6 results (0.014 seconds)

CVSS: 10.0EPSS: 5%CPEs: 4EXPL: 0

Buffer overflow in pamverifier in Change Manager (CM) 1.0 for Sun Management Center (SunMC) 3.0 on Solaris 8 and 9 on the sparc platform allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en pamverifier en Change Manager (CM) v1.0 para Sun Management Center (SunMC) v3.0 en Solaris v8 y v9 en la plataforma sparc permite a atacantes remotos ejecutar código arbitrario a través de vectores inespecíficos. • http://sunsolve.sun.com/search/document.do?assetkey=1-21-113105-01-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201231-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

Cross-site scripting (XSS) vulnerability in /prm/reports in the Performance Reporting Module (PRM) for Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: this can be leveraged for access to the SunMC Web Console. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados(XSS) en /prm/reports en Performance Reporting Module (PRM) para Sun Management Center (SunMC) v3.6.1 y v4.0, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro "msg". NOTA: esto puede ser aprovechados para el acceso a la Consola Web SunMC. • http://secunia.com/advisories/34146 http://securitytracker.com/id?1021809 http://sunsolve.sun.com/search/document.do?assetkey=1-21-125191-04-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-247046-1 http://www.securityfocus.com/bid/33999 http://www.vupen.com/english/advisories/2009/0605 https://exchange.xforce.ibmcloud.com/vulnerabilities/49076 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0

Unspecified vulnerability in a web page in the PRM module in Sun Management Center (SunMC) 3.6.1 and 4.0 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Vulnerabilidad no especificada en una página Web en el módulo PRM de Sun Management Center (SunMC) 3.6.1 y 4.0; permite a atacantes remotos provocar una denegación de servicio (consumo de memoria), a través de vectores no especificados. • http://secunia.com/advisories/31841 http://sunsolve.sun.com/search/document.do?assetkey=1-26-241686-1 http://www.securityfocus.com/bid/31194 http://www.securitytracker.com/id?1020890 http://www.vupen.com/english/advisories/2008/2587 https://exchange.xforce.ibmcloud.com/vulnerabilities/45156 •

CVSS: 9.4EPSS: 6%CPEs: 11EXPL: 0

The Oracle database component in Sun Management Center (Sun MC) 3.6.1, 3.6, and 3.5 Update 1 has a default account, which allows remote attackers to obtain database access and execute arbitrary code. El componente de base de datos Oracle en Sun Management Center (Sun MC) 3.6.1, 3.6, y 3.5 Update 1 tiene un cuenta por defecto, que permite a atacantes remotos obtener acceso a la base de datos y ejecutar código de su elección. • http://osvdb.org/39563 http://secunia.com/advisories/28151 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103152-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-201508-1 http://www.securityfocus.com/bid/26948 http://www.securitytracker.com/id?1019119 http://www.vupen.com/english/advisories/2007/4268 https://exchange.xforce.ibmcloud.com/vulnerabilities/39137 •

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and 3.0 Revenue Release (RR), when installed and run by root, allows local users to create or modify arbitrary files. • http://secunia.com/advisories/9073 http://sunsolve.sun.com/search/document.do?assetkey=1-26-55141-1 http://www.kb.cert.org/vuls/id/758932 http://www.securityfocus.com/bid/7960 https://exchange.xforce.ibmcloud.com/vulnerabilities/12343 •