MOS ID^[1]SunSolve ID^[2]Old ID^[3]Older ID^[4]Last UpdatedTitle 1000001.120000210247901-Aug-2006Cross-Site Scripting Vulnerability in Sun ONE and Sun Java System Application Server 1000007.12000081014795754005-Nov-2006CDE dtsession Patches 113240-07, 113240-08, 109354-21, and 109354-22 WITHDRAWN, May Cause Lockscreen to Fail or Hang 1000010.120001310227806-Nov-2006Security Vulnerability in the SunPlex Manager Software Delivered With Sun Cluster 3.1 4/04 1000012.120001510209006-Nov-2006Solaris 10 Sun Update Connection Web Proxy Password Disclosure Vulnerability 1000013.120001610214806-Nov-2006SecurityVulnerabilities in Sun StorEdge Enterprise Backup Software (EBS) 1000015.120001810194916-Oct-2005Security Vulnerability in Solaris 10 Allows Unprivileged User Visibility of Process Working Directories 1000016.120001910216413-May-2010Cross Site Scripting Vulnerability in Sun ONE and Sun Java System Applications 1000019.120002210173915-Jun-2006Simultaneous Multi-Threading Processors May Leak Information 1000021.12000261011735043901-Oct-2010CVS Versions on all Sun Cobalt Legacy Products and Sun Linux 5.0.3 are Vulnerable to a "Double Free" Vulnerability 1000025.12000301011414913113-Apr-2003Security Vulnerability Involving the priocntl(2) System Call 1000027.120003210317906-Jul-2010Security Vulnerabilities in the Apache 1.3 and 2.0 Web Server Daemon and "mod_status" Module May Lead to Cross Site Scripting (XSS) or Denial of Service (DoS). 1000028.120003310317105-Jan-2008Security Vulnerability in FreeType 2 Font Engine May Allow Privilege Escalation Due to Heap Overflow 1000029.12000341012585510119-Jan-2010An Untrusted Applet may Access Restricted Resources 1000030.12000351012575510019-Jan-2010An Untrusted Applet May Access Information From a Trusted Applet 1000032.120004010311221-Oct-2007Vulnerability in Java Runtime Environment Virtual Machine May Allow Untrusted Application or Applet to Elevate Privileges 1000033.120004110307804-Sep-2008Security Vulnerabilities in Java Runtime Environment May Allow Network Access Restrictions to be Circumvented 1000037.120004510308808-Oct-2007Security Vulnerability in the Solaris 10 Virtual File System (VFS) may Lead to a Denial of Service (DoS) Condition 1000039.120005110294229-Oct-2007Sun Fire X2100 M2/X2200 M2 ELOM is Vulnerable to Unauthorized Use as a Proxy For Sending Unsolicited Bulk E-mail (Spam) 1000041.120005410299225-Oct-2007Security Vulnerability in Processing XSLT Stylesheets Affects Sun Java System Application Server and Web Server 1000045.120006010291913-Jun-2007Security Vulnerability in IPv6 Implementation (ip6(7p)) Related to the Handling of IPsec Packets may Lead to a System Panic, Resulting in a Denial of Service (DoS) 1000046.120006110296917-Jun-2007Security Vulnerability in Solaris 10 BIND DNSSEC May Cause a Denial of Service 1000047.120006210252103-Jun-2007Security Vulnerability in Sun Java System Application Server and Sun Java System Web Server May Allow a Remote Unprivileged User to Read Certain Files 1000048.120006410290304-Jun-2007Security Vulnerability in the Logging Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges 1000051.120006710290111-Mar-2008Xorg(1) Contains a Denial of Service Within the X Render Extension's Trapezoid Rendering 1000052.120006810289120-May-2010Security Vulnerability in Sun Remote Services (SRS) Net Connect Software 1000053.120006910300301-Aug-2007Vulnerability in Redirect Functionality Affects Sun Java System Web Server 1000054.120007010272007-Sep-2008Security Vulnerability in GIMP(1) May Lead to Denial of Service (DoS) or Execution of Arbitrary Code 1000055.120007110299609-Jul-2007Security Vulnerability in Java Web Start URL Parsing Code May Allow Untrusted Applications to Elevate Privileges 1000056.120007210299309-Jul-2007Java Runtime Environment Does Not Securely Process XSLT Stylesheets Contained in XML Signatures 1000058.120007410276015-Jul-2007Security Vulnerability in Processing GIF Images in the Java Runtime Environment May Allow an Untrusted Applet to Elevate Privileges 1000063.120007910308425-Sep-2007A Security Vulnerability in the Handling of Thread Contexts in the Solaris Kernel May Allow a Denial of Service (DoS) 1000064.120008010301502-Aug-2007A Security Vulnerability in Processing XSLT Style Sheets Affects Sun Java System Portal Server Software 7.0 1000065.120008110302916-Aug-2007Two Security Vulnerabilities in Solaris 8 Role Based Access Control (rbac(5)) may Allow Unauthorized Remote Access 1000066.120008210276404-Jan-2007Security Vulnerability in the Sun Java System Content Delivery Server May Allow Unauthorized Viewing of Content Details 1000068.120008410290030-Apr-2007Solaris 9 Systems With Solaris Auditing (BSM) Enabled may Panic if Certain Audit Classes are Being Audited 1000070.120008610289602-May-2007Directory Server May Hang Due to a Memory Leak in the Network Security Services (NSS) Software 1000075.120009110278111-Apr-2007RSA Signature Forgery Issues in Mozilla 1.7 for Solaris 8, 9 and 10 1000076.120009210288522-Apr-2007Multiple Security Vulnerabilities in Mozilla Layout Engine for Solaris 8, 9 and 10 1000079.120009510276613-Mar-2007Multiple Security Vulnerabilities in the gzip(1) Command May Lead to Denial of Service (DoS) or Execution of Arbitrary Code 1000082.120009810273308-May-2008Security Vulnerability With HTTP Requests in Sun Java System Server(s) 1000084.120010010270530-Jan-2007Security Vulnerabilities (Integer Overflows and a Denial of Service) in the FreeType 2 Font Engine 1000085.120010110272807-Feb-2007Security Vulnerability in the kcms_calibrate(1) Command 1000087.120010310279612-Feb-2007A Security Vulnerability in the TCP Implementation of Solaris 10 Systems May Result in a System Panic Under High TCP/IP Traffic 1000089.120010510256929-Jan-2007On Solaris 10 a System Panic Due to a Race Condition May OccurWhen SNMP Queries are Processed (such as when netstat(1M) or ifconfig(1M) are run) 1000090.120010610272918-Dec-2006Security Vulnerabilities in the Java Runtime Environment may Allow Untrusted Applets to Elevate Privileges and Execute Arbitrary Code 1000092.120010810226806-Nov-2006Security Vulnerability in Sun Grid Engine/N1 Grid Engine rsh(1) Binary 1000101.12001391012665534020-Jul-2003Automountd(1M) May Stop and/or OpenSSH May Experience Authentication Issues 1000102.12001401012065208119-Jan-2010On Sun Linux and Cobalt Legacy Products, an Unauthorized Local User May be Able to Gain Root Access Rights Due to an Issue With The ptrace() Function 1000103.12001411012945588124-Jan-2010Sun Linux 5.0 Buffer Overflow in Window Maker 0.80.0 and Earlier 1000105.12001451013715740019-Jan-2010Vulnerability in Solaris "AnswerBook2 Documentation Server" Admin Script 1000108.12001501012445418128-Apr-2003A System Wide Denial of Service May be Caused Through The in.telnetd(1M) Daemon 1000111.120015310320031-Jan-2008Multiple Security Vulnerabilities in the Solaris X Server Extensions May Lead to a Denial of Service (DoS) Condition or Allow Execution of Arbitrary Code 1000113.12001561008792751310-Apr-2003Buffer Overflow in XView 1000116.12001611012555506024-Jan-2010Access Control List (ACL) Permissions May Not be Consistently Set on New VERITAS File System (VxFS) Files 1000117.120016210307221-Oct-2007An Untrusted Java Web Start Application or Java Applet May Move or Copy Arbitrary Files by Requesting the User to Drag and Drop a File from Application or Applet Window to a Desktop Application 1000118.120016310305511-Feb-2008Security Vulnerability in Solaris 8 Directory Functions 1000120.120016510306507-Oct-2007Security Vulnerability in the vuidmice(7M) STREAMS Modules May Lead to a Denial of Service (DoS) Condition 1000121.12001661011665024013-Mar-2003Solaris FTP Server (in.ftpd(1M)) is Vulnerable to Denial of Service Attack 1000122.12001671012075210219-Jan-2010Sun ONE Directory Server may be Terminated by Unprivileged LDAP Client Operations 1000123.12001681012085211120-Mar-2003On Solaris 9 a Security Issue with the newtask(1) Command May Lead to Unauthorized Root Access 1000125.12001711011765060324-Jan-2010Sun ONE/iPlanet Web Server Enable HTTP TRACE Method by Default 1000128.12001741011885108123-Feb-2003In Debug Mode, the ftp(1) Command Displays the Password on Screen in Clear Text 1000129.12001751011895108226-Feb-2003RPC Services Using TCP Ports are Susceptible to Denial of Service Attacks 1000130.12001761010304454127-Feb-2003Solaris admintool(1M) Media Installation Path Buffer Overflow 1000132.12001781011625008319-Jan-2010Java Virtual Machine May Allow Illegal Access to Protected Fields or Methods 1000133.12001791011815075109-Feb-2003Security Vulnerability in mail(1) in Solaris 1000135.12001811014295747620-May-2010Security Vulnerability in SunForum Involving the H.323 Protocol 1000136.120018210294728-Nov-2007A Security Vulnerability Resulting From Solaris 10 fcp(7D) and devfs(7FS) Interaction May Allow Certain File Operations to Cause a System Hang 1000137.120018310250807-Feb-2008Security Vulnerability May Allow Firewall Compromise or Creation of Denial of Service (DoS) Condition 1000138.12001841015275759524-Jan-2010Sparse Files Written to Shared Sun StorEdge QFS or Sun StorEdge SAM-QFS File Systems May Contain Deleted File Content 1000139.120018510301121-Oct-2007Security Vulnerability in Mozilla 1.7 May Allow Arbitrary JavaScript Commands to be Run 1000144.120019010299415-Oct-2007Manipulated TIFF Files or Documents Containing Manipulated TIFF Files May Lead to Heap Overflows and Arbitrary Code Execution 1000145.120019110311826-Jun-2008Two Security Vulnerabilities in the bzip2(1) Command may Allow the Permissions of Arbitrary Files to be Modified or Allow for Arbitrarily Large Files to be Created 1000148.120019610264822-Oct-2010Security Vulnerability in RSA Signature Verification Impacting Multiple SUN Products 1000150.120019810291401-Jul-2007A Security Vulnerability in the Implementation of the RPCSEC_GSS API Affects the Kerberos Administration Daemon (kadmind(1M)) 1000151.120019910290204-Jun-2007Security Vulnerability in the Authentication Mechanism for Solaris Management Console (SMC) May Lead to Escalation of Privileges 1000156.12002051014265747321-May-2006Security Vulnerabilities in "Safe.pm" and "CGI.pm" Perl Modules 1000159.120020810202428-May-2006Security Vulnerability in Sun N1 System Manager 1.1 1000162.120021110201623-Apr-2006The Solaris Management Console (SMC) Enables TRACE HTTP by Default 1000163.120021210203323-Apr-2006Vulnerabilities in lpsched(1M) May Allow an Unprivileged User to Remove System Files or Disable the LP Service 1000176.120022510181031-Jan-2006Security Vulnerability in the Kerberos krb5_recvauth() Library Routine 1000177.12002261015495761901-Feb-2006X Display Manager (xdm(1)) May Crash Due to Invalid XDMCP Request 1000180.120022910190512-Sep-2005Security Vulnerability in Sun Java System Application Server Exposes Contents of "jar" File of Deployed Web Applications 1000188.120024110184109-Aug-2005Updated Solaris 8 Patches for Apache Security Vulnerabilities 1000190.120024310189918-Sep-2005A Security Vulnerability in the Solaris 10 "tl" Driver May Allow a Local Unprivileged User the Ability to Panic the System 1000193.120024610195302-Oct-2005Security Vulnerability in XFree86 Server for JDS 1000197.120025010189722-Aug-2005Security Vulnerability in Solaris 10 "DHCP" Clients 1000200.12002551016525774020-May-2010Security Vulnerability With Java Web Start (J2SE 5.0) 1000201.12002561016235770614-Dec-2004Security Vulnerability in the kcms_configure(1) Command May Allow Local Users the Ability to Modify Any File on the System 1000204.12002601016155769602-Dec-2004Security Vulnerability When sendmail(1) Does Not Check Length of DNS Replies 1000205.12002611015785765519-Jan-2010The FTP Daemon of Heimdal is Vulnerable to Multiple Signal Handler Race Conditions 1000208.12002661015675764319-Jan-2010Netscape NSS Library Vulnerability Affects Sun Java Enterprise System 1000212.12002731014545750923-Feb-2004Security Vulnerability in "/usr/lib/print/conv_fix" May Allow Unauthorized Privileges and/or Denial of Service 1000218.12002921014085745108-Dec-2003Security Vulnerabilities in Solaris Printing 1000224.120029910180724-Jul-2005Security Vulnerability In the Multilanguage Environment Library "libmle" Shipped with the Japanese Locale 1000230.12003051016505773724-Jan-2010Security Vulnerabilities in Solaris AnswerBook2 Documentation 1000232.12003071016395772517-Jan-2005A Local or Remote Unprivileged User May be Able to Cause a Denial of Service (DoS) of an FTP Server 1000235.120031010194003-Oct-2005Security Vulnerability in Solaris UFS When Logging is Enabled 1000238.12003141016545774224-Jan-2010Cross Site Scripting Vulnerability in Sun Java System Application Server 1000239.12003161016275771016-Dec-2004Security Vulnerability in the newgrp(1) Command May Allow Unauthorized Root Privileges 1000241.12003251015825765917-Oct-2004Security Vulnerability in the in.rwhod(1M) Daemon 1000244.12003331015375760619-Jan-2010Buffer Overflow Vulnerabilities in Sun Java System Web Proxy Server 3.6 Service Pack 4 1000245.12003361014825754504-Apr-2004A Security Vulnerability With the Solaris TCP/IP Networking Stack May Allow an Unprivileged User to Cause a Denial of Service 1000250.12003551013445686029-Sep-2003sendmail(1M) Buffer Overflow Vulnerability in Address Parsing Function prescan() 1000251.12003561013645722120-May-2010A Vulnerability in JRE May Allow an Untrusted Applet to Escalate Privileges 1000252.12003581013115616124-Jan-2010Sun Linux Vulnerability in VNC Package May Allow Local or Remote Unauthorized Access 1000253.12003601011074778401-Oct-2010Sun Linux/Sun Cobalt Security Vulnerability in "fetchmail" 1000254.12003611012845566019-Jan-2010Sun Linux 5.0 Security Vulnerability With SSL Enabled Software May Allow "Man-in-the-Middle" Attack on KDE Software 1000257.12003641014285747524-Jan-2010SunPlex (Sun Cluster) Multiple Security Vulnerabilities in OpenSSL Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Protocols 1000258.12003661012755554025-Feb-2004Solaris 8 and Solaris 9 NIS Clients May Not Allow Users With +/-Passwd Syntax Entries to Login 1000259.12003671013985743429-Jan-2004Remote Denial-Of-Service Vulnerability in BIND DNS Daemon (in.named) 1000262.12003701014455749705-Feb-2004Security Vulnerability in Solaris Systems With Basic Security Module (BSM) Configured to Audit the "ad" or "as" Audit Class 1000267.12003771014885755106-May-2004Memory Leak in llc1(7D) Driver and Utilization of kstat(1M) on Solaris 9 May Cause a System Panic 1000268.12003781014045744103-Dec-2003Security Vulnerability in dtprintinfo(1) 1000271.120038610191818-Sep-2008Security Vulnerability in the Logging Output of Sun Java System Access Manager 1000272.120038710294310-Oct-2007Multiple Memory Corruption Vulnerabilities in Mozilla 1.7 for Solaris 8, 9, and 10 1000275.120039010286623-Sep-2007Security Vulnerability in the IP Implementation for Solaris 8 and 9 May Allow a Denial of Service 1000277.120039210302414-Aug-2007Vulnerability in the Java Runtime Environment Font Parsing Code may Allow an Untrusted Applet to Elevate Privileges 1000290.120040510195204-Mar-2007Multiple Security Vulnerabilities in Mozilla 1.4 1000292.120040710266429-Jan-2007A "Use-after-free" Vulnerability in Sendmail Versions Before 8.13.8 may Allow a Denial of Service (DoS) 1000295.12004101014785753917-Jan-2007Security Vulnerability Involving the Common Desktop Environment (CDE) dtlogin(1X) Command When Parsing XDMCP Requests (CERT VU#179804) 1000297.120041210271311-Nov-2008A Security Vulnerability in Solaris libnsl(3LIB) may lead to a Denial of Service (DoS) to the rpcbind(1M) Service 1000298.120041310265228-Jan-2007Security Vulnerability in X Display Manager (xdm(1)) Xsession Script 1000299.120041410269729-Jan-2007A Security Vulnerability in Solaris 10 ICMP Handling May Allow a SystemPanic and Result in Denial of Service (DoS) 1000301.120041610249706-Nov-2006Security Vulnerability in Webmail May Allow Messages Embedded With Javascript to be Executed in End User's Browser 1000304.120042010249618-Oct-2006Security Vulnerability May Allow a Local Unprivileged User to Partially Read Arbitrary Files 1000305.120042210246027-Aug-2006A Security Vulnerability in sendmail(1M) Versions Prior to 8.13.7 May Allow a Denial of Service (DoS) To Occur 1000308.120042510269301-Nov-2006Security Vulnerability With Graphics Driver for Solaris 10 and Linux on Certain Systems 1000310.120042810204107-Nov-2006Security Vulnerability in the libexif JPEG Image Processing Library 1000311.120042910205407-Nov-2006Security Vulnerability in Symantec/VERITAS NetBackup 1000315.120043310201205-Nov-2006Security Vulnerability With Sun Java System Application Server Reverse SSL Proxy Plugin 1000317.120043510198713-Oct-2005Security Vulnerability May Allow a Local Unprivileged User to Cause a System Panic in the "/proc" Filesystem 1000320.12004381012165244310-May-2006Solaris Security Vulnerability due to a Buffer Overflow in lpq(1B) 1000324.120044310210826-Apr-2006Security Vulnerability Using find(1) to Search "/proc" May Cause a Denial of Service (DoS) Condition 1000329.120044810221520-Apr-2006Security Vulnerability With The "/usr/ucb/ps" Command 1000334.120045310278214-Feb-2007Security Vulnerability in rm(1) may Lead to Unauthorized Deletion of Files or Directories 1000335.120045410277322-Jan-2007Security Vulnerabilities in the tip(1) Command May Allow Execution of Arbitrary Code With Elevated Privileges 1000336.120045510273118-Dec-2006Security Vulnerabilities Related to Serialization in the Java Runtime Environment may Allow Untrusted Applets to Elevate Privileges 1000337.120045610273218-Dec-2006Security Vulnerabilities in the Java Runtime Environment may Allow an Untrusted Applet to Access Data in Other Applets 1000339.120045910192402-Jan-2007Security Vulnerability in the Sun Ray Utility utxconfig(1) 1000340.120046010214906-Nov-2006Security Vulnerability in x64 Kernel Processing may Cause a System Panic 1000341.120046310232426-Sep-2006Sun Cobalt sendmail(8) Security Issue Involving Signal Handling Daemon 1000345.120046710250902-Aug-2006Security Vulnerability in Sun's Internet Protocol (IP) Implementation May Allow Local Users to Bypass the Routing Table 1000349.120047110267030-Oct-2006A Vulnerability in Network Security Services (NSS) Affects Sun Java System Web Server and Sun ONE Application Server 1000350.12004721016435773005-Nov-2006Security Vulnerability in Samba(7) Versions Prior to 3.0.10 May Allow Unauthorized Root Privileges 1000352.120047410265706-Dec-2006Security Vulnerability With RSA Signature Affects the Sun Secure Global Desktop Software 1000354.120047610251906-Nov-2006Security Vulnerability Due to Buffer Overflow in The format(1M) Command May Allow Privilege Elevation For Certain RBAC Profiles 1000358.120048010188112-Oct-2005Security Vulnerabilities In Solaris 10 SCTP Socket Option Processing 1000359.120048110198913-Oct-2005Netscape NSS Tools Vulnerability Affects Sun Java Enterprise System and Solaris 1000361.120048310220626-Jul-2006Solaris Hosts are Vulnerable to a Denial of Service Induced by an Internet Transmission Control Protocol (TCP) "ACK Storm" 1000364.120048610250312-Jul-2006Security Vulnerability in the X Inter Client Exchange Library (libICE) 1000366.120048810211722-May-2006Security Vulnerability in PC Netlink 2.0 "slsadmin" May Allow Files to be Opened Insecurely 1000372.120049410226203-Jan-2010Security Vulnerability in sendmail(1M) Versions Prior to 8.13.6 1000375.12004971015935767318-Apr-2006Security Vulnerability With ARP Handling Could Cause System to Hang 1000387.12005091016745776614-Apr-2005Certain Network Services Disruptions or "Spoofs" Could Occur as a Result of Possible Network Port Theft 1000388.12005101016915778604-May-2005automountd(1M) May Stop When Accessing "/xfn/_x500" 1000389.12005121016645775419-Jan-2010The Sun ONE and Sun Java System Directory Servers Contain a Buffer Overflow in the Access Control Implementation for LDAP Requests 1000395.120051810181627-Oct-2005Security Vulnerabilities in the gzip(1) Command 1000396.120051910179430-Oct-2005Security Vulnerability in the Solaris Runtime Linker (ld.so.1(1)) 1000399.120052210196009-Oct-2005Security Vulnerability Involving the umount(8) Utility 1000401.120052410188631-Aug-2005Security Vulnerabilities in the Sun StorEdge Enterprise Backup Software 1000404.12005291016135769419-Jan-2010Security Vulnerability When Samba Trims Certain Directory Names Down to Absolute Paths 1000408.12005361015445761426-Jul-2004The in.named(1M) Process May Die Upon Receiving Dynamic Updates 1000410.12005381013085612107-Sep-2003Security Vulnerability in the Solaris 9 in.ftpd(1M) Server May Allow Unauthorized "root" Access 1000411.12005391013035604004-Aug-2003Sun Linux 5.0 Vulnerability in "file" Utility May Allow a Local Unprivileged User to Execute Arbitrary Code 1000412.12005401013045604104-Aug-2003Sun Linux 5.0 Security Vulnerability in "fileutils" Package May Give Local Users Unauthorized Privileges 1000413.12005421013165630007-Aug-2003Solaris 2.6 and 7 cachefs Patches May Overwrite the inetd.conf(4) File 1000417.12005491013725740424-Jan-2010Security Vulnerability Issues With Solstice X.25 snmpx25d daemon 1000418.12005501013735740516-Oct-2003Security Vulnerability in Solaris zlib(libz(3)) Compression Library Function gzprintf() 1000421.12005531012695542017-Jun-2003A Buffer Overflow Vulnerability in the dbm_open(ndbm(3C) and dbm(3UCB)) and dbminit(3UCB) Database Functions May Allow Unauthorized Root Privileges 1000425.120055810318008-Sep-2008Multiple Security Vulnerabilities in the Sun Java System Identity Manager May Allow HTML Injection, Cross-Site Scripting Exploits or Unauthorized Redirection 1000426.120055910319704-Feb-2008Multiple Security Vulnerabilities in PostgreSQL Shipped with Solaris 10 May Allow Elevation of Privileges or Denial of Service (DoS) 1000430.12005641012305358015-Apr-2003Security Vulnerability in Samba(7) Versions 2.2.2 Through 2.2.6 May Allow Remote User Unauthorized Privileges 1000433.12005671012605514119-Jan-2010Sun Management Center (SunMC) May Create Directories or Files Writable by Unpriveleged Users 1000440.12005761011845090417-Feb-2003Sun sendmail(1M) does not Handle Some ".forward" Constructs Correctly 1000442.120058010315329-Nov-2007Users in lx(5) Branded Zones May be Able to Panic Solaris 10 x86 Systems 1000443.120058110311920-May-2010Security Vulnerability in the Sun Remote Services (SRS) Net Connect Software 1000444.120058210314306-Nov-2007A Security Vulnerability in Solaris Volume Manager (SVM) May Allow a Denial of Service (DoS) 1000447.120058510274707-Nov-2007Security Vulnerabilities in OpenSSL May Lead to a Denial of Service (DoS) to Applications 1000449.120058710312121-Oct-2007Multiple Memory Corruption Vulnerabilities in Layout Engine for Mozilla 1.7 1000450.120058810296423-Oct-2007Multiple Security Vulnerabilities in samba(7) May Allow Remote Code Execution, Elevation of Privileges, Remote Shell Command Execution, or Denial of Service (DoS) 1000452.120059010308212-Oct-2007Security Vulnerability in the Solaris RPC Services Library (librpcsvc(3LIB)) may Lead to a Denial of Service (DoS) Against Networked File Systems 1000453.120059110287403-Sep-2007A Security Vulnerability in Sun Cluster Software may Lead to Data Corruption and "send_mondo" Panics 1000454.120059210288625-Jul-2007Multiple vulnerabilities in libfreetype, Xsun(1) and Xorg(1) 1000456.120059410292625-Jun-2007Security Vulnerability in the Solaris libsldap Library May Allow a Denial of Service to nscd(1M) 1000457.120059510283403-Jun-2007A Security Vulnerability in How xscreensaver(1) Interacts With GNOME Assistive Technology May Allow Arbitrary Command Execution 1000459.120059710291123-May-2007Security Vulnerability in NFS Client Module May Lead to a Denial of Service Condition 1000460.120059810292128-May-2007A Security Vulnerability in the Solaris 10 inetd(1M) Service May Lead to a Denial of Service (DoS) Condition 1000461.120059910299709-Jul-2007Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition 1000466.120060410298514-Aug-2007Security Vulnerability in the Kerberos Administration Daemon (kadmind(1M)) May Lead to Arbitrary Code Execution 1000467.120060510297119-Aug-2007Multiple Memory Corruption Vulnerabilities in Mozilla 1.7 for Solaris 8, 9 and 10 1000468.120060610298820-Aug-2007Security Vulnerabilities in the ata(7D) Disk Driver May Lead to a Denial of Service Condition 1000470.120060810273508-Jan-2007Security Vulnerability With StarOffice/StarSuite Versions 6, 7 and 8 Related to the '.wmf' File Format 1000472.120061010265608-Nov-2006Security Vulnerability Issue of Forged RSA Signatures for Java Enterprise System and Solaris 1000474.120061210174028-Nov-2006Solaris 10 Security Issue With C Library (libc(3LIB)) and libproject(3LIB) 1000475.120061310290929-May-2007Cross-site Scripting Vulnerability in Sun Java System Messaging Server 1000482.120062010282825-Apr-2007Security Vulnerability in the Sun Fire X2100M2 and X2200M2 Implementation of IPMI 1000486.120062410214022-Mar-2007Security Vulnerability in Sun Java System Access Manager May Allow Administrator Access to Users Logged in As Root 1000489.120062710266228-Feb-2007Security Vulnerabilities in the Apache 2.0 Web Server "mod_rewrite", "mod_imap" and "mod_ssl" Modules 1000492.120063010276305-Feb-2007Multiple Security Vulnerabilites in Mozilla 1.7 for Solaris 8, 9, and 10 1000496.120063510316405-Feb-2008Security Vulnerability in the vuidmice(7M) STREAMS Modules May Lead to a System Panic 1000498.120063710314110-Dec-2007Manipulated Database Documents for StarOffice/StarSuite 8 May Lead to Arbitrary Code Execution 1000501.12006401011124790313-Apr-2003Security Vulnerability in the ypserv(1M) and ypxfrd(1M) Daemons 1000502.120064110316527-Jan-2008A Security Vulnerability in libdevinfo(3LIB) May Allow Unauthorized Access to Files on the System 1000503.120064210311428-Jan-2008Multiple Security Issues Within The X Font Server (xfs(1)) QueryXBitmaps and QueryXExtents Protocol Handlers 1000506.120064710306101-Oct-2007Security Vulnerability in Solaris Named Pipes (pipe(2)) May Allow Unauthorized Data Access 1000507.120064810300220-Dec-2007Cross-site Scripting Vulnerability in Sun Java System Web Server and Web Proxy Server 1000511.12006541011615008121-May-2010Incorrect Certificate Validation in Java Secure Socket Extension (JSSE), Java Plug-In and Java Web Start 1000515.12006581011104781501-Jan-2003NFS Denial of Service can be Caused by a Client Application Killing the lockd(1M) Daemon 1000516.12006591011775062605-Feb-2003Certain UDP RPC Packets May Cause a Denial of Service in Solaris 1000518.120066110308327-Nov-2007Race Condition in the Solaris Remote Procedure Calls (RPC) Module May Result in a System Panic 1000520.12006631016035768308-Nov-2007Security Vulnerability in Netscape 6.x and 7 With PNG Files 1000524.120066710312728-Oct-2007Sun Fire X2100/X2200 M2 Servers ELOM Software is Vulnerable to Arbitrary Command Execution 1000531.120067610286516-Apr-2007Security Vulnerability in Mozilla 1.7 JavaScript Engine for Solaris 1000532.12006771013385672016-Apr-2007GNOME 2.0 XScreenSaver Will Not Lock as Root 1000533.120067810283508-Mar-2007Security Vulnerability When Using java.policy With RMI-IIOP 1000539.120068410277924-Jan-2007Security Vulnerability in the Sun Ray Server Software Admin GUI 1000542.12006871016995779520-Dec-2006Security Vulnerability in the WU-FTPD "wu_fnmatch" Function May Result in a Denial of Service (DoS) 1000543.120068810217106-Nov-2006Security Vulnerabilities in the Java Runtime Environment may Allow an Untrusted Applet to Elevate its Privileges 1000544.120069010219807-Sep-2006Security Vulnerabilities in the Apache 2 Web Server 1000558.120070410279416-May-2007Due to a Security Vulnerability in StarOffice, Manipulated StarCalc 1.0 Files May Allow Arbitrary Code Execution 1000560.120070810269606-Apr-2008A Security Vulnerability in RSA Signature Verification Affects Sun Java System Application Server, Proxy Server and Web Server 1000565.120071310289428-May-2007Security Vulnerability in PostgreSQL SECURITY DEFINER Functions May Allow Escalation of Privileges 1000566.120071410272529-May-2007A Malformed Packet Received by snmpd(1) via TCP may Cause a Denial of Service (DoS) 1000568.120071710229402-May-2007Sun Java System Directory Server: Denial of Service May Occur Due to Large Memory Allocation for Specific LDAP Requests 1000569.120071810286906-May-2007Security Vulnerability Relating to the acl(2) System Call May Allow Denial of Service (DoS) to the System 1000570.12007201015055757331-May-2004Buffer Overflow in sendmail(1M) Ruleset Parsing May Result in Unauthorized Privileges 1000574.12007261014275747411-Jan-2004Security Vulnerability Involving the tcsetattr(3C) Library Function on SPARC Based Systems 1000579.12007391014925755519-May-2010Java Runtime Environment Remote Denial of Service (DoS) Vulnerability 1000584.12007441014065744419-Jan-2010Sun Grid Engine 5.3 Software May Experience Security Vulnerabilities in OpenSSL 1000588.12007651013515692223-Sep-2003Sun Linux 5.0 sendmail(1M) Buffer Overflow Vulnerability 1000590.12007721012385392219-Jan-2010Quick Removal of a Sun Ray Smartcard May Leave Desktop Session Open 1000591.12007731012895576024-Jan-2010Sun Linux 5.0 Vulnerability in pam_xauth(8) Module May Allow Forwarding of Root Authorization to Unprivileged Users 1000594.12007771011955140024-Jan-2010Sun Linux and Cobalt Legacy Products are Vulnerable to a sendmail(1M) Buffer Overflow 1000595.12007781012785560119-Jan-2010On Sun Linux, an Unauthorized Remote User May be Able to Execute Arbitrary Commands With the "xpdf" User's Privileges 1000601.12007851013455686109-Oct-2003Secure Shell Daemon (sshd(1M)) Buffer Management Security Vulnerability 1000602.12007861013695734012-Oct-2003Solaris Security Vulnerability Involving the sysinfo(2) System Call 1000604.12007891013815741429-Apr-2004Buffer Overflow Vulnerability in the CDE DtHelp Library May Allow Unauthorized "root" Access 1000605.12007901014775753801-Apr-2004The Sun Secure Shell Daemon (sshd(1M)) May Fail to Log SSH Client IP Addresses 1000606.12007911014105745309-Dec-2003The pfexec(1) Command May Execute a "Profile" Command With Additional Privileges 1000608.12007931012105222211-Dec-2003In Solaris 8 and Solaris 9 a Buffer Overflow in the LDAP Name Service May Lead to Unauthorized Root Access 1000609.12007941013745740621-Oct-2003NFS Server May Panic Upon Receipt of Certain Invalid Client Requests 1000610.12008061012625522124-Jan-2010Sun One Application Server May Disclose JSP Source 1000611.12008101013935742803-Sep-2008TCP Port Conflict Between Sun Cluster for OPS/RAC and Solaris Secure Shell Server, and Possible Denial of Service Attack by Unprivileged Users Upon Sun Cluster 1000612.12008131012995594024-Jan-2010Sun Linux 5.0 CRLF Injection Vulnerability in Lynx 2.8.4 and Earlier 1000613.12008141012715546019-Jan-2010Sun ONE Application Server May Incorrectly Validate User Authentication Information With LDAP 1000614.12008151012885574010-Jul-2003Sun Linux 5.0 Buffer Overflow Vulnerability In "Pine" May Allow Remote Unprivileged Users to Cause a Denial of Service 1000620.12008211013465686224-Jan-2010Sun Linux Vulnerability in OpenSSH May Allow a Remote Unprivileged User to Execute Arbitrary Code 1000621.12008221012425410024-Apr-2003Security Vulnerability With The lofiadm(1M) Command in Solaris 8 1000622.12008231010864672424-May-2010The PHP on Sun/Cobalt Platforms Have Exploitable Vulnerabilities 1000624.12008251011985188407-May-2003Security Vulnerability in the Network Services Library, libnsl(3LIB), Affecting rpcbind(1M) 1000625.12008281012215262008-Apr-2003sendmail(1M) Parses Addresses Incorrectly in Certain Corner Cases 1000630.120083710307121-Oct-2007Java Runtime Environment (JRE) May Allow Untrusted Applets or Applications to Display An Oversized Window so that the Warning Banner is Not Visible to User 1000631.120083810286325-Sep-2007Security Vulnerability in StarOffice 8 May Lead to Heap Overflow and Arbitrary Code Execution 1000632.120083910306909-Sep-2009Installation of Sun Java System Access Manager 7.1 on Sun Java System Application Server 9.1 or 8.x May Compromise Application Server Security 1000634.120084110307302-Oct-2007Multiple Security Vulnerabilities in Java Web Start Relating to Local File Access 1000637.120084410315001-Jan-2008A Security Vulnerability in unzip(1L) May Set Unintended Permissions on Extracted Files 1000642.120085110308728-Oct-2007Security Vulnerability in the Solaris 10 Internet Protocol (ip(7P)) may Lead to a Denial of Service (DoS) Condition 1000647.120085610293421-Oct-2007Security Vulnerabilities in the Java Runtime Environment Image Parsing Code May Allow a Untrusted Applet to Elevate Privileges 1000648.120085810313012-Feb-2008Security Vulnerability in Solaris 10 OpenSSL SSL_get_shared_ciphers() Function 1000649.120085910306317-Feb-2008Security Vulnerability in BIND 8 May Allow Cache Poisoning Attack 1000653.120086310294824-Jul-2007A Security Vulnerability in lbxproxy(1) may Allow Unauthorized Read Access to Files 1000654.120086410279819-Jan-2010Security Vulnerability in the TCP Implementation of Solaris Systems May Allow a Denial of Service When Accepting New Connections While Undergoing a TCP "SYN Flood" Attack 1000655.120086510291714-Jun-2007Security Vulnerability with Manipulated RTF Files May Lead to Heap Overflows and Arbitrary Code Execution 1000657.120086710296126-Jun-2007Security Vulnerability in scp(1) May Allow Execution of Unintended Commands 1000659.120087010295727-Jun-2007Security Vulnerability With Java Web Start May Allow Application to Escalate Privileges 1000660.120087110298704-Nov-2009libpng(3) Contains a Denial of Service (DoS) Vulnerability 1000664.120087510287612-Jun-2007Security Vulnerability in Sun Java System Directory Server Leaks Information About Existence of Attributes 1000665.120087610310908-Oct-2007Security Vulnerabilities in the Solaris Trusted Extensions "labeld" Service May Lead to a Denial of Service (DoS) Condition 1000666.120087710178305-Nov-2006Security Vulnerability in Samba's "ms_fnmatch()" Function May Result in a Denial of Service (DoS) 1000667.120087810266716-Oct-2006Security Vulnerability in the Solaris 10 TCP Fusion Code May Lead to a System Panic, Resulting in a Denial of Service (DoS) 1000671.120088310255710-Jun-2010Java Plug-in and Java Web Start May Allow Applets and Applications to Run With Unpatched JRE 1000673.12008851016655775505-Nov-2006Buffer Overflow in telnet(1) Client Software 1000679.120089110228627-Jul-2006A Local Unprivileged User May be Able to Cause a Denial of Service (DoS) to Solaris 10 Hosts via the "/net" Mount Point 1000684.12008961014535750810-May-2006Multiple Buffer Overflows in "/usr/bin/uucp" May Allow Unauthorized uucp(1C) User ID Access 1000693.12009061015585763101-Feb-2006Security Vulnerabilities in the Kerberos Key Distribution Center (KDC) Daemon and Kerberos V5 Libraries 1000700.120091810179909-Aug-2005Security Vulnerability in JRE Plug-in affects the Sun Java Desktop System for Linux 1000702.120092010169005-Jun-2005A Security Vulnerability in Sun ONE Application Server May Disclose Files 1000707.120092510178221-Sep-2005Mulitple Security Vulnerabilities in Oracle Affect SunMC 1000714.12009351016535774124-Jan-2010Security Vulnerability With Java Plug-in in JRE/SDK for JDS 1000718.12009421015905767019-Jan-2010Security Vulnerability With The HTTP TRACE Functionality in Sun Java System Application Server 1000726.12009571014315747919-Jan-2004Security Vulnerability With Loading Arbitrary Kernel Modules in Solaris Kernel 1000727.12009581014255747227-Jan-2004Security Vulnerability in ASN.1 May Affect Solaris Internet Key Exchange (IKE) 1000732.12009711016795777124-Jan-2010A Limited Number of Sun StorEdge 6130 Arrays May be Vulnerable to Unauthorized Access 1000734.12009741016705776019-Jan-2010Sun Java System Web Server Denial-of-Service Vulnerability 1000736.120097810184208-Aug-2005Security Vulnerability in the "printd" Daemon 1000738.12009801015845766412-Jun-2005Security Vulnerabilities in Samba May Allow Unauthorized Root Privileges 1000743.12009861015135758119-Jan-2010Systems With Sun StorEdge Enterprise Storage Manager 2.1 Installed May Allow an Unprivileged Local User to Gain Root Access 1000744.12009881014965755909-May-2004The Solaris Management Console (smc(1M)) Server May Disclose Information About Files on a Solaris System 1000745.12009891014915755411-May-2004Solaris 9 Patches WITHDRAWN - Security Vulnerability With ypserv(1M) and ypxfrd(1M) 1000749.12009941016325771703-Jan-2005SMC Default Configuration GUI Creates User Accounts With Blank Password Instead of Locked Account 1000751.12009981015805765713-Oct-2004Security Vulnerability When Using LDAP In Conjunction With RBAC 1000752.12009991015815765824-Jan-2010Security Vulnerabilities Involving the utempter(8) Utility 1000757.12010051015705764624-Jan-2010Security Vulnerabilities in Common Unix Printing System (CUPS) May Allow a Remote Unprivileged User to Execute Arbitrary Code 1000758.12010061015725764819-Jan-2010Security Vulnerabilities in ImageMagick(1) May Allow a Remote Unprivileged User to Execute Arbitrary Code 1000761.12010091015365760524-Jan-2010Vulnerability In Sample Application Included With Sun Java System Web Server 1000762.12010101015435761319-Jan-2010Java Runtime Environment May Allow Untrusted Applets to Escalate Privileges 1000763.12010111015035757131-May-2004Sun Crypto Accelerator 4000 v1.0 Software May be Susceptible to OpenSSL Security Vulnerabilities 1000766.12010291013605710019-Jan-2010Sun Linux Multiple Security Vulnerabilities in OpenSSL 1000767.12010301013025602019-Jan-2010Sun ONE Application Server May Disclose JSP Source 1000768.12010311012745552023-Jun-2003BSM Enabled (bsmconv(1M)) Systems With Third Party Login Mechanisms May Experience cron(1M) or at(1) Failures 1000771.12010351012915580013-Jul-2003Fix for Security Vulnerability in dtsession(1X) May Be Lost 1000776.12010421014305747821-Jan-2004Solaris 9 patches 114332-08 and 114929-06 are WITHDRAWN - Patches Disable the Auditing Functionality on Basic Security Module (BSM) Enabled Systems 1000778.12010471013395674017-Mar-2004Security Issue Involving the Solaris sadmind(1M) Daemon 1000782.120105910288309-Oct-2007Security Vulnerability in the Human Interface Device (HID) Class Driver for Solaris 1000788.120106510284729-Apr-2007Multiple Security Vulnerabilities in Adobe Reader May Lead to Execution of Arbitrary Code 1000789.120106610289502-May-2007Security Vulnerability in Sun Java System Directory Server May Cause Denial of Service (DoS) 1000794.12010721016775776903-May-2009Multiple Security Vulnerabilities in libtiff(3) 1000798.120107610262126-Feb-2007Cross-site Scripting Vulnerability in Sun Java System Access Manager 1000800.120107810264001-Mar-2007Security Vulnerability in Apache 2 Web Server Module 'mod_ssl' 1000801.120107910266301-Mar-2007Security Vulnerabilities in the Apache 1.3 Web Server "mod_rewrite" and "mod_imap" Modules 1000809.120108710219206-Nov-2006Integer Overflow Vulnerability in Perl May Lead to Application Crash or Code Execution 1000811.120109010259310-Sep-2006Security Vulnerability in the Sun Java System Content Delivery Server May Allow Unauthorized Data Access 1000812.120109110256825-Sep-2006A Security Issue With Solaris 10 x64 Systems Using IPv6 Forwarding May Result in a Denial of Service (DoS) 1000818.120109710214405-Oct-2006Vulnerability With Solaris IPv6 May Allow a Remote User the Ability to Create a Denial of Service Condition 1000819.120109810260605-Oct-2006Security Vulnerability in Solaris 10 Link Aggregation may Allow Local Users Total Access to Network Packets 1000821.120110110251306-Nov-2006pkgadd(1M) May Set Incorrect Permissions if The pkgmap(4) File Contains a "?"in The "Mode" Field 1000822.120110210201707-Nov-2006Security Vulnerability With Java Management Extensions in the Java Runtime Environment may Allow Untrusted Applet to Elevate Privileges 1000824.120110410203007-Nov-2006The in.named(1M) Process May Make Unnecessary Queries Causing a Denial of Service 1000826.12011061016715776105-Nov-2006Buffer Overflow in telnet(1) Client Software Also Affects Kerberized Telnet 1000830.120111010230512-Jun-2006Security Vulnerability With Sun StorADE Version 2.4 Installation 1000831.120111110206820-May-2010Security Vulnerability in Sun Java System Communications Services 6 Delegated Administrator 2005Q1 1000832.120111210206623-Apr-2006Security Vulnerability May Allow An Unprivileged Local User to Gain Root Access or Panic the OS 1000835.120111510229212-Apr-2006Sun Java Studio Enterprise 8 May Create World-Writable Files When Installed by Root 1000837.120111710215917-Apr-2006A Security Vulnerability Involving the "pagedata" Subsystem of the Process File System (/proc(4)) May Cause the System to Hang or Panic 1000838.120111810211319-Apr-2006Security Vulnerability in LDAP2 Client Commands 1000845.120112610197428-Nov-2005OpenSSL (see openssl(5)) May Allow an Agent to Force a Rollback to a Cryptographically Weak Protocol Version 1000846.120112710234506-Nov-2006Security Vulnerability in Sun Java System Directory Server Related to Initial Installation Data 1000850.120113110257008-Nov-2006Buffer Overflow Vulnerability in libX11 1000854.120113510232227-Jul-2006Security Vulnerability With Sun N1 Grid Engine Daemons 1000855.120113610235612-Jun-2006Security Vulnerability in the Solaris 9 in.ftpd(1M) Server May Allow Unauthorized Directory Access 1000861.120114210204024-Apr-2006A Security Vulnerability in the "libike" Library May Affect the in.iked(1M) Daemon 1000867.120114810228213-Apr-2006Security Vulnerability May Allow 'sh' Process to be Crashed Causing a Denial of Service 1000871.120115210206022-Nov-2005Security Vulnerabilities in the traceroute(1M) Utility may Allow Elevated Privileges 1000872.120115310180030-Nov-2005Security Vulnerability in the Xsun(1) and Xprt(1) Commands 1000880.12011661016475773418-Jan-2005Security Vulnerability in the Generic Security Services Library libgss(3LIB) 1000887.12011731015185758619-Jan-2010Proxy Authentication to Sun ONE Calendar Server May Fails if Portal Display Preferences Are Changed 1000888.12011751016255770819-Jan-2010Security Vulnerabilities With Java Plug-in in JRE/SDK 1000892.12011801015855766524-Jan-2010Security Vulnerability Involving Webmail 1000893.12011821015735764919-Jan-2010Security Vulnerability in "a2ps" May Allow A Local Unprivileged User to Execute Arbitrary Code 1000898.12011961011635010423-Feb-2004Security Issue with kcms_server Daemon 1000899.12011971014345748321-Jan-2004Basic Security Module (BSM) Functionality is Impaired on Solaris Systems Which Have Removed The SUNWscpu Package 1000908.12012201013075612006-Aug-2003Sun Linux 5.0 Vulnerability Involving the unzip(1) Command 1000909.12012211013855741909-Nov-2003Running Xsun Server in Direct Graphics Access (DGA) Mode May Allow Creation of Temporary Files Insecurely or Allow a "Denial of Service" Attack 1000912.12012241012655530109-Jun-2003Solaris 8 IPv6 Enabled Systems May Panic Handling Certain Packets 1000914.120122710317523-Sep-2008Security Vulnerabilities in the Sun Ray Device Manager Daemon 1000917.120123010319204-Feb-2008A Security Vulnerability in the Solaris X Window System (X(5)) PCF Font Handler May Lead to Execution of Arbitrary Code or a Denial of Service (DoS) Condition 1000918.12012311012615516024-Jan-2010A Vulnerability in "Sun Management Center (SunMC) Change Manager" Program May Allow Unauthorized Root Privileges 1000924.12012381011344881827-Feb-2003Security vulnerabilities in BIND and libresolv (CERT CA-2002-31) 1000926.12012411011504947524-Jan-2010Security Vulnerabilities with Sun ONE Web Server 4.1SP11 and Earlier 1000928.12012431011094780024-Jan-2010Sun Linux Vulnerabilities in "unzip" and GNU "tar" Commands 1000931.120124710274412-Nov-2007Security Vulnerability With RSA Signatures Affects OpenSSL Shipped With Solaris 1000935.120125110311618-Sep-2008Cross-site Scripting (XSS) Vulnerability in the Sun Java System Access Manager Administration Console 1000936.120125210310125-Oct-2007Security Vulnerability in Solaris 10 SCTP INIT Processing 1000937.120125310310614-Oct-2007FTP Security Vulnerability May Cause a Denial of Service to Sun StorEdge 3510 Data Services 1000939.120125510300126-May-2008JSP Source Code Disclosure Vulnerability Affects Sun Java System Application Server and Web Server 1000942.120125910296714-Jun-2007Integer Overflow and Heap-Based Buffer Overflow Vulnerability in 3rd Party Module (Freetype) 1000943.120126010297020-Jun-2007Security Vulnerability in RSA Signature Verification Affects GnuTLS Library Versions Prior to 1.4.4 1000945.120126210291826-Jun-2007Security Vulnerabilities in the KSSL Kernel Module May Lead to a System Panic 1000946.120126310296326-Jun-2007A Security Vulnerability in the TCP Loopback/Fusion Code May Lead to a System Hang Resulting in a Denial of Service (DoS) 1000947.120126410296228-Jun-2007Security Vulnerability in the sshd(1M) Protocol Version 1 Implementation May Allow a Denial of Service to the Host 1000949.120126610292903-Jun-2007Security Vulnerability With snmpd(1M) When Processing Certain AgentX Subagent Requests 1000950.120126710296512-Jun-2007A Security Vulnerability in Solaris 10 NFS XDR Handling May Allow a Denial of Service to NFS Servers 1000951.120126810287512-Jun-2007Security Vulnerability in Sun Java System Directory Server May Allow Unauthorized Data Modifications 1000953.120127010280727-Apr-2008Security Vulnerability in StarOffice/StarSuite URL Handler 1000964.120128110274528-May-2007A Security Vulnerability in the in.iked(1M) Service May Lead To a Denial of Service (DoS) 1000965.120128210293229-May-2007Security Vulnerability in Adobe Flash Player May Allow Unauthorized Header Injection into HTTP Requests 1000973.120129110269907-Feb-2007A Security Vulnerability in the Solaris 10 Loopback FileSystem (LOFS) May Allow Files in a Non-global Zone to be Moved or Renamed From a Read-Only Fileystem 1000975.120129310268614-Feb-2007Security Vulnerability in RSA Signature Verification Affects Java 2 Platform, Standard Edition 1000976.120129410277204-Jun-2009Third-party Applications Using GSS-API May Be Vulnerable to Compromise 1000978.120129610218606-Nov-2006Security Vulnerability in the in.rexecd(1M) Daemon on Kerberos Systems 1000982.120130210254331-Jul-2006Security Vulnerability on Sun Fire T2000 With Solaris 10 (3/05 HW2) 1000986.12013081012505476020-May-2010Java Virtual Machine (JVM) May Crash Due to Vulnerability in the Java Media Framework (JMF) 1000987.120131010317217-Dec-2007Solaris 9 sshd(1M) Patches May Cause Incorrect Audit Data to be Logged 1000988.12013111010234430901-Apr-2003Buffer Overflow in cachefsd in Solaris 1000990.120131510315731-Jan-2008Security Vulnerability in Simplified Chinese, Traditional Chinese, Korean, and Thai Language Input Methods 1000991.120131610315804-Feb-2008A Security Vulnerability in the USB Mouse STREAMS Module May Lead to a System Panic 1000992.120131710316207-Jan-2008Solaris 10 Kernel Patches May Allow Privileged Remote Users to Gain Root Access to Files Shared by NFS Servers 1000994.120131910306021-Oct-2007Security Vulnerability in RPCSEC_GSS (rpcsec_gss(3NSL)) Affects Kerberos Administration Daemon (kadmind(1M)) 1000995.120132010317009-Sep-2008Multiple Security Vulnerabilities Within the GIMP Plugins 1000998.12013241012035202219-Jan-2010Buffer Overflow in Web Connector Module of Application Server 1000999.12013251011655016130-Mar-2003Security Vulnerability with the at(1) Command on Solaris 1001000.12013261011605000813-Jan-2003Security Vulnerability with the Solaris "/usr/lib/utmp_update" Command 1001001.12013271011645014216-Jan-2003Several Kerberos Applications are Vulnerable to a Denial of Service 1001002.12013281010564550901-Oct-2010Sun Cobalt "mod_ssl" ("apache-openssl-1.3.x") May Allow Local Account Compromise 1001005.120133110316001-Sep-2008Security Vulnerabilities in libtiff(3) May Allow Denial of Service (DoS) or Privilege Elevation 1001006.120133210309902-Sep-2008Multiple Security Vulnerabilities in the Solaris Tag Image File Format Library libtiff(3) 1001007.120133310315920-Jul-2010Security Vulnerabilities in Early Versions of Sun SPARC Enterprise M4000/M5000/M8000/M9000 XSCF Control Package (XCP) firmware may Result in a Denial of Service (DoS) Condition 1001009.120133510313902-Sep-2008Multiple Security Vulnerabilities in the JavaScript Engine in Mozilla 1.7 for Solaris 8, 9 and 10 1001013.120133910306417-Oct-2007Security Vulnerabilities in Solaris Kernel Statistics Retrieval Process May Allow a Denial of Service (DoS) 1001014.120134010300930-Aug-2007A Security Vulnerability With the Special File System (SPECFS) strfreectty() Function May Allow a Local Unprivileged User to Panic a System 1001015.120134110196529-May-2008A Security Vulnerability in the Sun Cluster Global File System 1001021.120134810295802-Jul-2007Cross-site Scripting Vulnerability (XSS) Affecting Pages Generated with JavaDoc Tool 1001022.120134910297809-Jul-2007Security Vulnerability in the rcp(1) Command May Allow Execution of Unintended Commands 1001023.120135010285615-Jul-2007Security Vulnerabilities in the Network Security Services (NSS) May Affect SSL Clients and SSL Servers 1001025.120135210216106-Nov-2006Security Vulnerability in the hsfs(7FS) File System 1001028.120135510231629-Aug-2006Privileged Applications Linked to libpkcs11(3LIB) Which Obtain Password Entries Using getpwnam(3C) May Fail or Possibly Grant Elevated Privileges to Local Users 1001032.120135910246201-Aug-2006Security Vulnerability With NIS server ypserv(1M) May Allow a Denial of Service (DoS) to Occur 1001042.12013691014445749613-Dec-2006Security Vulnerability in the Apache Web Server "mod_alias" and "mod_rewrite" Modules 1001045.120137210200305-Nov-2006Security Vulnerabilities in the Java Runtime Environment May Allow an Untrusted Applet to Elevate Its Privileges 1001047.120137410309609-Oct-2007Security Vulnerability in the Solaris Auditing (BSM) Related to Network Auditing May Lead to Denial of Service (DoS) 1001054.120138110282230-May-2007Sun Java System Web Server May Allow A User with Revoked Client Certificate to Access Server Instance Under Certain Conditions 1001055.120138210285302-May-2007The Directory Server ("ns-slapd") May Exit Unexpectedly When Handling Certain Queries 1001059.120138610280012-Apr-2007Security Vulnerabilities in Mozilla 1.7 for Solaris 8, 9 and 10 1001060.120138710285416-Apr-2007Security Vulnerability in the Sun Java Web Console May Allow Access to Privileged Data or Lead to Denial of Service 1001063.120139010272221-Feb-2007Security Vulnerability With RSA Signature Affects Solaris Applications Utilizing the libike Library 1001064.120139110280227-Feb-2007Security Vulnerability in the in.telnetd(1M) Daemon May Allow Unauthorized Remote Users to Gain Access to a Solaris Host 1001068.120139510257420-Dec-2006A Security Vulnerability in the Solaris Kernel May Allow a Denial of Service (DoS) Condition to Occur 1001072.12014001012395392420-May-2010Sun Cobalt Samba Versions Earlier Than 2.2.8 May Allow Remote Unauthorized Root Privileges 1001080.12014321014235747005-Jan-2004Security Vulnerability With the Extended Library Function sendfilev(3EXT) 1001084.12014381013195638024-Jan-2010Timing Based Attack Vulnerabilities in the Java Secure Socket Extension 1001085.12014401012865570021-Jul-2003Sun Linux VIM Package May Give Unprivileged Users the Ability to Execute Arbitrary Commands 1001088.12014431012245270024-Jan-2010Sun Linux and Cobalt Legacy Products are Vulnerable to Additional sendmail(1M) Buffer Overflow 1001090.12014451012775560019-Jan-2010Sun Linux NIS server ("ypserv") is Vulnerable to a Denial of Service (DoS) Attack 1001091.12014481012635526003-Jun-2003A Security Vulnerability With The "/usr/lib/utmp_update" Command May Allow Local Unauthorized Privileges 1001092.12014511013125618024-Jan-2010SunOne/iPlanet Web Server Vulnerable to Denial of Service (DoS) Attack 1001093.12014521012435414724-Jan-2010Security Vulnerability in SSL/TLS Block Ciphers may affect Sun ONE/iPlanet Web Server and Application Server 1001094.12014531013845741824-Jan-2010Sun One Web Server Log Analyzer Vulnerability 1001095.12014541013885742324-Jan-2010Sun ONE Web Server "Denial of Service" Vulnerability 1001100.12014601011945134024-Jan-2010Security Vulnerability in Sun Cluster 2.2 1001101.12014621012025198027-Apr-2003The wall(1M) Command May be Used to Send Messages Containing a Forged User ID 1001104.12014771013575704024-Sep-2003The Am7990 ("LANCE") Ethernet Driver (le(7D)) Reuses Old Frame Buffer Data to Pad Packets 1001105.12014781013595708028-Sep-2003Use of "namefs" Mounted pipe(2) and Certain STREAMS Routines May Panic a Solaris System 1001107.12014801013095612213-Aug-2003Sun Linux 5.0 Python Creates Temporary Files Insecurely 1001109.12014821012855568028-Jul-2003Security Vulnerability in the Solaris Runtime Linker ld.so.1(1) 1001112.12014871012315358127-May-2003Security Vulnerability in Samba(7) versions 2.2.2 through 2.2.8 May Allow Remote User Unauthorized Privileges 1001115.12014921013405678019-Jan-2010Recent Mass Mailing of "Worms" or Mail Viruses May Cause Network and Application Performance Degradation 1001117.12014951012415404210-Nov-2003Solaris/SEAM Kerberos 5 Vulnerability due to Buffer Overflow/Underflow in Principal Name Handling 1001119.12014981007502341219-Jan-2010Vulnerability in Solaris "AnswerBook2 Documentation" Server Daemon 1001123.120150510312502-Sep-2008Multiple Security Vulnerabilities in JavaScript Engine in Mozilla 1.7 for Solaris 8, 9 and 10 1001124.120150610316710-Dec-2007Security Vulnerabilities in Adobe Flash Player May Allow Unauthorized System Access or Generation of HTTP Requests 1001126.120150810315217-Dec-2007Security Vulnerability in Sun Management Center (Sun MC) May Allow Unauthorized Access to System and Data 1001130.120151310318810-Jan-2008Security Vulnerability in Solaris 10 Related to the dotoprocs() Routine 1001131.120151410320110-Feb-2008Security Vulnerability in the libxml2 Library May Lead to a Denial of Service (DoS) 1001133.120151610317716-Mar-2008Multiple Security Vulnerabilities in Firefox and Thunderbird for Solaris 10 May Allow Execution of Arbitrary Code and Access to Unauthorized Data 1001134.120151910307904-Sep-2008Security Vulnerability in Java Runtime Environment With Applet Caching May Allow Network Access Restrictions to be Circumvented 1001138.12015261011905118102-Mar-2003sendmail(1M) Parses Headers Incorrectly in Certain Corner Cases 1001139.12015271011935130004-Mar-2003UFS File Systems With Logging Enabled are Vulnerable to a Denial of Service (DoS) Attack 1001141.120153110271102-Dec-2007Security Vulnerabilities in OpenSSL May Lead to a Denial of Service (DoS) to Applications or Execution of Arbitrary Code With Elevated Privileges 1001142.120153210313629-Oct-2007Multiple Security Vulnerabilities in the Layout Engine in Mozilla 1.7 for Solaris 8, 9 and 10 1001144.120153410275908-Nov-2007Security Vulnerabilities in OpenSSL Affect Solaris WAN Boot 1001146.120153710300025-Oct-2007JSP Source Code Exposure Issue on Windows Platform Affects Sun Java System Application Server 1001147.120153810303304-Jan-2009Sun Java System Access Manager Does Not Securely Process XSLT Stylesheets contained in XML Signatures contained in XML Signatures 1001148.120153910301803-Sep-2007Security Vulnerability in Solaris 10 BIND: Susceptible to Cache Poisoning Attack 1001150.120154210288824-Jul-2007Security Vulnerability in libX11 for Solaris 1001151.120154410295426-Jun-2007dtsession(1X) Contains a Buffer Overflow Vulnerability 1001152.120154510283330-May-2007Security Vulnerability in Sun Java System Web Server May Allow Unauthorized Access to Host Data With Certain URLs 1001158.120155110299517-Jul-2007A Security Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions 1001160.120155310292713-Sep-2007Security Vulnerabilities in the SOCKS Module of Sun Java System Web Proxy Server 4.0 1001161.120155410297205-Aug-2007Multiple Security Vulnerabilities in the Solaris Gnome PDF Viewer (gpdf(1)) may Allow a Denial of Service (DoS) Condition or Lead to Execution of Arbitrary Code 1001164.120155810250116-Jul-2006Security Vulnerability With Malformed XML Documents in StarOffice/ StarSuite 1001173.12015671015895766913-Apr-2006Security Vulnerabilities May Allow a Denial of Service in Sun Java System Web and Application Server Products 1001174.12015681015195758718-Apr-2006Solaris 9 Patches 112908-12 and 115168-03 WITHDRAWN, May Cause Passwords to be Logged as Clear Text on Kerberos Clients 1001181.120157510191307-Sep-2005Denial of Service Vunerabilities in Sun Java Web Proxy Server 1001186.12015811016875778028-Apr-2005NIS+ Client Users May Be Able to Cause a Denial of NIS+ Service 1001187.12015821016285771201-Mar-2005Security Vulnerability in Kerberos 5 Administration Library for Solaris/SEAM 1001190.12015851015555762811-Aug-2005Security Vulnerabilities in the Apache Web Server and Apache Modules 1001191.12015861007582360419-Jan-2010Potential Security Issue in ServerSocket.accept() 1001193.120158810176814-Jun-2005Security Vulnerability in the lpadmin(1M) Utility 1001195.120159010191030-Oct-2005Sun Java System Application Server May Disclose Source Code of Java Server Pages 1001197.120159210177028-Sep-2005Security Vulnerability in Webmail May Allow an Unprivileged User to Execute Arbitrary Code 1001201.12016011016115769124-Jan-2010Security Vulnerability in Webmail May Allow Unprivileged Users to Execute Arbitrary Code 1001203.12016031015595763219-Jan-2010Netscape NSS Library Vulnerability Affects Sun Java System Web Server and Sun Java System Application Server 1001205.12016061015475761724-Jan-2010Multiple Security Vulnerabilities in the Portable Network Graphics (PNG) Library libpng(3) 1001207.12016081015545762715-Aug-2004Buffer Overflow in the CDE Mailer dtmail(1X) 1001209.12016101015635763719-Jan-2010Security Vulnerabilities in QT Library May Allow a Remote Unprivileged User to Execute Arbitrary Code 1001210.12016111015695764519-Jan-2010Security Vulnerabilities in imlib Library May Allow a Remote Unprivileged User to Execute Arbitrary Code 1001212.12016151015325760028-Jun-2004The gzip(1) Command May Change the Permissions of Hard Linked Files on Solaris 8 Systems 1001213.12016161015315759920-May-2010ASN1 Decoder For Sun Java System Directory Server May Be Subject to Denial of Service (DoS) 1001216.12016231014205746419-Jan-2010Sun ONE Web Server Buffer Overflow Vulnerability May Result in "Denial of Service" (DoS) 1001223.12016361014115745409-Dec-2003Security Vulnerability Involving the passwd(1) Command 1001227.12016481016725776319-Jan-2010Buffer Overflow Vulnerabilities in Sun Java System Web Proxy Server 3.6 1001228.12016491016765776814-Apr-2005Multiple Security Vulnerabilities in Xsun and Xprt Server Font Handling 1001229.12016501015765765308-May-2005libXpm Security Vulnerabilities Affect the Motif Library (libXm) 1001233.12016561016415772711-Jan-2005Security Vulnerability in Solaris 8 DHCP Administration Utilities 1001235.120165810186410-Aug-2005Multiple Security Vulnerabilities in The "MySQL" Package 1001237.12016601015235759129-Aug-2005Security Vulnerability With Java Plug-in in JRE/SDK 1001242.12016691016515773813-Feb-2005Security Vulnerability in the "stfontserverd" Daemon 1001244.12016711016175769919-Jan-2010A Security Vulnerability in Sun Java System Web and Application Server May Allow Unprivileged Users the Ability to Access Session IDs 1001245.12016721016245770719-Jan-2010Java Runtime Environment Remote Denial-of-Service (DoS) Vulnerability 1001246.12016751016195770122-Dec-2004Multiple Security Vulnerabilities in Mozilla 1001247.12016771015755765205-Dec-2004Security Vulnerabilities in libXpm May Allow a Remote Unprivileged User to Execute Arbitrary Code 1001252.12016871015305759808-Jul-2004Security Vulnerability With Solaris Volume Manager (SVM) 1001257.12017041013145622024-Jan-2010Sun Linux 5.0 Security Vulnerability in "wu-ftpd" May Allow Unauthorized Root Access 1001262.12017101012955588224-Jan-2010Sun Linux 5.0 Denial of Service Vulnerability in "nfs-utils" Package Version 1.0.3 and Earlier 1001264.12017131014595751724-Jan-2010Sun Java System Application Server Denial-of-Service Vulnerability 1001267.12017181014645752419-Jan-2010Potential SSL Vulnerabilities in Sun Products 1001270.12017211014465749824-Jan-2010ASN.1 Parsing Issue May Lead to Denial-of-Service Condition in Sun Java System Web Server and Sun Java System Application Server 1001271.12017221014495750219-Jan-2010A Security Vulnerability in the Sun Cluster Global File System May Allow an Unprivileged Local User to Panic a Cluster Node 1001273.12017241014975756021-May-2010Java Secure Socket Extension (JSSE) May Incorrectly Validate Certificates 1001276.120173610295519-Aug-2007Security Vulnerability in JavaScript Engine in Mozilla 1.7 for Solaris 8, 9 and 10 1001277.120173710262213-Nov-2006A Security Vulnerability in the Java Runtime Environment Swing Library may Allow an Untrusted Applet to Access Data in Other Applets 1001282.120174210280330-May-2007Multiple Integer Overflow Vulnerabilities in the X Font Server (xfs(1)) and the X Render and DBE Extensions 1001284.120174410288129-Apr-2007Security Vulnerability With Java Web Start Related to Incorrect Use of System Classes 1001287.120174710284616-Apr-2007Security Vulnerability in the Mozilla js_dtoa() Routine May Result in Denial of Service 1001291.120175110282504-Mar-2007Two Security Vulnerabilities in PostgreSQL May Allow Denial of Service or Information Leakage 1001292.120175210278007-Mar-2007Two Integer Overflow Vulnerabilities Found in the Xorg(1) X Server 1001293.120175310266830-Jan-2007Security Vulnerabilities In OpenSSL Affect Sun Grid Engine 5.3 and N1 Grid Engine 6.0 1001294.120175410272430-Jan-2007Security Vulnerabilities in Solaris ld.so.1(1) may Lead to Execution of Arbitrary Code with Elevated Privileges 1001308.120176910234327-Jul-2006Potential Kernel Memory Disclosure Vulnerability in the Solaris sysinfo(2) System Call 1001313.120177410249019-Jul-2006Security Vulnerability With Macros in StarOffice/StarSuite 1001314.120177510247519-Jul-2006Security Vulnerability With Java Applets in StarOffice/StarSuite 1001316.12017771008812752501-Nov-2006Possible Security Issue with XView Text Clipboard 1001317.120177810251005-Oct-2006Security Vulnerability May Allow the syslog(3C) Service to be Disabled 1001318.12017801016585774606-Dec-2006Sun TCP Connections May Experience Performance Degradation If Certain ICMP Error Messages Are Received 1001319.120178110251406-Nov-2006Security Vulnerability May Allow Users With the "File System Management" RBAC Profile to Gain Elevated Privileges 1001321.120178310265014-May-2010Cross-site Scripting Vulnerabilities in the Sun Secure Global Desktop Software 1001323.120178510246126-Jul-2006Systems With Sun Java Enterprise System Installed May Hang Due to a Memory Leak in the Network Security Services (NSS) Software 1001325.120178710232127-Jul-2006Incomplete Authentication and Authorization in Sun Grid Engine 5.3 and N1 Grid Engine 6.0 Certificate Security Protocol (CSP) Mode 1001328.120179010225221-May-2006Security Vulnerabilities found in the Xorg(1) X11R6.9 and X11R7.0 Server 1001329.120179110233922-May-2006Security Vulnerability in the Xorg(1) Version of the Render Extension 1001330.120179210193320-Apr-2006Security Vulnerabilities in uucp(1C) and uustat(1C) 1001331.120179310212220-Apr-2006Security Vulnerability in PC Netlink 2.0 "slsmgr" May Allow Files to be Opened Insecurely 1001337.120179910180931-Jan-2006Security Vulnerabilities in the Kerberos Key Distribution Center (KDC) Daemon 1001338.12018001015125758001-Feb-2006Solaris/SEAM Kerberos 5 Vulnerability Due To Buffer Overflows In krb5_aname_to_localname() 1001341.120180310177619-Mar-2006Security Vulnerabilities in The "libgdk_pixbuf" Library May Allow a Remote Unprivileged User the ability to Execute Arbitrary Code 1001423.12019221010554550823-Jun-2003OpenSSH-2.9p2-12C4 May Allow root Exploit in Sun Cobalt RaQ 550 1001424.12019241009254052115-Jul-2003Anonymous FTP Sessions are not Audited When the Basic Security Module (BSM) is Used 1001428.12019311013705736012-Oct-2003Security Vulnerability on Sun Systems With a PGX32 Frame Buffer 1001430.12019331012685538015-Jun-2003Solaris 8 LDAP Clients May Log the Proxy Agent User's Password as Clear Text 1001432.12019351012705544018-Jun-2003syslogd(1M) Does Not Properly Handle Large syslog(3C) Packets and May Allow an Unprivileged User to Cause a Denial of Service 1017334.122838710251202-Aug-2006Local Users May be Able to Hang Systems That Have Loaded The Kernel Debugger kmdb(1) 1017335.122838810189511-Oct-2005A Security Vulnerability in Solaris 10 May Allow a Local Unprivileged User the Ability to Panic the System 1017342.122839710294503-Sep-2007Security Vulnerabilities in the Network Security Services (NSS) Library May Affect Sun Java System Application Server, Web Server and Web Proxy Server 1017347.122840610302129-Jul-2007Solaris 10 Systems May Panic or Hang When Running Certain DTrace D Programs 1017349.122840810256325-Sep-2006A Remote SSL Client May be Able to Cause a Denial of Service (DoS) of a Solaris 10 System Running a Kernel SSL Service Instance 1017350.122840910293012-Aug-2007Security Vulnerability in the Kerberos kadm5 Library May Allow Execution of Arbitrary Code 1017352.12284111014125745509-Dec-2003Security Issue Involving the tcsh(1) ls-F builtin on Solaris 8 1017357.122841910200213-Mar-2008Security Vulnerability in the Sun ONE and Sun Java System Directory Server's and the Sun Java System Directory Proxy Server's HTTP Administrative Interface 1017359.12284231015955767502-Nov-2004Security Vulnerability in ping(1M) 1017423.122852010286704-Apr-2007Security Vulnerability in the SEAM Kerberized telnetd(1M) Daemon May Allow Unauthorized Remote Users to Gain Access to a Solaris Host 1017424.12285211012155238816-Apr-2003Security Vulnerability with /usr/dt/bin/dtsession 1017426.122852410271408-Mar-2007Security Vulnerability With Integer Multiplication Within libXfont Affects Solaris X11 Servers 1017427.122852510248502-Aug-2006Security Vulnerabilities in The Solaris Event Port API May Result in a Denial of Service (DoS) Condition 1017428.122852610255010-Sep-2008Multiple Security Vulnerabilities in Mozilla 1.4 and 1.7 for Solaris and for Sun JDS for Linux 1017429.12285291012795560219-Jan-2010Sun Linux 5.0 Security Vulnerabilities in XFree86 Packages 1017430.12285321009974354116-Apr-2003Security issue with zlib (libz(3)) in Solaris and OpenWindows and GNOME 1017433.122853610224622-May-2006A Security Vulnerability in the "libike" Library May Potentially Cause a Denial of Service to the in.iked(1M) Daemon 1017440.12285441014055744304-Dec-2003Text Editor ed(1) Creates Temporary Files in an Unsafe Manner 1017443.122854710219714-Aug-2006Security Vulnerabilities in the Apache 1.3 Web Server 1017444.122854810194805-Nov-2006Security Vulnerability in Sun Java System Communications Express Software 1017448.12285541011855092218-Feb-2003rpcbind(1M) May be Terminated by Unprivileged Client Applications, Leading to Denial of RPC Services 1017451.122855710265811-Jan-2007Security Vulnerability in the Netscape Portable Runtime (NSPR) API Affects Solaris 1018535.123021310192625-Sep-2007Security Vulnerability in the Xsun(1) and Xorg(1) Servers 1018932.123078810217006-Nov-2006Security Vulnerability With Java Web Start 1018933.123078910205007-Nov-2006Security Vulnerability With Java Runtime Environment May Allow Untrusted Applet to Elevate Privileges 1018934.123079010174812-Jun-2005Security Vulnerability With Java Web Start 1018935.123079110174912-Jun-2005Security Vulnerability With Java Runtime Environment May Allow Untrusted Applet to Elevate Privileges 1018961.123090119-Jan-2010Security Vulnerability in the Solaris X Server May Lead to Unauthorized