← Back

Sun

sun

1,603 CVEs • 200 products

Products (200)

Click to collapse
Toggle
Sunos
sunos
561 CVEs
Solaris
solaris
450 CVEs
Jre
jre
423 CVEs
Jdk
jdk
392 CVEs
Sdk
sdk
126 CVEs
Opensolaris
opensolaris
113 CVEs
Java System Web Server
java_system_web_server
32 CVEs
Java System Application Server
java_system_application_server
22 CVEs
Java System Identity Manager
java_system_identity_manager
19 CVEs
Java System Directory Server
java_system_directory_server
18 CVEs
Openjdk
openjdk
16 CVEs
Ray Server Software
ray_server_software
15 CVEs
Java System Access Manager
java_system_access_manager
15 CVEs
Java
java
14 CVEs
Java Se
java_se
14 CVEs
Cobalt Raq 2
cobalt_raq_2
12 CVEs
Cobalt Raq 3i
cobalt_raq_3i
12 CVEs
One Application Server
one_application_server
12 CVEs
One Web Server
one_web_server
12 CVEs
Java System Web Proxy Server
java_system_web_proxy_server
11 CVEs
Staroffice
staroffice
10 CVEs
Cluster
cluster
8 CVEs
J2se
j2se
7 CVEs
Solaris Answerbook2
solaris_answerbook2
6 CVEs
One Directory Server
one_directory_server
6 CVEs
Java System Portal Server
java_system_portal_server
6 CVEs
Ehrd
ehrd
6 CVEs
Cobalt Raq 4
cobalt_raq_4
5 CVEs
Java Web Start
java_web_start
5 CVEs
Java Desktop System
java_desktop_system
5 CVEs
Iplanet Messaging Server
iplanet_messaging_server
5 CVEs
Java System Communications Express
java_system_communications_express
5 CVEs
Openoffice.org
openoffice.org
5 CVEs
Virtualbox
virtualbox
5 CVEs
Solstice Adminsuite
solstice_adminsuite
5 CVEs
Solstice Backup
solstice_backup
4 CVEs
Chilisoft
chilisoft
4 CVEs
Iplanet Directory Server
iplanet_directory_server
4 CVEs
Iplanet Web Server
iplanet_web_server
4 CVEs
Java Plug In
java_plug-in
4 CVEs
Java System Calendar Server
java_system_calendar_server
4 CVEs
Javamail
javamail
4 CVEs
One Messaging Server
one_messaging_server
4 CVEs
Grid Engine
grid_engine
4 CVEs
N1 Grid Engine
n1_grid_engine
4 CVEs
Java Web Console
java_web_console
4 CVEs
Java Asp Server
java_asp_server
4 CVEs
Nfs
nfs
4 CVEs
Cobalt Raq
cobalt_raq
3 CVEs
Management+center
management+center
3 CVEs
Sun Fire
sun_fire
3 CVEs
Jsse
jsse
3 CVEs
Crypto Accelerator 4000
crypto_accelerator_4000
3 CVEs
Java Enterprise System
java_enterprise_system
3 CVEs
Storedge 6130 Arrays
storedge_6130_arrays
3 CVEs
Storedge Enterprise Backup Software
storedge_enterprise_backup_software
3 CVEs
Secure Global Desktop
secure_global_desktop
3 CVEs
Java System Messaging Server
java_system_messaging_server
3 CVEs
One Calendar Server
one_calendar_server
3 CVEs
J2ee
j2ee
3 CVEs
Iplanet Certificate Management System
iplanet_certificate_management_system
2 CVEs
I Runbook
i-runbook
2 CVEs
Openwindows
openwindows
2 CVEs
Solaris Pc Netlink
solaris_pc_netlink
2 CVEs
Java System Content Delivery Server
java_system_content_delivery_server
2 CVEs
Net Connect Software
net_connect_software
2 CVEs
Embedded Lights Out Manager
embedded_lights_out_manager
2 CVEs
Java System Identity Server
java_system_identity_server
2 CVEs
Netra T5220 Server
netra_t5220_server
2 CVEs
Management Center
management_center
2 CVEs
Sparc Enterprise Server T5120
sparc_enterprise_server_t5120
2 CVEs
Sparc Enterprise Server T5140
sparc_enterprise_server_t5140
2 CVEs
Sparc Enterprise Server T5220
sparc_enterprise_server_t5220
2 CVEs
Sparc Enterprise Server T5240
sparc_enterprise_server_t5240
2 CVEs
Fire X2100 M2
fire_x2100_m2
2 CVEs
Fire X2200 M2
fire_x2200_m2
2 CVEs
Xvm Virtualbox
xvm_virtualbox
2 CVEs
Virtual Desktop Infrastructure
virtual_desktop_infrastructure
2 CVEs
Solaris Isp Server
solaris_isp_server
1 CVE
Workshop
workshop
1 CVE
Hotjava Browser
hotjava_browser
1 CVE
Sun Ftp
sun_ftp
1 CVE
Javaserver Web Dev Kit
javaserver_web_dev_kit
1 CVE
Sunvts
sunvts
1 CVE
Netdynamics
netdynamics
1 CVE
Sun Pci Ii Driver
sun_pci_ii_driver
1 CVE
Linux
linux
1 CVE
Cobalt Raq Xtr
cobalt_raq_xtr
1 CVE
Patchpro
patchpro
1 CVE
Enterprise Authentication Mechanism
enterprise_authentication_mechanism
1 CVE
Sunone Starter Kit
sunone_starter_kit
1 CVE
Patch Manager
patch_manager
1 CVE
Storedge 3310 Scsi Array
storedge_3310_scsi_array
1 CVE
Storedge 3510 Fc Array
storedge_3510_fc_array
1 CVE
Enterprise Storage Manager
enterprise_storage_manager
1 CVE
Seam
seam
1 CVE
Dtmail
dtmail
1 CVE
J2me
j2me
1 CVE
Netra 1280
netra_1280
1 CVE
Sunforum
sunforum
1 CVE

