Max CVSS 10.0 Min CVSS 1.2 Total Count149
IDCVSSSummaryLast (major) updatePublished
CVE-2007-1351 8.5
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflo
19-02-2017 - 00:17 05-04-2007 - 21:19
CVE-2005-2491 7.5
Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code via quantifier values in regular expressions, whic
15-12-2016 - 21:59 23-08-2005 - 00:00
CVE-2006-0225 4.6
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
18-11-2016 - 21:59 25-01-2006 - 06:03
CVE-2006-4924 7.8
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack d
17-10-2016 - 23:41 26-09-2006 - 21:07
CVE-2005-3779 7.2
Unspecified vulnerability in xterm for HP-UX 11.00, 11.11, and 11.23 allows local users to gain privileges via unknown vectors.
17-10-2016 - 23:37 22-11-2005 - 20:03
CVE-2005-2088 4.3
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfe
17-10-2016 - 23:24 05-07-2005 - 00:00
CVE-2005-1790 2.6
Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY onload event that calls the window function, aka "M
17-10-2016 - 23:22 01-06-2005 - 00:00
CVE-2005-0045 7.5
The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2)
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2004-1305 5.0
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allow remote attackers to cause a denial of service via (1) the frame number set to zero, which causes an invalid memory ad
17-10-2016 - 22:53 23-12-2004 - 00:00
CVE-2004-1060 5.0
Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment w
17-10-2016 - 22:51 12-04-2004 - 00:00
CVE-2004-1049 5.1
Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and I
17-10-2016 - 22:50 31-12-2004 - 00:00
CVE-2004-0845 6.4
Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the us
17-10-2016 - 22:49 03-11-2004 - 00:00
CVE-2004-0791 5.0
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench a
17-10-2016 - 22:49 12-04-2005 - 00:00
CVE-2004-0790 5.0
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have
17-10-2016 - 22:49 12-04-2005 - 00:00
CVE-2004-0574 10.0
The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, poss
17-10-2016 - 22:46 03-11-2004 - 00:00
CVE-2004-0573 7.5
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.
17-10-2016 - 22:46 28-09-2004 - 00:00
CVE-2004-0206 7.5
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or appl
17-10-2016 - 22:41 03-11-2004 - 00:00
CVE-2004-0148 7.2
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
17-10-2016 - 22:41 15-04-2004 - 00:00
CVE-2003-0722 10.0
The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.
17-10-2016 - 22:36 22-09-2003 - 00:00
CVE-2003-0718 5.0
The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML element
17-10-2016 - 22:36 03-11-2004 - 00:00
CVE-2003-0659 7.2
Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.
17-10-2016 - 22:36 17-11-2003 - 00:00
CVE-2003-0526 6.8
Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in the domain name portion, which is not properly cleans
17-10-2016 - 22:35 18-08-2003 - 00:00
CVE-2003-0466 10.0
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to tr
17-10-2016 - 22:34 27-08-2003 - 00:00
CVE-2003-0110 5.0
The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, ma
17-10-2016 - 22:29 05-05-2003 - 00:00
CVE-2003-0027 5.0
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2002-1317 7.5
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
17-10-2016 - 22:25 11-12-2002 - 00:00
CVE-2002-0679 10.0
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
17-10-2016 - 22:21 05-09-2002 - 00:00
CVE-2002-0678 7.2
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
17-10-2016 - 22:21 23-07-2002 - 00:00
CVE-2002-0677 7.5
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the
17-10-2016 - 22:21 23-07-2002 - 00:00
CVE-2002-0391 10.0
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array
17-10-2016 - 22:20 12-08-2002 - 00:00
CVE-2007-2926 4.3
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query i
16-03-2015 - 21:59 24-07-2007 - 13:30
CVE-2004-0214 10.0
Buffer overflow in Microsoft Internet Explorer and Explorer on Windows XP SP1, WIndows 2000, Windows 98, and Windows Me may allow remote malicious servers to cause a denial of service (application crash) and possibly execute arbitrary code via long s
06-08-2013 - 15:12 03-11-2004 - 00:00
CVE-2004-0420 10.0
The Windows Shell application in Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by spoofing the type of a file via a CLSID specifier in the filename, as demo
23-07-2013 - 01:18 07-07-2004 - 00:00
CVE-2005-3564 7.2
envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors.
