CVSS: 9.4EPSS: 6%CPEs: 11EXPL: 0CVE-2007-6480
https://notcve.org/view.php?id=CVE-2007-6480
The Oracle database component in Sun Management Center (Sun MC) 3.6.1, 3.6, and 3.5 Update 1 has a default account, which allows remote attackers to obtain database access and execute arbitrary code. El componente de base de datos Oracle en Sun Management Center (Sun MC) 3.6.1, 3.6, y 3.5 Update 1 tiene un cuenta por defecto, que permite a atacantes remotos obtener acceso a la base de datos y ejecutar código de su elección. • http://osvdb.org/39563 http://secunia.com/advisories/28151 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103152-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201508-1 http://www.securityfocus.com/bid/26948 http://www.securitytracker.com/id?1019119 http://www.vupen.com/english/advisories/2007/4268 https://exchange.xforce.ibmcloud.com/vulnerabilities/39137 •
CVSS: 7.8EPSS: 5%CPEs: 13EXPL: 0CVE-2007-6482
https://notcve.org/view.php?id=CVE-2007-6482
Unspecified vulnerability in the Device Manager daemon (utdevmgrd) in Sun Ray Server Software 2.0, 3.0, 3.1, and 3.1.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. Vulnerabilidad no especificada en el demonio Device Manager (utdevmgrd) en Sun Ray Server Software 2.0, 3.0, 3.1, y 3.1.1 permite a atacantes remotos provocar denegación de servicio (caida de demonio) a través de vectores no especificados. • http://osvdb.org/40846 http://secunia.com/advisories/28148 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103175-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201227-1 http://www.securityfocus.com/bid/26944 http://www.securitytracker.com/id?1019118 http://www.vupen.com/english/advisories/2007/4269 https://exchange.xforce.ibmcloud.com/vulnerabilities/39133 •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2007-6216
https://notcve.org/view.php?id=CVE-2007-6216
Race condition in the Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 allows local users to cause a denial of service (system hang) via some programs that access hardware resources, as demonstrated by the (1) cfgadm and (2) format programs. Condición de carrera en el controlador de protocolo Fibre Channel protocol (fcp) y sistema de archivos Devices (devfs) en Sun Solaris 10 permite a usuarios locales provocar denegación de servicio (cuelgue del sistema) a través de algunos programas quye acceden a los recursos hardware, como se demostró por los programas (1) cfgadm y (2) format. • http://osvdb.org/40826 http://osvdb.org/40827 http://secunia.com/advisories/27867 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102947-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200182-1 http://www.securityfocus.com/bid/26653 http://www.securitytracker.com/id?1019025 http://www.vupen.com/english/advisories/2007/4043 https://exchange.xforce.ibmcloud.com/vulnerabilities/38767 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5921
https://notcve.org/view.php?id=CVE-2007-5921
Unspecified vulnerability in the ioctl interface in the Solaris Volume Manager (SVM) in Sun Solaris 9 and 10 allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2004-1346. Vulnerabilidad sin especificar en el interfaz ioctl del Solaris Volume Manager (SVM) en el Sun Solaris 9 y 10, permite a usuarios locales provocar una denegación de servicio (pánico) a través de vectores sin especificar. Vulnerabilidad diferente a la CVE-2004-1346. • http://osvdb.org/40817 http://secunia.com/advisories/27519 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103143-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200582-1 http://www.securityfocus.com/bid/26376 http://www.securitytracker.com/id?1018916 http://www.vupen.com/english/advisories/2007/3804 https://exchange.xforce.ibmcloud.com/vulnerabilities/38319 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4095 •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2007-3880
https://notcve.org/view.php?id=CVE-2007-3880
Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog. Vulnerabilidad de formato de cadena en Sun Remote Services (SRS) Net Connect 3.2.3 y 3.2.4, como distribución en el paquete SRS Proxy Core (SUNWsrspx),permite a usuarios locales ganar privilegios a través de especificaciones de formato de cadena en entradas no especificadas que se validan a través del syslog. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=610 http://osvdb.org/40836 http://secunia.com/advisories/27512 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103119-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200581-1 http://www.securityfocus.com/bid/26313 http://www.securitytracker.com/id?1018893 http://www.vupen.com/english/advisories/2007/3711 • CWE-134: Use of Externally-Controlled Format String •