CVEs (1,603)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2003-1056
1Sun
2Solaris
Sunos
Apr 16, 2026
Dec 11, 2003
N/A· v4
N/A· v3
7.2 HIGH· v2
The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
CVE-2003-1057
1Sun
2Solaris
Sunos
Apr 16, 2026
Dec 8, 2003
N/A· v4
N/A· v3
7.2 HIGH· v2
Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.
CVE-2003-1058
1Sun
2Solaris
Sunos
Apr 16, 2026
Dec 3, 2003
N/A· v4
N/A· v3
3.7 LOW· v2
The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, prob...Show more
The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.Show less
CVE-2003-1059
1Sun
2Solaris
Sunos
Apr 16, 2026
Nov 20, 2003
N/A· v4
N/A· v3
7.2 HIGH· v2
Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access.
CVE-2003-0896
1Sun
1Jre
Apr 16, 2026
Nov 17, 2003
N/A· v4
N/A· v3
7.5 HIGH· v2
The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code v...Show more
The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method.Show less
CVE-2003-1060
1Sun
2Solaris
Sunos
Apr 16, 2026
Oct 27, 2003
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.
CVE-2003-1061
1Sun
2Solaris
Sunos
Apr 16, 2026
Oct 14, 2003
N/A· v4
N/A· v3
1.2 LOW· v2
Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines.
CVE-2003-0694
11Apple
CompaqFreebsd+8 more
18Advanced Message Server
AixFreebsd+15 more
Apr 16, 2026
Oct 6, 2003
N/A· v4
N/A· v3
10.0 HIGH· v2
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
CVE-2003-0722
1Sun
1Solaris
Apr 16, 2026
Sep 22, 2003
N/A· v4
N/A· v3
10.0 HIGH· v2
The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC pack...Show more
The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.Show less
CVE-2003-1081
1Sun
2Solaris
Sunos
Apr 16, 2026
Sep 9, 2003
N/A· v4
N/A· v3
10.0 HIGH· v2
Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.
CVE-2003-0676
1Sun
2Iplanet Directory Server
One Directory Server
Apr 16, 2026
Aug 27, 2003
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences.
CVE-2003-0669
1Sun
2Solaris
Sunos
Apr 16, 2026
Aug 27, 2003
N/A· v4
N/A· v3
1.2 LOW· v2
Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users.
CVE-2003-0609
1Sun
2Solaris
Sunos
Apr 16, 2026
Aug 27, 2003
N/A· v4
N/A· v3
7.2 HIGH· v2
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.
CVE-2003-0466
7Apple
FreebsdNetbsd+4 more
8Freebsd
Mac Os XMac Os X Server+5 more
Apr 16, 2026
Aug 27, 2003
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathname...Show more
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.Show less
CVE-2003-1063
1Sun
2Solaris
Sunos
Apr 16, 2026
Aug 20, 2003
N/A· v4
N/A· v3
7.5 HIGH· v2
The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the int...Show more
The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.Show less
CVE-2003-1065
1Sun
1Sunos
Apr 16, 2026
Jul 23, 2003
N/A· v4
N/A· v3
2.1 LOW· v2
Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash).
CVE-2003-1055
1Sun
2Solaris
Sunos
Apr 16, 2026
Jul 3, 2003
N/A· v4
N/A· v3
7.2 HIGH· v2
Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup.
CVE-2003-0414
1Sun
1One Application Server
Apr 16, 2026
Jun 30, 2003
N/A· v4
N/A· v3
7.2 HIGH· v2
The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile.
CVE-2003-0413
1Sun
1One Application Server
Apr 16, 2026
Jun 30, 2003
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitra...Show more
Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" error, which inserts the text in the resulting error message.Show less
CVE-2003-0412
1Sun
1One Application Server
Apr 16, 2026
Jun 30, 2003
N/A· v4
N/A· v3
5.0 MEDIUM· v2
Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities.