CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2003-1575
https://notcve.org/view.php?id=CVE-2003-1575
28 Jan 2010 — VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissions by accessing a file on a VxFS filesystem. VERITAS File System (VxFS) v3.3.3, v3.4, y v3.5 anterior a MP1 Rolling Patch 02 para Sun Solaris v2.5.1 a la v9, no implementa adecuadamente la herencia de las ACLs por... • http://sunsolve.sun.com/search/document.do?assetkey=1-21-113207-05-1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2004-2765
https://notcve.org/view.php?id=CVE-2004-2765
28 Jan 2010 — Cross-site scripting (XSS) vulnerability in Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, a different vulnerability than CVE-2005-2022 and CVE-2006-5486. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Webmail en Sun ONE Messaging Server v6.1 e iPlanet Messaging Server v5.2 anterior a 5.2hf2.02, cuando se u... • http://sunsolve.sun.com/search/document.do?assetkey=1-21-116568-56-1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2004-2766
https://notcve.org/view.php?id=CVE-2004-2766
28 Jan 2010 — Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02 allows remote attackers to obtain unspecified "access" to e-mail via a crafted e-mail message, related to a "session hijacking" issue, a different vulnerability than CVE-2005-2022 and CVE-2006-5486. Webmail en Sun ONE Messaging Server v6.1 y iPlanet Messaging Server v5.2 anteriores a v5.2hf2.02 permite a atacantes remotos obtener "acceso" inespecífico al correo electrónico a través de un mensaje de correo electrónico m... • http://sunsolve.sun.com/search/document.do?assetkey=1-21-116568-55-1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2008-2710
https://notcve.org/view.php?id=CVE-2008-2710
16 Jun 2008 — Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison. Error de ... • http://secunia.com/advisories/30693 • CWE-189: Numeric Errors •
CVSS: 7.1EPSS: 0%CPEs: 14EXPL: 0CVE-2005-4796
https://notcve.org/view.php?id=CVE-2005-4796
31 Dec 2005 — Unspecified vulnerability in the XView library (libxview.so) in Solaris 2.5 to 10 allows local users to corrupt files via unknown vectors related to the handling of the clipboard selection while an XView application exits. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-100881-1 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2004-1767
https://notcve.org/view.php?id=CVE-2004-1767
31 Dec 2004 — The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-57479-1 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 2CVE-2004-2686 – Sun Solaris 2.6/7.0/8/9 - vfs_getvfssw function Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-2686
31 Dec 2004 — Directory traversal vulnerability in the vfs_getvfssw function in Solaris 2.6, 7, 8, and 9 allows local users to load arbitrary kernel modules via crafted (1) mount or (2) sysfs system calls. NOTE: this might be the same issue as CVE-2004-1767, but there are insufficient details to be sure. • https://www.exploit-db.com/exploits/23874 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.5EPSS: 1%CPEs: 3EXPL: 0CVE-2004-1393
https://notcve.org/view.php?id=CVE-2004-1393
31 Dec 2004 — Unknown vulnerability in the tcsetattr function for Sun Solaris for SPARC 2.6, 7, and 8 allows local users to cause a denial of service (system hang). • http://secunia.com/advisories/10730 •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2004-1359
https://notcve.org/view.php?id=CVE-2004-1359
04 Mar 2004 — Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-57508-1 •
CVSS: 9.8EPSS: 2%CPEs: 8EXPL: 0CVE-2003-1066
https://notcve.org/view.php?id=CVE-2003-1066
31 Dec 2003 — Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets. • http://secunia.com/advisories/8944 •