CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2009-4211 – DISA STIG SRR Still Vulnerable
https://notcve.org/view.php?id=CVE-2009-4211
The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, which allows local users to gain privileges via a Trojan horse program. El script Security Readiness Review (SRR) de la U.S. Defense Information Systems Agency (DISA) para la plataforma Solaris x86 ejecuta ficheros como root en directorios elegidos para nombres de fichero iguales a (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, o (7) wireshark, permitiendo a usuarios locales ganar privilegios mediante un programa troyano. Running DISA SRR scripts against your server can get you easily rooted. • http://securitytracker.com/id?1023265 http://www.kb.cert.org/vuls/id/433821 http://www.securityfocus.com/archive/1/508188/100/0/threaded http://www.securityfocus.com/bid/37200 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 0CVE-2009-4187
https://notcve.org/view.php?id=CVE-2009-4187
Multiple cross-site scripting (XSS) vulnerabilities in the Gateway component in Sun Java System Portal Server 6.3.1, 7.1, and 7.2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados(XSS) en el componente Gateway en Sun Java System Portal Server v6.3.1, v7.1, y v7.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML de forma arbitraria. • http://securitytracker.com/id?1023260 http://sunsolve.sun.com/search/document.do?assetkey=1-21-138686-04-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-269368-1 http://www.securityfocus.com/bid/37186 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 1%CPEs: 52EXPL: 0CVE-2009-4075
https://notcve.org/view.php?id=CVE-2009-4075
Unspecified vulnerability in the timeout mechanism in sshd in Sun Solaris 10, and OpenSolaris snv_99 through snv_123, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors that trigger a "dangling sshd authentication thread." Vulnerabilidad inespecífica en el mecanismo de tiempo limite en sshd en Sun Solaris v10, y OpenSolaris desde snv_99 hasta snv_123, permite a atacantes remotos producir una denegación de servicio (agotamiento de demonio) a través de vectores desconocidos que inician un "hilo de proceso de autenticación oscilante". • http://osvdb.org/60498 http://sunsolve.sun.com/search/document.do?assetkey=1-21-143140-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-272629-1 http://www.securityfocus.com/bid/37116 http://www.vupen.com/english/advisories/2009/3333 https://exchange.xforce.ibmcloud.com/vulnerabilities/54401 •
CVSS: 7.8EPSS: 2%CPEs: 78EXPL: 0CVE-2009-3899
https://notcve.org/view.php?id=CVE-2009-3899
Memory leak in the Sockets Direct Protocol (SDP) driver in Sun Solaris 10, and OpenSolaris snv_57 through snv_94, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Fallo de memoria en el controlador de Sockets Direct Protocol (SDP) en Sun Solaris v10, y OpenSolaris snv_57 hasta snv_94, permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) mediante vectores no especificados. • http://securitytracker.com/id?1023124 http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-264730-1 http://www.securityfocus.com/bid/36904 http://www.vupen.com/english/advisories/2009/3130 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6563 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 1%CPEs: 339EXPL: 0CVE-2009-3868 – java-1.6.0-sun: Privilege escalation via crafted image file due improper color profiles parsing (6862970)
https://notcve.org/view.php?id=CVE-2009-3868
Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862970. Sun Java SE en JDK y JRE 5.0 anteriores a Update 22, JDK y JRE 6 anteriores a Update 17, SDK y JRE v1.3.x anteriores a v1.3.1_27, y SDK y JRE v1.4.x anteriores a v1.4.2_24 no analiza adecuadamente el perfil color, lo que permite a los atacantes remotos obtener privilegios a través de un archivo de imagen manipulado también conocido como Bud Id 6862970. • http://java.sun.com/javase/6/webnotes/6u17.html http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html http://marc.info/?l=bugtraq&m=126566824131534&w=2 http://marc.info/?l=bugtraq&m=131593453929393&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://secunia.com/advisories/37231 http://secunia.co • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •