-Jan-2010Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Portal Server's Gateway May Lead to Execution of Arbitrary Code
1021030.126946820-Jan-2010Security Vulnerability in Mozilla Thunderbird Related to SSL Certificates May Cause Arbitrary Code Execution
1021043.126978809-Nov-2009Security Vulnerability in Solaris libpng(3) May Allow a Remote User to Disclose Potentially Sensitive Information from Applications Linked to libpng(3)
1021046.126986819-Jan-2010The Java Update Mechanism on Non-English Versions Does Not Update the JRE When a New Version is Available
1021047.126986919-Jan-2010Command Execution Vulnerability in the Java Runtime Environment Deployment Toolkit May be Leveraged to Execute Arbitrary Code
1021048.126987019-Jan-2010Security Vulnerability in the Java Web Start Installer May be Leveraged to Allow Untrusted Java Web Start Application to Run As Trusted Application
1021068.127026821-Oct-2010Multiple Integer Overflow Vulnerabilities in the FreeType 2 Font Engine May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code
1021076.127040802-Nov-2009Security Vulnerabilities in PostgreSQL Shipped with Solaris may Allow a Denial of Service (DoS) or Privilege Escalation
1021082.127047420-Jan-2010Buffer and Integer Overflow Vulnerabilities in the Java Runtime Environment With Processing Audio and Image Files May Allow Privileges to be Escalated
1021083.127047520-Jan-2010A Security Vulnerability in the Java Runtime Environment With Verifying HMAC Digests may Allow Authentication to be Bypassed
1021084.127047620-Jan-2010Two Security Vulnerabilities in the Java Runtime Environment With Decoding DER Encoded Data and Parsing HTTP Headers may Result in a Denial of Service (DoS)
1021089.127054908-Dec-2009A Security Vulnerability in the Generation of Encryption Keys for Sun Ray Firmware
1021093.127066929-Nov-2009Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS) - Adobe Security Bulletin APSB09-15
1021100.127078919-Jan-2010Directory Proxy Server Provided with Directory Server Enterprise Edition 6 is Subject to Denial of Service (DoS) and May Allow Unauthorized Access to Certain Data
1021101.127080928-Oct-2009Security Vulnerability in Solaris Trusted Extensions may Prevent XScreenSaver (xscreensaver(1)) From Running
1021107.127096925-Oct-2009A Security Weakness in Solaris Trusted Extensions May Facilitate Privilege Escalation
1021111.127106910-Feb-2010Two Security Vulnerabilities in SAMBA(7) May Allow Unauthorized Access to the Remote Root Filesystem or May Lead to a Denial of Service (DoS) Condition
1021114.127114903-Dec-2009Security Vulnerability in VirtualBox Guest Additions May Lead to Denial of Service against the Virtual Machine
1021115.127116901-Mar-2010Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS) Web Interface in OpenSolaris May Lead to Cross-Site Scripting (XSS) and HTTP Response Splitting Attacks
1021506.127220919-Jan-2010A Security Vulnerability in the Java Runtime Environment (JRE) Bundled With Sun GlassFish Enterprise Server v2.1 / Sun Java System Application Server 8.x While Parsing XML Data May Cause a Denial of Service (DoS)
1021508.127223011-Mar-2010Security Vulnerabilities in the Apache 2 "mod_perl2" Module Components "PerlRun.pm" and "Status.pm" May Lead to Denial of Service (DoS) or Unauthorized Access to Data
1021575.127248910-Jan-2010Security Vulnerability in the OSCAR Protocol Plugin for pidgin(1) may Lead to a Denial of Service (DoS) Condition
1021628.127262919-Jan-2010Security Vulnerability in the Timeout Mechanism of Solaris sshd(1M) may Lead to a Denial of Service (DoS)
1021645.127290923-Nov-2009Multiple Security Vulnerabilities in Firefox Versions Before 3.5.5 May Allow Execution of Arbitrary Code or Unauthorized Access to Certain Data
1021653.127302922-Jun-2010Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Involving Handshake Renegotiation Affects OpenSSL
1021660.127316922-Jun-2010Security Vulnerability in BIND DNS Software Shipped With Solaris May Allow DNS Cache Poisoning
1021671.127335011-Jan-2010Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Involving Handshake Renegotiation Affects Applications Utilizing Network Security Services (NSS)
1021680.127355118-Oct-2010Two Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a Denial of Service (DoS)
1021682.127357010-Jan-2010Multiple Buffer and Integer Overflow Vulnerabilities in Python (python(1)) May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code
1021683.127359029-Sep-2010Security Vulnerability in wget(1) Related to Certificate Parsing may Allow Encrypted HTTP Communication to be Intercepted Using a Man-in-the-Middle (MITM) Attack
1021686.127363013-Dec-2009Multiple Security Vulnerabilities in the libexpat Library May Lead to a Denial of Service (DoS) Condition
1021697.127385021-May-2010This Alert covers CVE-2010-0889 for the kernel component of the Solaris and OpenSolaris products.