12-12-2012 - 21:44 16-11-2005 - 02:42
CVE-2007-2529 7.2
Integer signedness error in the acl (facl) system call in Solaris 10 before 20070507 allows local users to cause a denial of service (kernel panic) and possibly gain privileges via a certain argument, related to ACE_SETACL.
05-11-2012 - 22:38 08-05-2007 - 20:19
CVE-2007-3283 6.8
GNOME XScreenSaver in Sun Solaris 8 and 9 before 20070417, when root is logged into the console, does not automatically lock the screen after a session has been inactive, which might allow physically proximate attackers to access the console.
30-10-2012 - 22:38 19-06-2007 - 18:30
CVE-2007-3094 9.0
Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.
30-10-2012 - 22:37 06-06-2007 - 17:30
CVE-2007-3069 4.6
xscreensaver in Sun Solaris 10 before 20070604, when a GNOME session with Assistive Technology support is running, allows attackers with physical access to take control of the session after entering an Alt-Tab sequence.
30-10-2012 - 22:37 06-06-2007 - 06:30
CVE-2007-2798 7.4
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
30-10-2012 - 22:36 26-06-2007 - 18:30
CVE-2007-5225 4.9
Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.
11-10-2011 - 00:00 04-10-2007 - 20:17
CVE-2007-1667 9.3
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive inf
09-09-2011 - 00:00 24-03-2007 - 17:19
CVE-2007-4395 7.6
Multiple unspecified vulnerabilities in the Role Based Access Control (RBAC) functionality in Sun Solaris 8 allow remote attackers who know the password for a role to gain privileges via that role.
01-09-2011 - 00:00 17-08-2007 - 19:17
CVE-2006-6275 4.7
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals.
10-08-2011 - 00:00 04-12-2006 - 06:28
CVE-2006-6133 7.6
Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote att
04-08-2011 - 00:00 27-11-2006 - 20:07
CVE-2006-4842 3.6
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user-specified environment variables for specifying log files even when running from setuid programs, which allows local users to create or overwrite arbitrar
20-06-2011 - 00:00 11-10-2006 - 20:07
CVE-2007-0882 10.0
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to
13-06-2011 - 00:00 12-02-2007 - 15:28
CVE-2007-0943 6.8
Unspecified vulnerability in Internet Explorer 5.01 and 6 SP1 allows remote attackers to execute arbitrary code via crafted Cascading Style Sheets (CSS) strings that trigger memory corruption during parsing, related to use of out-of-bounds pointers.
06-05-2011 - 00:00 14-08-2007 - 17:17
CVE-2006-0027 7.5
Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties.
15-04-2011 - 00:00 09-05-2006 - 22:10
CVE-2006-0002 7.5
Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulatio
12-04-2011 - 00:00 10-01-2006 - 17:03
CVE-2007-2223 9.3
Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow.
12-04-2011 - 00:00 14-08-2007 - 17:17
CVE-2007-3035 7.6
Unspecified vulnerability in Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that is not properly handled during decompression, aka "Wind
12-04-2011 - 00:00 14-08-2007 - 17:17
CVE-2007-3037 4.0
Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that causes a size mismatch between compressed and decompressed data and triggers a heap-
12-04-2011 - 00:00 14-08-2007 - 17:17
CVE-2006-4307 7.2
Unspecified vulnerability in the format command in Sun Solaris 8 and 9 before 20060821 allows local users to modify arbitrary files via unspecified vectors involving profiles that permit running format with elevated privileges, a different issue than
01-04-2011 - 00:00 23-08-2006 - 15:04
CVE-2007-3034 9.3
Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length va
29-03-2011 - 00:00 14-08-2007 - 17:17
CVE-2007-3041 9.3
Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka "Active
25-03-2011 - 00:00 14-08-2007 - 17:17
CVE-2007-5716 7.8
Unspecified vulnerability in the Internet Protocol (IP) functionality in Sun Solaris 10 allows local users to cause a denial of service (panic) via unspecified vectors, probably related to a UDP packet.