Disclosure of Information on Access Restricted Files and Directories 1018965.123124419-Jan-2010Some Sun SPARC Enterprise T5120 and T5220 Servers Shipped With an Incorrect Solaris 10 Image Containing an Insecure Configuration 1018967.123124629-Jan-2008A Vulnerability in the Java Runtime Environment XML Parsing Code May Allow URL Resources to be Accessed 1018968.123126104-Feb-2008Two Vulnerabilities in the Java Runtime Environment May Independently Allow an Untrusted Application or Applet to Elevate Privileges 1018970.123132119-Jan-2010Security Vulnerabilities in ImageMagick May Lead to Arbitrary Code Execution or Denial of Service (DoS) 1018975.123140217-Sep-2010Denial of Service Vulnerabilities in ldap_cachemgr(1M) Daemon 1018976.123140310-Mar-2008A Security Vulnerability Relating to Inter-Process Communication (IPC) May Lead to a Denial of Service (DoS) 1018977.123144124-Jan-2010Multiple Security Vulnerabilities in Solaris 10 Firefox and Thunderbird 1018980.123146613-Feb-2008Two Security Vulnerabilities Exist Within the cpc(3CPC) Sub-System of the Solaris Kernel 1018981.123146719-Jan-2010Cross-Site Scripting Vulnerability in Sun Java System Web Server Search Module 1018985.123152424-Jan-2010Security Vulnerability in Solaris 10 Perl 5.8 1018987.123152619-Jan-2010Security Vulnerability in Sun Java Web Console 1018994.123160119-Jan-2010Security Vulnerability With Quattro Pro Files in StarOffice 8/StarSuite 8 1018996.123164119-Jan-2010Security Vulnerability for ODF Text Documents Containing XForms in StarOffice 8/StarSuite 8 1018997.123164219-Jan-2010Security Vulnerability for OLE Files in StarOffice 7 and 8, StarSuite 7 and 8 1018998.123166119-Jan-2010Manipulated EMF Files May Lead to Heap Overflows and Arbitrary Code Execution 1019007.123180327-Apr-2008Security Vulnerability in the Solaris 10 DTrace Dynamic Tracing Framework May Allow Unauthorized Kernel Level Tracing 1019015.123328427-Apr-2008Security Vulnerability in inetd(1M) Daemon When Debug Logging is Enabled 1019016.123332119-Jan-2010Two Security Vulnerabilities in the Java Runtime Environment Virtual Machine 1019017.123332219-Jan-2010Security Vulnerability in the Java Runtime Environment With the Processing of XSLT Transformations 1019018.123332319-Jan-2010Multiple Security Vulnerabilities in Java Web Start May Allow an Untrusted Application to Elevate Privileges 1019019.123332419-Jan-2010A Security Vulnerability in the Java Plug-in May Allow an Untrusted Applet to Elevate Privileges 1019020.123332519-Jan-2010Vulnerabilties in the Java Runtime Environment image Parsing Library 1019021.123332619-Jan-2010Security Vulnerability in the Java Runtime Environment May Allow Untrusted JavaScript Code to Elevate Privileges Through Java APIs 1019022.123332719-Jan-2010Buffer Overflow Vulnerability in Java Web Start May Allow an Untrusted Application to Elevate its Privileges 1019033.123356119-Jan-2010Cross Site Scripting (XSS) Vulnerability in Sun Java Server Faces (JSF) Input Handling Routines May Lead to Elevation of Privileges 1019040.123362319-Jan-2010Cross Site Scripting (XSS) Vulnerabilities in the Apache 1.3 and 2.0 "mod_imap" and "mod_status" Modules 1019048.123376127-Feb-2008Security Vulnerability in the ipsecah(7P) Kernel Module May Lead to System Panic 1019056.123392119-Jan-2010A Security Vulnerability in Floating Point Context Switch Implementation May Result in a Denial of Service (DoS) or Data Integrity Issues 1019057.123392219-Jan-2010Multiple Security Vulnerabilities in ICU 3.2 Library Regular Expression Processing May Cause a Denial of Service (DoS) 1019070.123430224-Jan-2010Security Sun Alert Archive Reference for Year 2002 1019071.123430324-Jan-2010Security Sun Alert Archive Reference for Year 2001 1019072.123430424-Jan-2010Security Sun Alert Archive Reference for Year 2000 1019091.123466111-Mar-2008Security Vulnerability in the Solaris 10 Java Desktop System (JDS) XscreenSaver(1) Application May Allow Unauthorized Access to Data 1019093.123470117-Mar-2008A Security Vulnerability in Solaris 10 libexif May Allow Code Execution or a Denial of Service (DoS) Condition 1019100.123482227-Apr-2008A Security Vulnerability in The N1 Grid Engine 6.1 Qmaster Daemon May Lead to a Denial of Service (DoS) 1019116.123512210-Jun-2008Vulnerability in the Solaris 10 Event Port Implementation May Lead to a System Panic, Resulting in a Denial of Service (DoS) 1019128.123538119-Jan-2010Security Vulnerability in Sun Java System Directory Proxy Server May Grant Unauthorized Administrative Access 1019129.123542104-Jun-2008Security Vulnerability in Solaris 10 Trusted Extensions Labeled Networking Related to Data Transfer Between Labeled Zones 1019132.123552124-Jan-2010A Security Vulnerability in Sun Java System Calendar Server May Allow Denial of Service (DoS) When Access Logging is Enabled 1019145.123590102-Apr-2008A Security Vulnerability in the Handling of Self Encapsulated IP Packets may Lead to a Denial of Service (DOS) Condition. 1019153.123614107-Apr-2008Security Vulnerabilities in the GNU Zebra and Quagga BGP Routing Daemon May Allow for Denial of Service 1019164.123632122-May-2008A Security Vulnerability in Solaris 10 Involving the SCTP Protocol May Result in a Panic and Denial of Service (DoS) 1019174.123648119-Jan-2010Cross-Site Scripting Vulnerability in the Sun Java System Web Server Advanced Search Mechanism 1019177.123652101-May-2008A Security Vulnerability in Solaris 10 Involving the SCTP Protocol May Result in a Denial of Network Services Due to Network Flooding 1019188.123670329-Jun-2008Multiple Security Vulnerabilities May Affect MySQL 4.0.x Bundled With Solaris 10 1019199.123688419-Jan-2010Security Vulnerabilities in Solaris Print Service May Lead to Denial of Service (DoS) or Execution of Arbitrary Code 1019202.123694419-Jan-2010A Security Vulnerability in Sun Ray Kiosk Mode 4.0 May Allow Escalation of Privileges 1019235.123744420-Jan-2010Security Vulnerability in Solaris SSH May Allow Unauthorized Access to X11 Sessions 1019237.123746519-Jan-2010Security Vulnerabilities in the Tcl GUI Toolkit Library may lead to arbitrary code execution or Denial of Service (DoS) 1019244.123758419-May-2008A Security Vulnerability in the Solaris 10 STREAMS Administrative Driver ("sad") May Allow a Denial of Service (System panic) 1019254.123776419-Jan-2010Two Security Vulnerabilities in samba(7) WINS Server Daemon (nmbd) May Allow Execution of Arbitrary Code or Lead to a Denial of Service (DoS) Condition 1019260.123786419-Jan-2010A Security Vulnerability in the Solaris crontab(1) utility may allow execution of Arbitrary Code 1019264.123794419-Jan-2010A Security Vulnerability in StarOffice/StarSuite 8 may allow file manipulation and Arbitrary Code execution 1019266.123796519-Jan-2010A Security Vulnerability in IP Multicast Filter processing of Sockets may lead to a system panic or possible execution of Arbitrary Code 1019267.123798519-Jan-2010A Security Vulnerability in the Solaris snmpXdmid(1M) may lead to a Denial of Service (DoS) condition 1019268.123798619-Jan-2010A Security Vulnerability in the namefs Kernel module may result in Arbitrary Code Execution or a Denial of Service (DoS) 1019269.123798716-Sep-2008Manipulated Tag Files used with Solaris Text Editors May Lead to Execution of Arbitrary Code 1019285.123818419-Jan-2010Multiple Security Vulnerabilities in Sun Java ASP Server may lead to execution of Arbitrary Code or Unauthorized Access to Data 1019294.123825019-Jan-2010Denial of Service (DoS) Vulnerability in the Solaris e1000g(7D) Gigabit Ethernet Driver 1019295.123825119-Jan-2010A Security Vulnerability in samba(7) Domain logons may allow execution of Arbitrary code with Root privileges 1019300.123830501-Jun-2008Multiple Security Vulnerabilities in Flash Player for Solaris 1019305.123836519-Jan-2010A Security Vulnerability in rpc.ypupdated(1M) May Allow Execution of Arbitrary Code When Run in Insecure Mode 1019316.123841420-May-2010Security Vulnerability in Service Tag Registry May Allow Denial of Service 1019317.123841623-Dec-2008A Vulnerability in Access Manager 7.1 may Allow Unauthorized Access to Resources 1019327.123849219-Jan-2010Multiple Security Vulnerabilities in Solaris 10 Firefox may Allow Execution of Arbitrary Code and Access to Unauthorized Data 1019328.123849319-Jan-2010Security Vulnerability in inet_network() Library Routine May Allow Denial of Service (DoS) to Applications 1019338.123862819-Jan-2010Security Vulnerabilities in the Java Runtime Environment related to the processing of XML Data 1019342.123866619-Jan-2010A Security Vulnerability with the processing of fonts in the Java Runtime Environment may allow Elevation of Privileges 1019343.123868619-Jan-2010Multiple Security Vulnerabilities in the Solaris X Server Extensions May lead to a Denial of Service (DoS) Condition or Allow Execution of Arbitrary Code 1019344.123868719-Jan-2010Security Vulnerabilities in the Java Runtime Environment Scripting Language Support 1019345.123868819-Jan-2010Kernel Security Vulnerability on Solaris Systems Using the Sun UltraSPARC T2 and UltraSPARC T2+ Processors May Allow Denial of Service (DoS) 1019363.123886519-Jan-2010SNMPv3 Authentication Bypass Vulnerability in snmpd(1M) 1019367.123890519-Jan-2010Multiple Security Vulnerabilities in Java Web Start may allow Privileges to be Elevated 1019373.123896519-Jan-2010Security Vulnerability in Java Management Extensions (JMX) 1019374.123896619-Jan-2010Security Vulnerability in JDK/JRE Secure Static Versioning 1019375.123896719-Jan-2010Security Vulnerability in the Java Runtime Environment Virtual Machine may allow an untrusted Application or Applet to Elevate Privileges 1019376.123896824-Jan-2010Security Vulnerabilities in the Java Runtime Environment may allow Same Origin Policy to be Bypassed 1019380.123900619-Jan-2010Multiple Security Vulnerabilities in the FreeType2 library for Printer Font Binary (PFB) or TrueType Font (TTF) format font files may lead to a Denial of Service (DoS) or allow Execution of Arbitrary Code 1019395.123918626-Aug-2008A Security Vulnerability in Solaris 10 involving the sendfilev() system call could result in Denial of Service (DoS) due to System Panic 1019397.123918819-Jan-2009Security Vulnerability Relating to the posix_fallocate(3C) System Call May Lead to a Denial of Service (DoS) 1019406.123928631-Jul-2008Multiple Security Vulnerabilities in the Adobe Reader may lead to Execution of Arbitrary Code 1019409.123930814-Aug-2008Cross Site Scripting (XSS) Vulnerability in Sun Java System Portal Server's Portlets may Lead to Execution of Arbitrary Code 1019412.123931204-Sep-2008Security Vulnerabilities in Tomcat 4.0 Shipped with Solaris 9 and 10 1019415.123938704-Aug-2008Security Vulnerabilities in the Solaris Priority Inherited pthread mutex API May Result in a Denial of Service (DoS) Condition 1019420.123939220-Aug-2009Security Vulnerability in the DNS Protocol May Lead to DNS Cache Poisoning 1019430.123954619-Jan-2010Security Vulnerabilities in Thunderbird for Solaris May Result in Privilege Escalation or Cross-Site Scripting (XSS) 1019431.123956629-Jul-2008Security Vulnerability in Sun Java System Web Server 7.0 plugin for Sun N1 Service Provisioning System (SPS) 1019442.123972829-Jul-2008A Security Vulnerability in picld(1M) May Allow a Denial of Service to System Monitoring and System Services 1019452.123978529-Jul-2008Security Vulnerability in the System Management Agent (SMA) SNMP daemon (snmpd(1M)) 1019460.123988627-Jan-2009Security Vulnerabilities in the Embedded Lights Out Manager (ELOM) on Sun Fire X2100 M2 and X2200 M2 May Allow Unauthorized Logins 1019464.123990829-Sep-2008Security Vulnerability in VERITAS (Symantec) NetBackup 6.0/6.5 GUI 1019470.123993027-Aug-2008Security Vulnerability in Firmware for T5220, T5140 and T5240 Systems May Allow a Denial of Service (DoS) 1019479.124004807-Aug-2008DUPLICATE of Sun Alert 239392 - Security Vulnerability in the DNS Protocol may lead to DNS Cache Poisoning 1019486.124008627-Jan-2009A Security Vulnerability in the Solaris ip(7P) Kernel Module's IP-in-IP Packet Processing May Lead to a Denial of Service (DoS) 1019492.124009519-Jan-2010A Security Vulnerability in 'VBoxDrv.sys' driver of Sun xVM VirtualBox 1.6 may lead to Arbitrary Code Execution or Denial of Service (DoS) 1019496.124009906-Aug-2008Security Vulnerability in Solaris Trusted Extensions Labeled Networking may lead to remote unauthorized access to the Global Zone (zones(5)) of the System 1019497.124010104-Aug-2008Security Vulnerability in Solaris snoop(1M) when Displaying SMB Traffic 1019499.124010610-Sep-2008Multiple Security Vulnerabilities in the Adobe Reader may lead to Execution of Arbitrary Code and Overwrite Arbitrary Files 1019510.124032712-Aug-2008A Security Vulnerability in the ftp Subsystem of Sun Java System Web Proxy Server 4.0 May Lead to a Denial of Service (DoS) 1019513.124036504-Dec-2008Security Vulnerability in Sun Ray Server Software May Compromise the Sun Ray Administration Password 1019522.124050619-Jan-2010Security Vulnerabilities in Sun Ray Server Software and Sun Ray Windows Connector May Compromise the Sun Ray Administration Password 1019524.124054617-Aug-2008Denial of Service Vulnerability in NFSv4 Client Kernel Module 1019535.124070627-Aug-2008Covert Channel Security Vulnerability in the Solaris Kernel 1019536.124070815-Sep-2008Multiple Security Vulnerabilities in rdesktop May Lead to Execution of Arbitrary Code or Denial of Service (DOS) 1019543.124086601-Sep-2008Security Vulnerability in Solaris 10 NFS Remote Procedure Calls (RPCs) May Allow a Denial of Service (DoS) or Data Integrity Issues for Non-Global Zones 1019556.124106626-Aug-2008A Security Vulnerability in the Solaris NFS Kernel Module May Lead to a System Panic, Resulting in a Denial of Service (DoS) 1019559.124112614-Dec-2008A Security Vulnerability in IPv4 Forwarding may Allow a Remote User to Panic the System 1019583.124164629-Apr-2009Security Vulnerability in GNU tar May Lead to Arbitrary Code Execution or Denial of Service (DoS) 1019585.124168614-Sep-2008A Security Vulnerability within the SunMC PRM Web Page may result in a Denial of Service (DoS) 1019589.124178611-Sep-2008A Security Vulnerability in the bzip2(1) command may lead to a Denial of Service (DoS) 1019601.124200604-Jan-2009A Security Vulnerability in the Solaris Name Service Cache Daemon (nscd(1M)) May Allow Unauthorized Access to Data and Escalation of Privileges 1019602.124202619-Jan-2010A Security Vulnerability in Sun Java System Access Manager May Allow a Remote Unprivileged User to Determine the Existence of "guessed" Usernames 1019607.124216611-Jan-2009Security Vulnerability in Sun Java System Access Manager May Allow Unauthorized Access Through Revealed Passwords 1019608.124218624-Jan-2010Cross-Site Scripting (XSS) Vulnerability in Sun Java Messaging Server 1019611.124224622-Oct-2008Security Vulnerability in the Search Feature of the Sun Java System LDAP JDK 1019612.124226608-Jan-2009Security Vulnerability in Solaris IP Tunnel Parameter Processing May Lead to a System Panic or Possible Execution of Arbitrary Code by Unprivileged Users 1019613.124226702-Jun-2009Security Vulnerability in the ACL (acl(2)) Implementation for UFS File Systems May Allow a Local User to Panic the System 1019619.124238620-May-2010This Alert covers CVE-2010-0890 for the kernel component of the Solaris and OpenSolaris products. 