CVSS: 5.8EPSS: 2%CPEs: 1EXPL: 0CVE-2010-3544
https://notcve.org/view.php?id=CVE-2010-3544
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect integrity and availability via unknown vectors related to Administration. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable source that this is cross-site request forgery (CSRF) that allows remote attackers to stop an instance via the management console. Una vulnerabilidad no especificada en el componente Oracle iPlanet Web Server (Sun Java System Web Server) en Sun Products Suite de Oracle versión 7.0, permite a los atacantes remotos afectar la integridad y la disponibilidad por medio de vectores desconocidos relacionados con Administration. NOTA: la información anterior fue obtenida de la CPU en octubre de 2010. • http://jvn.jp/en/jp/JVN50133036/index.html http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000042.html http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.us-cert.gov/cas/techalerts/TA10-287A.html •
CVSS: 6.4EPSS: 1%CPEs: 1EXPL: 0CVE-2010-3564 – OpenJDK kerberos vulnerability (6958060)
https://notcve.org/view.php?id=CVE-2010-3564
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue. Una vulnerabilidad no especificada en el componente Oracle Communications Messaging Server (Sun Java System Messaging Server) en Sun Products Suite de Oracle versión 7.0, permite a los atacantes remotos afectar a la confidencialidad e integridad por medio de vectores desconocidos relacionados con Webmail. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c02616748 http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049455.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049528.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049702.html http://secunia.com/advisories/41972 http://secunia.com/advisories/42377 http://security.gentoo.org/glsa/glsa-201406-32.xml http://support.avaya.com/css/P8/docum •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3545
https://notcve.org/view.php?id=CVE-2010-3545
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration. Vulnerabilidad no especificada en el componente Oracle iPlanet Web Server (Sun Java System Web Server) de Oracle Sun Product Suite v7.0, permite a atacantes remotos comprometer la confidencialidad e integridad a través de vectores desconocidos relacionados con "Administration". • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.us-cert.gov/cas/techalerts/TA10-287A.html •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2010-3535
https://notcve.org/view.php?id=CVE-2010-3535
Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Products Suite 6.0, 6.1, 6.2, and 6.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Identity Synchronization for Windows. Vulnerabilidad no especificada en componente Directory Server Enterprise Edition en Oracle Sun Products Suite v6.0, v6.1, v6.2, y v6.3 permite a los usuarios locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con "Identity Synchronization" para Windows. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.securitytracker.com/id?1024572 http://www.us-cert.gov/cas/techalerts/TA10-287A.html •
CVSS: 3.0EPSS: 0%CPEs: 1EXPL: 0CVE-2010-3506
https://notcve.org/view.php?id=CVE-2010-3506
Unspecified vulnerability in the Oracle Explorer (Sun Explorer) component in Oracle Sun Products Suite 6.4 allows local users to affect confidentiality and integrity via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Explorer (Sun Explorer) en Oracle Sun Products Suite v6.4 permite a usuarios locales afectar a la confidencialidad y la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.us-cert.gov/cas/techalerts/TA10-287A.html •