07-03-2011 - 22:01 30-10-2007 - 17:46
CVE-2007-5632 4.9
Multiple unspecified vulnerabilities in the kernel in Sun Solaris 8 through 10 allow local users to cause a denial of service (panic), related to the support for retrieval of kernel statistics, and possibly related to the sfmmu_mlspl_enter or sfmmu_m
07-03-2011 - 22:01 23-10-2007 - 13:46
CVE-2007-5422 4.9
Unspecified vulnerability in "Solaris Auditing" in the Basic Security Module (BSM) in Sun Solaris 10, when configured for auditing of networking (nt) events, allows local users to cause a denial of service (panic) via unspecified vectors.
07-03-2011 - 22:00 12-10-2007 - 17:17
CVE-2007-5368 4.9
Multiple unspecified vulnerabilities in labeld in Trusted Extensions in Sun Solaris 10 allow local users to cause a denial of service (multiple application hang) via unspecified vectors.
07-03-2011 - 22:00 11-10-2007 - 06:17
CVE-2007-5367 4.9
Unspecified vulnerability in the Virtual File System (VFS) in Sun Solaris 10 allows local users to cause a denial of service (kernel memory consumption) via unspecified vectors.
07-03-2011 - 22:00 11-10-2007 - 06:17
CVE-2007-5319 3.5
Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service ("unusable" system console) via unspecified vectors.
07-03-2011 - 22:00 09-10-2007 - 18:17
CVE-2007-5132 4.9
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors related to "the handling of thread contexts."
07-03-2011 - 22:00 27-09-2007 - 15:17
CVE-2007-5118 4.7
Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and 10 before 20070925 allows local users to cause a denial of service (panic) via unspecified vectors.
07-03-2011 - 22:00 27-09-2007 - 13:17
CVE-2007-4732 4.9
Unspecified vulnerability in the strfreectty function in the Special File System (SPECFS) in Sun Solaris 8 through 10 allows local users to cause a denial of service (system panic), related to passing a NULL pointer to the pgsignal function.
07-03-2011 - 21:59 06-09-2007 - 15:17
CVE-2007-4126 1.5
Unspecified vulnerability in the dynamic tracing framework (DTrace) on Sun Solaris 10 before 20070730 allows local users with PRIV_DTRACE_USER privileges to cause a denial of service (panic or hang) via unspecified use of certain DTrace programs.
07-03-2011 - 21:57 01-08-2007 - 12:17
CVE-2007-4070 4.9
Unspecified vulnerability in Low Bandwidth X proxy (lbxproxy) on Sun Solaris 8 through 10 before 20070725 allows local users to read arbitrary files with root group ownership via unknown vectors.
07-03-2011 - 21:57 30-07-2007 - 13:30
CVE-2007-3893 6.8
Unspecified vulnerability in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code via unspecified vectors involving memory corruption from an unhandled error.
07-03-2011 - 21:57 09-10-2007 - 18:17
CVE-2007-3892 7.5
Microsoft Internet Explorer 5.01 through 7 allows remote attackers to spoof the URL address bar and other "trust UI" components via unspecified vectors, a different issue than CVE-2007-1091 and CVE-2007-3826.
07-03-2011 - 21:57 09-10-2007 - 18:17
CVE-2007-3826 9.3
Microsoft Internet Explorer 7 on Windows XP SP2 allows remote attackers to prevent users from leaving a site, spoof the address bar, and conduct phishing and other attacks via repeated document.open function calls after a user requests a new page, bu
07-03-2011 - 21:57 17-07-2007 - 17:30
CVE-2007-3717 6.9
rcp on Sun Solaris 8, 9, and 10 before 20070710 does not properly call certain helper applications, which allows local users to gain privileges by creating files with certain names, possibly containing shell metacharacters or spaces, a similar issue
07-03-2011 - 21:56 12-07-2007 - 12:30
CVE-2007-3471 7.2
Buffer overflow in the dtsession Common Desktop Environment (CDE) Session Manager in Sun Solaris 8, 9, and 10 allows local users to execute arbitrary code via unspecified vectors.
07-03-2011 - 21:56 28-06-2007 - 14:30
CVE-2007-3470 7.8
Multiple unspecified vulnerabilities in the KSSL kernel module in Sun Solaris 10, when configured with the KSSL proxy, allow remote attackers to cause a denial of service (kernel panic) via unspecified vectors related to "memory buffers" of Secure So
07-03-2011 - 21:56 28-06-2007 - 14:30
CVE-2007-3469 4.9
Unspecified vulnerability in the TCP Loopback/Fusion implementation in Sun Solaris 10 allows local users to cause a denial of service (resource exhaustion and service hang) via unspecified vectors.
07-03-2011 - 21:56 28-06-2007 - 14:30
CVE-2007-3458 4.9
The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.
07-03-2011 - 21:56 27-06-2007 - 13:30
CVE-2007-3248 7.8
Unspecified vulnerability in Sun Solaris 10 before 20070614, when IPv6 interfaces are present but not configured for IPsec, allows remote attackers to cause a denial of service (system crash) via certain network traffic.
07-03-2011 - 21:55 18-06-2007 - 06:30
CVE-2007-3223 7.8
Unspecified vulnerability in the NFS server in Sun Solaris 10 before 20070613 allows remote attackers to cause a denial of service (system crash) via certain XDR data in NFS requests, probably related to processing of data by the xdr_bool and xdrmblk
07-03-2011 - 21:55 14-06-2007 - 19:30
CVE-2007-3093 10.0
Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.
07-03-2011 - 21:55 06-06-2007 - 17:30
CVE-2007-2990 4.9
Unspecified vulnerability in inetd in Sun Solaris 10 before 20070529 allows local users to cause a denial of service (daemon termination) via unspecified manipulations of the /var/run/.inetd.uds Unix domain socket file.
07-03-2011 - 21:55 01-06-2007 - 06:30
CVE-2007-2989 7.8
The libike library in Sun Solaris 9 before 20070529 contains a logic error related to a certain pointer, which allows remote attackers to cause a denial of service (in.iked daemon crash) by sending certain UDP packets with a source port different fro
07-03-2011 - 21:55 01-06-2007 - 06:30
CVE-2007-2930 4.3
The (1) NSID_SHUFFLE_ONLY and (2) NSID_USE_POOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote
07-03-2011 - 21:55 11-09-2007 - 21:17
CVE-2007-2882 5.0
Unspecified vulnerability in the NFS client module in Sun Solaris 8 through 10 before 20070524, when operating as an NFS server, allows remote attackers to cause a denial of service (crash) via certain Access Control List (acl) packets.
07-03-2011 - 21:55 29-05-2007 - 21:30
CVE-2007-2617 2.1
srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.
07-03-2011 - 21:54 11-05-2007 - 12:19
CVE-2007-2465 4.7
Unspecified vulnerability in Sun Solaris 9, when Solaris Auditing (BSM) is enabled for file read, write, attribute modify, create, or delete audit classes, allows local users to cause a denial of service (panic) via unknown vectors, possibly related
07-03-2011 - 21:54 02-05-2007 - 18:19
CVE-2007-2045 5.0
Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments.
07-03-2011 - 21:53 16-04-2007 - 18:19
CVE-2007-1749 9.3
Integer underflow in the CDownloadSink class code in the Vector Markup Language (VML) component (VGX.DLL), as used in Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code via compressed content with an invalid buffer siz
07-03-2011 - 21:52 14-08-2007 - 18:17
CVE-2007-1681 7.5