1019623.124248609-Mar-2009Multiple Security Issues in the Doors Kernel Functionality 1019632.124262716-Jul-2009Security Vulnerability in StarOffice Related to .wmf Files May Lead to Heap Overflows and Arbitrary Code Execution 1019643.124280612-Nov-2008A Security Vulnerability in the Solaris Socket(3SOCKET) Function May Allow Unprivileged Users to Panic the System 1019652.124298626-Aug-2010A Heap Overflow Security Vulnerability in the Sun Java Web Proxy Server 1019658.124310606-Nov-2008Security Vulnerability in Solstice X.25 May Allow Denial of Service (DoS) 1019663.124322616-Jul-2009Security Vulnerability in StarOffice/StarSuite Related to EMF Files May Lead to Heap Overflows and Arbitrary Code Execution 1019669.124338619-Jan-2010Multiple Security Vulnerabilities in Sun Java System Identity Manager 1019673.124348609-Nov-2008A Security Vulnerability in the Sun Integrated Lights-Out Manager (ILOM) may Allow Unauthorized Access Through the Web Interface 1019677.124356611-Dec-2008Security Vulnerability in the X Inter Client Exchange Library (libICE) Shipped With Solaris May Allow a Denial of Service (DoS) 1019678.124360619-Jan-2010A Security Vulnerability in the Logical Domains (LDoms) Manager May Allow Unauthorized System Access and Escalation of Privileges 1019686.124378601-Dec-2008Security Vulnerability in the Sun Java Web Console May Allow Unauthorized Redirection 1019687.124380606-Nov-2008Security Vulnerabilities in DHCP Handling of DHCP Requests May Allow Remote Users to Execute Arbitrary Code or Cause a Denial of the DHCP Service 1019689.124388604-Dec-2008Security Vulnerability Related to Sun Java System Portal Server May Allow Information Disclosure 1019696.124402604-Feb-2009Security Vulnerability in the Process File System (proc(4)) Relating to Contract File System (contract(4)) Interaction May Lead to a System Panic or Possible Execution of Arbitrary Code by Unprivileged Users 1019731.124482619-Jan-2010A Security Vulnerability in the Sun System Firmware on Certain SPARC Systems May Allow Unauthorized Data Access 1019733.124486610-Dec-2008A Security Vulnerability in the Management of Solaris Kerberos (see kerberos(5)) may Lead to a User Denial of Service (DoS) Attack 1019736.124498619-Jan-2010The Java Runtime Environment Creates Temporary Files That Have "Guessable" File Names 1019737.124498719-Jan-2010Java Runtime Environment (JRE) Buffer Overflow Vulnerabilities in Processing Image Files and Fonts May Allow Applets or Java Web Start Applications to Elevate Their Privileges 1019738.124498819-Jan-2010Multiple Security Vulnerabilities in Java Web Start and Java Plug-in May Allow Privilege Escalation 1019739.124498919-Jan-2010The Java Runtime Environment (JRE) "Java Update" Mechanism Does Not Check the Digital Signature of the JRE that it Downloads 1019740.124499019-Jan-2010A Buffer Overflow Vulnerability in the Java Runtime Environment (JRE) May Allow Privileges to be Escalated 1019741.124499119-Jan-2010A Security Vulnerability in the Java Runtime Environment (JRE) Related to Deserializing Calendar Objects May Allow Privileges to be Escalated 1019742.124499219-Jan-2010A Buffer Overflow Vulnerability in the Java Runtime Environment (JRE) "Unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges 1019756.124520610-Nov-2008Security Vulnerability in Solaris IP Filter Network Address Translation (NAT) May Lead to DNS Cache Poisoning 1019759.124524620-Jan-2010The Java Runtime Environment UTF-8 Decoder May Allow Multiple Representations of UTF-8 Input 1019765.124544619-Jan-2010A Security Vulnerability in Sun Java System Application Server May Expose an Application's WEB-INF and META-INF Content 1019777.124580621-May-2009A Buffer Overflow Security Vulnerability in the Solaris sadmind(1M) Daemon May Lead to Execution of Arbitrary Code 1019779.124584613-Nov-2008A Security Vulnerability in the Solaris i915 DRM Driver May Cause a Kernel Panic 1019793.124626620-Jan-2010Security Vulnerability in Java Runtime Environment May Allow Applets to List the Contents of the Current User's Home Directory 1019794.124628620-Jan-2010Security Vulnerability in the Java Runtime Environment With Processing RSA Public Keys 1019797.124634603-Feb-2010A Security Vulnerability in Java Runtime Environment (JRE) With Authenticating Users Through Kerberos May Lead to a Denial of Service (DoS) 1019798.124636620-Jan-2010Security Vulnerabilities in the Java Runtime Environment (JRE) JAX-WS and JAXB Packages may Allow Privileges to be Escalated 1019799.124638620-Jan-2010A Security Vulnerability in Java Runtime Environment (JRE) With Parsing of Zip Files May Allow Reading of Arbitrary Memory Locations 1019800.124638720-Jan-2010A Security Vulnerability in the Java Runtime Environment may Allow Code Loaded From the Local Filesystem to Access LocalHost 1019814.124674606-Jul-2010An IP(7P) Spoofing Security Vulnerability in Mid-range Sun Fire Server's Firmware May Allow Unauthorized Access to System Controllers 1019819.124684602-Dec-2008A Security Vulnerability in the OpenSSL PKCS#11 Engine May Result in Denial of Service (DoS) Due to a Corrupted Session Cache 1019828.124704603-Mar-2009Cross Site Scripting (XSS) Vulnerability in Sun Management Center (SunMC) Performance Reporting Module 1019833.124718601-Apr-2009A Security Vulnerability in Solaris Secure Shell (SSH) May Expose Some Plain Text From Encrypted Traffic 1019839.124732619-Jan-2010Insecure Temporary File Creation Security Vulnerability in Sun xVM VirtualBox 1019840.124734614-Jan-2009A Security Vulnerability in the libxml2 Library May Lead to Denial of Service (DoS) 1019842.124738605-Nov-2010Part II - Multiple Printing Regressions in Solaris 10 Kernel Patches 127127-11 and 127128-11 1019843.124740620-Apr-2009Security Vulnerability with IKE Packet Handling in Solaris libike Library may Lead to a Crash of in.iked(1M) 1019851.124756620-May-2010Buffer Overflow Vulnerabilities in Sun Java Wireless Toolkit for CLDC may Allow an Application to Escalate Privileges 1019856.124766616-Dec-2008Security Vulnerabilities in the Apache 2.0 "mod_proxy_http" and "mod_proxy_ftp" Modules may Lead to Denial of Service (DoS) or Cross Site Scripting (XSS) 1019873.124798611-Jan-2009Security Vulnerability in aio_suspend(3RT) May Lead to a System Panic, Resulting in a Denial of Service (DoS) 1019875.124802629-Jan-2009Security Vulnerability in the Solaris IP(7p) Implementation, Related to Minor Number Allocation, may Lead to a Denial of Service (DoS) Condition 1019892.124838631-Aug-2009Security vulnerability in Solaris Related to the Apache 1.3 mod_perl(3) Module Component "PerlRun.pm" may Lead to Denial of Service (DoS) 1019901.124852611-Jan-2009A Security Vulnerability in the vncviewer(1) RFB Protocol Validation May Allow Execution of Arbitrary Code and Lead to a Denial of Service (DoS) 1019903.124856604-Jan-2009A Security Vulnerability in the NFS Version 4 Client Within Solaris May Lead to a System Panic 1019904.124858611-Jan-2009Multiple Security Vulnerabilities in the Flash Player Plugin for Solaris 1019907.124864623-Dec-2008Insecure Temporary File Usage Vulnerability in Sun SNMP Management Agent 1019908.124866620-May-2010This Alert Covers CVE-2010-0891 for the Sun Management Center Product 1019923.124908611-Jan-2009Security Vulnerability in samba(7) Specially Crafted Packet May Allow Execution of Arbitrary Code With Root Privileges 1019924.124908701-Feb-2009Security Vulnerability in samba(7) Specially Crafted Packet May Expose Arbitrary Buffer of Data 1019925.124910611-Jan-2009A Security Vulnerability in Sun Java System Access Manager May Allow Privilege Escalation of Sub-Realm Administrators 1019926.124912620-Jan-2009Incorrect Software Setting Prior to Shipping on Certain Sun SPARC M4000/M5000 Servers May Allow Unauthorized Access 1019927.124914605-May-2009The Solaris rpc.metad(1M) Daemon is Vulnerable to a Denial of Service (DoS) Attack 1019934.124930612-Jan-2009Security Vulnerabilities in the Solaris lpadmin(1M) and ppdmgr(1M) Utilities May Lead to a Denial of Service (DoS) Condition 1019937.124936602-Apr-2009Multiple Security Vulnerabilities in the Adobe Reader May Lead to Execution of Arbitrary Code 1019948.124958621-Jan-2009Security Vulnerability in the Solaris Pseudo-terminal Driver (pty(7D)) may Cause a System Panic 1019951.124964621-Sep-2009A Security Vulnerability in xscreensaver(1) May Display Portions of a Locked Desktop if the Screen is Resized 1019965.124992615-Mar-2009A Security Vulnerability in Kerberos Incremental Propagation May Lead to a Denial of Service (DoS) Against Slave KDC Systems 1019967.124996601-Feb-2009Security Vulnerability in the Solaris "autofs" Kernel Module may Allow a Local Unprivileged User to Execute Arbitrary Code 1019972.125006623-Mar-2009A Solaris Kernel Security Vulnerability on Systems Using the Sun UltraSPARC T2 and T2+ Processors May Allow Denial of Service (DoS) 1019973.125008619-Jan-2010A Security Vulnerability in Sun Java System Directory Server May Allow Specific Requests to Crash the Directory Server Causing a Denial of Service (DoS) 1019986.125030608-Mar-2009A Security Vulnerability in the Solaris NFS Daemon (nfsd(1M)) May Allow Unauthorized Access to Data 1020011.125082614-Apr-2009Security Vulnerability in OpenSSL due to Improper Usage of Signature 1020012.125084612-Mar-2009Security Vulnerability in Solaris BIND named(1M) due to Incorrect DNSSEC Signature Verification 1020022.125100602-Apr-2009A Security Vulnerability in Solaris IPv6 Implementation (ip6(7p)) May Cause a System Panic 1020026.125108611-Feb-2009A Security Vulnerability in the Sun Java System Server, Related to the Directory Proxy Server, May Lead to a Denial of Service (DoS) Condition 1020044.125140608-Feb-2009Security Vulnerabilities in the libxml2 Library Routines xmlBufferResize() and xmlSAX2Characters() May Lead to Arbitrary Code Execution or Denial of Service (DoS) 1020086.125198624-Feb-2009Security Vulnerabilities in Tomcat 5.5 may Lead to Cross Site Scripting (XSS) or Directory Traversal 1020099.125222614-Jul-2009A Security Vulnerability in Sun Ray Server Software may Allow Unauthorized Manipulation of Sessions 1020111.125246905-Mar-2009Denial of Service (DoS) Vulnerability in NFSv4 Server Kernel Module 1020129.125276720-May-2009A Security Vulnerability in the Solaris Kerberos PAM Module May Allow Use of a User Specified Kerberos Configuration File, Leading to Escalation of Privileges 1020130.125278728-Jul-2009A Security Vulnerability in Solaris Kerberos Credential Management May Lead to Unauthorized Access of Kerberized NFS Mount Points 1020159.125326719-Jan-2010Sun Java System Identity Manager Security Vulnerabilities 1020160.125328715-Apr-2009Security Vulnerability in the VERITAS (Symantec) NetBackup Network Daemon may Allow Escalation of Privileges 1020168.125346831-Mar-2009A Security Vulnerability in the Solaris dircmp(1) Shell Script may Allow Overwriting of Arbitrary Files 1020172.125356812-Mar-2009Security Vulnerability in the Solaris keysock Kernel Module may Lead to a System Panic 1020173.125358829-Mar-2009Security Vulnerability in the Solaris NFS Server Security Modes (nfssec(5)) may Lead to Unauthorized Access to Shared Resources 1020175.125360814-Jul-2009A Security Vulnerability in the Solaris SCTP Packet Processing may Lead to a System Panic Resulting in a Denial of Service (DoS) 1020190.125388914-Jul-2009Two Security Vulnerabilities in Sun Ray Server Software 4.0 on Systems with Trusted Extensions Enabled May Allow either a Denial of Service (DoS) of the Audio Service or Unauthorized Access to Other Users' Sessions 1020200.125408803-Mar-2009A Security Vulnerability With the Solaris Crypto Driver May Cause a System Panic 1020206.125420804-Mar-2009A Security Vulnerability in the xterm(1) program Delivered With OpenSolaris Involving the Parsing