1021699.127391021-May-2010This Alert covers CVE-2009-2404 and CVE-2009-0688 for the Directory Server component of the Sun ONE Directory Server and Sun Java System Directory Server products.
1021706.127403024-Feb-2010Multiple Security Vulnerabilities in the Solaris GNOME PDF Rendering Libraries May Lead to a Denial of Service (DoS) or Execution of Arbitrary Code
1021709.127411007-Mar-2010Security Vulnerability in the Apache 1.3 "mod_perl" Module Component "Status.pm" May Lead to Unauthorized Access to Data
1021716.127425020-May-2010Multiple Security Vulnerabilities in the Adobe Flash Player for Solaris May Lead to a Denial of Service (DoS) or Arbitrary Code Execution (Adobe Security Bulletin APSB09-19)
1021722.127439010-Jan-2010An Integer Overflow Vulnerability in GIMP(1) May Lead to Denial of Service (DoS) or Execution of Arbitrary Code
1021732.127459019-May-2010This Alert Covers CVE-2010-0888 for the Device Services Component of the Sun Ray Server Software Product
1021744.127483004-Jan-2010Security Vulnerability May Prevent OpenSolaris "hald" Daemon From Correctly Writing Audit Records
1021746.127487018-Jan-2010Security Vulnerabilities in PostgreSQL Shipped With Solaris May Allow Escalation of Privileges or Man-in-the-Middle on SSL Connections
1021752.127499004-Mar-2010Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Affects Multiple Server Products in the Sun Java Enterprise System Suite
1021753.127501010-Jan-2010Security Vulnerability in Identity Manager 8.1.0.5 and 8.1.0.6 Configured with Sun Java System Access Manager, OpenSSO Enterprise 8.0 or IBM Tivoli Access Manager
1021763.127523006-Jan-2010A "use-after-free" Vulnerability in the OpenSolaris Common Unix Printing System (CUPS) may Lead to a Denial of Service (DoS) Condition
1021773.127541010-Jan-2010A Security Vulnerability in Solaris Trusted Extensions due to Missing Libraries may Allow Privilege Escalation
1021779.127553017-Mar-2010Integer Overflow Security Vulnerability in AES and RC4 Decryption in the Solaris Kerberos Crypto Library May Lead to Execution of Arbitrary Code or a Denial of Service (DoS)
1021781.127559030-Jun-2010A Security Vulnerability in the ntp Daemon (xntpd(1M)) May Lead to a Denial of the Solaris Network Time Protocol (NTP) Service
1021784.127565014-Apr-2010A Race Condition Security Vulnerability in the OpenSolaris "automake" Utility may Allow Modification of Package Files or Execution of Arbitrary Code
1021788.127571122-Oct-2010Security Vulnerability in the Sun Java System Directory Server May Allow Crafted LDAP Search Requests To Cause A Denial Of Service (DoS) Condition
1021793.127579019-May-2010A Security Vulnerability Exists if an OpenSolaris System was Joined to a Windows Domain Using kclient(1M) or smbadm(1M)
1021796.127585003-Feb-2010Multiple security vulnerabilities in the HTTP TRACE, WebDAV and Digest Authentication Methods in the Sun Java System Web Server and Sun Java System Web Proxy Server
1021797.127587007-Jun-2010A Security Vulnerability Relating to Certificate Handling in sendmail(1M) Versions Prior to 8.14.4 May Allow Server Identification Forgery
1021798.127589007-Jun-2010Multiple Security Vulnerabilities in BIND DNSSEC Software Shipped With Solaris May Cause Bogus NXDOMAIN Responses
1021799.127591021-May-2010This Alert Covers CVE-2010-0453 for the /dev/ucode Component of the Solaris and OpenSolaris Products.
1021807.127609021-May-2010This Alert Covers CVE-2010-0893 for the Mail Component of the Sun Convergence Product
1021808.127613019-May-2010This Alert covers CVE-2010-0883 and CVE-2010-0884 for the Data Service for Oracle E-Business Suite component of the Sun Cluster product.
1021812.127621019-May-2010This Alert covers CVE-2010-0897 for the Sun Java System Directory Server product.
1021863.127641117-May-2010This Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product.
1021965.127653321-May-2010This Alert covers CVE-2010-0895 for the IP Filter component of the OpenSolaris product.
1022024.127663021-May-2010This Alert covers the Address Book component of the Sun Java System Communications Express product.
1022203.127745020-May-2010A Security Vulnerability in Solaris Pidgin (see pidgin(1)) May Allow Remote Unprivileged Users to Access Arbitrary Files
1022294.127959021-May-2010Oracle Security Alert for CVE-2010-0886 was released on April 15th, 2010.