of Device Control Request Status String (DECRQSS) Sequences May Lead to Execution of Arbitrary Code 1020223.125456820-Jan-2010Security Vulnerability in Sun xVM VirtualBox for the Linux Platform may Lead to Escalation of Privileges 1020224.125456920-Jan-2010Security Vulnerabilities in the Java Runtime Environment (JRE) LDAP Implementation may Allow a Denial of Service (DoS) and Malicious Code to be Executed 1020225.125457020-Jan-2010Integer and Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) "unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges 1020226.125457120-Jan-2010Buffer Overflow Vulnerabilities in the Java Runtime Environment (JRE) with Processing Image Files and Fonts may Allow Privileges to be Escalated 1020228.125460819-Jan-2010Security Vulnerabilities in the Java Runtime Environment (JRE) With Storing and Processing Font Files May Allow Denial of Service (DOS) 1020229.125460919-Jan-2010A Security Vulnerability in the Java Runtime Environment (JRE) HTTP Server Implementation May Allow a Denial of Service (DoS) Condition on a JAX-WS Service Endpoint 1020230.125461019-Jan-2010A Security Vulnerability in the Java Runtime Environment (JRE) Virtual Machine With Code Generation May Allow Escalation of Privileges 1020231.125461119-Jan-2010Multiple Security Vulnerabilities in Java Plug-in May Allow Privileges to be Escalated 1020232.125462815-Mar-2009Security Vulnerabilities in the UFS File System Relating to ufs_getpage() and ufs_putpage() Routines May Allow a Local User to Hang or Panic the System 1020254.125490905-Apr-2009Multiple Security Vulnerabilities in the Adobe Flash Player for Solaris 10 (Adobe Security Bulletin APSB09-01) 1020258.125500805-Apr-2009Security Vulnerability in Sun Java System Calendar Server 6.3 May Allow Denial of Service (DoS) 1020273.125530826-Aug-2009A Security Vulnerability May Allow Popup Windows to Appear Through the Solaris XScreenSaver Program 1020287.125560825-Mar-2009A Security Vulnerability in OpenSolaris may Allow a Privileged User Inside a non-global Zone to Execute Arbitrary Code Within a Global Zone 1020302.125584819-Jan-2010A Security Vulnerability in the Sun Java System Directory Server May Allow Users to Probe for Filenames and View Limited Content of Files 1020305.125592820-May-2010Security Vulnerability with HTTP Response Splitting in Sun Java System Delegated Administrator 1020307.125596803-Jan-2010Security Vulnerability in Sun Java System Access Manager May Provide Security Information to the Wrong Client 1020321.125622820-Jan-2010Cross-Site Scripting (XSS) Vulnerability in Sun Java System Calendar Server 1020330.125640806-Apr-2009Multiple Security Vulnerabilities in Firefox Versions Before 2.0.0.19 May Allow Execution of Arbitrary Code or Access to Unauthorized Data 1020343.125656820-Jan-2010Cross-Site Scripting (XSS) Security Vulnerability in the Sun Java System Access Manager Cross-Domain Controller (CDC) 1020344.125658819-Jan-2010A Cross-Site Scripting (XSS) Vulnerability in Sun Java System Portal Server's Error Page May Lead to Execution of Arbitrary Code 1020348.125666819-Jan-2010A Security Vulnerability in Sun Java System Access Manager May Disclose Confidential Information 1020355.125672802-Aug-2009Multiple Security Vulnerabilities in the Solaris Kerberos 'Mech' Libraries May Lead To Execution of Arbitrary Code, Unauthorized Access to Data or a Denial of Service (DoS) Condition 1020356.125674808-Jun-2009A Security Vulnerability in the Solaris rpc.nisd(1M) Daemon may Cause a Denial of Service (DoS) Condition to a NIS+ Server 1020358.125678828-Jun-2009Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause a Denial of Service (DoS) (Adobe Security Bulletin APSB09-04) 1020369.125700801-Sep-2009Security Vulnerability with the Solaris IPv4 Networking Stack Involving the Cassini Gigabit-Ethernet Device Driver and Jumbo Frames 1020386.125732913-Aug-2009A Security Vulnerability in Certain System Board Firmware Revisions of Sun Fire V215 Servers with XVR-100 Graphic Cards may Allow an Unprivileged User to Panic the System 1020388.125733119-Apr-2009Security Vulnerability in OpenSolaris SCTP Sockets May Allow Unprivileged Users to Panic the System 1020395.125754809-Jun-2009A Security Vulnerability in OpenSolaris smbfs(7FS) may Expose Data to Unauthorized Users 1020403.125770804-Jun-2009Security Vulnerabilities in DTrace (dtrace(1M)) ioctl(2) Handlers May Lead to a Denial of Service (DoS) Condition 1020411.125784816-Aug-2009Security Vulnerability in the Solaris Kernel Involving the Interaction of the Filesystem and Virtual Memory Subsystems 1020420.125798813-May-2009Security Vulnerability in Solaris 9 fstat(2) System Call May Lead to a System Panic, Resulting in a Denial of Service (DoS) 1020423.125804806-Jul-2010A Security Vulnerability in the ASN.1 Handling in Solaris OpenSSL May Lead to a Denial of Service (DoS) Condition 1020424.125806819-May-2009Cross-Site Scripting (XSS) Vulnerability in Sun Java System Communications Express 1020442.125850822-Jul-2009A Security Vulnerability in the Sun Java System Access Manager Policy Agent May Result in a Denial of Service (DoS) to Web Proxy Server 4.0 1020443.125852819-Jan-2010Multiple Security Vulnerabilities in Sun GlassFish Enterprise Server 2.1 (formerly Sun Java System Application Server 9.1UR2) May Lead to a Denial of Service (DoS) Condition or Execution of JavaScript Code 1020445.125858820-Jan-2010Security Vulnerability in the Solaris sendfile(3EXT) and sendfilev(3EXT) Extended Library Functions may Result in a Denial of Service (DoS) Condition due to a System Panic 1020452.125874819-Jan-2010Multiple Security Vulnerabilities in Mozilla Thunderbird Versions Prior to 2.0.0.19 May Allow Execution of Arbitrary Code or Unauthorized Access to Data 1020455.125880820-Jan-2010Security Vulnerability in PostgreSQL Shipped with Solaris may Allow a Denial of Service (DoS) 1020456.125882817-Jun-2009A Memory Leak in the Solaris Ultra-SPARC T2 crypto provider device driver (n2cp(7D)) may Result in Denial of Service (DoS) to the System as a Whole 1020461.125888805-Jul-2009A Security Vulnerability Involving the OpenSolaris Process File System (proc(4)) May Allow an Unprivileged Local User to Panic the System 1020463.125892824-Jan-2010A Security Vulnerability May Allow Popup Windows to Appear Through the Solaris XScreenSaver Program on Xorg(1) Servers 1020468.125902801-Sep-2009Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS) 1020474.125914828-Jul-2009Security Vulnerability in the Solaris Simple Authentication and Security Layer (SASL) Library (see libsasl(3LIB)) Routine sasl_encode64(3SASL) may Allow Unprivileged Users to Crash Applications Using this Function 1020486.125938810-Aug-2009A Security Vulnerability Involving xscreensaver(1) and Assistive Technology Support May Allow an Unauthorized User to Access the System 1020487.125940820-May-2009A Security Vulnerability in the Solaris Secure Digital Slot Driver (sdhost(7D)) May Allow Corruption of Kernel Memory and Memory Card Contents 1020498.125946821-May-2009Multiple Vulnerabilities in the Solaris 8 and 9 sadmind(1M) Daemon May Lead to Arbitrary Code Execution 1020504.125958802-Jun-2009Cross-Site Scripting (XSS) Vulnerability in the Sun Java System Web Server 6.1 Reverse Proxy Plug-in 1020521.125998910-Nov-2010Security Vulnerability in Solaris libpng(3) May Allow Denial of Service (DoS) or Privilege Escalation 1020542.126044917-Jun-2009Two Race Condition Vulnerabilities in the Solaris Event Port API May Allow Local Users to Panic the System, Causing a Denial of Service (DoS) 1020546.126050804-Jun-2009A Security Vulnerability in idmap(1M) of OpenSolaris may Allow a Denial of the CIFS (Common Internet File System) Service (DoS) 1020547.126052809-Jun-2009Security Vulnerability in the GnuTLS (libgnutls(3)) Library Certificate Chain Validation 1020570.126095114-Jul-2009A Security Vulnerability in the Solaris IP Filter (ipf(5)) May Lead to a Denial of Service (DoS) Condition 1020578.126108809-Jun-2009Multiple Security Vulnerabilities in Common UNIX Printing System (CUPS) May Allow a Remote User to Execute Arbitrary Code 1020599.126140820-May-2010Security Vulnerability in Lightweight Availability Collection Tool May Allow Unprivileged User to Overwrite Files 1020611.126168805-Aug-2009A Security Vulnerability in OpenSSO Enterprise and Sun Java System Access Manager May Cause Denial of Service (DoS) 1020621.126184920-Sep-2009A Security Vulnerability in the Solaris iSCSI Management Commands (iscsiadm(1M) and iscsitadm(1M)) may Allow Privilege Escalation 1020634.126204805-Jul-2009A patch regression in Solaris Kernel udp(7p) may Cause Certain Trusted Configurations of Solaris to Panic or Become Vulnerable to Triggered Panics Resulting in a Denial of Service (DoS) 1020636.126208824-Jun-2009Security Vulnerability in the Solaris auditconfig(3M) Command May Allow Users With an Associated RBAC Profile to Gain Elevated Privileges 1020647.126228813-Sep-2009Multiple Security Vulnerabilities in Solaris Ghostscript (GS(1)) May lead to Denial of Service (DoS) or Execution of Arbitrary Code 1020658.126240822-Jun-2009Security Vulnerability in the Solaris IP(7P) Multicast Reception May Lead to a Denial of Service (DoS) Condition 1020659.126242821-May-2010Cross-site Scripting (XSS) Security Vulnerability in Sun Java Web Console May Allow Execution of Arbitrary Code 1020661.126246824-Jun-2009Security Vulnerability in the Apache 1.3 "mod_jk" Module may Lead to Unauthorized Access to Data 1020673.126266829-Jun-2009Security Vulnerability in the Solaris Network File System Version 4 (NFSv4) 'nfs_portmon' Tunable May Allow Unauthorized Network Access 1020675.126270824-Jun-2009Security Vulnerability in the Virtual Network Terminal Server Daemon (vntsd(1M)) for Logical Domains (LDoms) May Allow Unauthorized Access to Guest Domain Console 1020679.126278814-Jul-2009Security Vulnerability in Solaris NFSv4 Kernel Module May Panic an NFSv4 Client System 1020685.126290807-Sep-2009Security Vulnerability in the SNMP daemon (snmpd(1M)) May Lead to a Denial of Service (DoS) Condition 1020706.126338810-Nov-2009Security Vulnerabilities in Solaris IP(7P) Module and STREAMS Framework May Lead to a Denial of Service (DoS) Condition 1020707.126340820-Jan-2010A Security Vulnerability in the Java Runtime Environment Audio System may Allow System Properties to be Accessed 1020708.126340920-Jan-2010Security Vulnerabilities With the Proxy Mechanism Implementation in the Java Runtime Environment (JRE) may Lead to Escalation of Privileges 1020709.126342820-Jan-2010Integer Overflow Vulnerability in the Java Runtime Environment When Parsing JPEG Images 1020710.126342920-Jan-2010A Security Vulnerability With Verifying HMAC-based XML Digital Signatures in the XML Digital Signature Implementation Included With the Java Runtime Environment (JRE) may Allow Authentication to be Bypassed 1020712.126348819-Jan-2010Integer Overflow Vulnerability in the Java Runtime Environment (JRE) "Unpack200" JAR Unpacking Utility May Lead to Escalation of Privileges 1020713.126348919-Jan-2010A Security Vulnerability in the Java Runtime Environment (JRE) With Parsing XML Data May Allow a Remote Client to Create a Denial of Service (DoS) Condition 1020714.126349019-Jan-2010JDK and JRE Blacklist Entry for JNLPAppletLauncher Vulnerability 1020715.126350819-Jan-2010Security Vulnerability in StarOffice/StarSuite Related to Microsoft Word Document Handling may Lead to Arbitrary Code Execution 1020717.126352908-Oct-2009Security Vulnerabilities in Solaris Bundled Tomcat May Lead to Unauthorized Access to Data or Denial of Service (DoS) 1020726.126368920-May-2010This Alert covers CVE-2010-0882 for the Trusted Extensions component of the Solaris and OpenSolaris products. 1020746.126404821-Apr-2010Security Vulnerability in the Solaris XScreenSaver (xscreensaver(1)) Program May Allow Unauthorized Access to Sensitive Information 1020755.126424820-May-2010Security Vulnerability in the Simple Authentication and Security Layer (SASL) Library Bundled with the Java Enterprise System (JES) may Allow Unprivileged Users to Crash Applications Using the sasl_encode64 Function 1020757.126430828-Jul-2009Multiple Security Vulnerabilities in Firefox Versions Prior to 3.5b4 May Allow Execution of Arbitrary Code or Access to Unauthorized Data 1020765.126442819-Jan-2010Security Vulnerability in Solaris Auditing Related to Extended File Attributes May Allow Local Unprivileged Users to Panic the System 1020766.126442919-Jan-2010Race Condition Security Vulnerability in Solaris Auditing Related to Extended File Attributes May Allow Local Unprivileged Users to Panic the System 1020773.126460824-Aug-2009A Security Vulnerability in the Solaris Print Service (in.lpd(1M)) May Lead to a Denial of Service (DoS) Condition 1020775.126464819-Jan-2010Security Vulnerability in the Active Template Library in Various Releases of Microsoft Visual Studio Used by the Java Web Start ActiveX Control May Be Leveraged to Execute Arbitrary Code 1020780.126473002-Dec-2009A Security Vulnerability in Solaris Sockets Direct Protocol (SDP) Driver (sdp(7D)) may Allow Users to Exhaust Kernel Memory 1020787.126480828-Jul-2009Security Vulnerability in Solaris Trusted Extensions Involving the Parsing of Labeled Packets May Result in Denial of Service (DoS) 1020788.126482824-Jan-2010A Security Vulnerability in Solaris BIND named(1M) Due to Insufficient Input Validation of Dynamic Update Requests Can Lead to Denial of Service (DoS) 1020798.126503011-Aug-2009Multiple Security Vulnerabilities in libtiff(3) Handling of CODE_CLEAR Code 1020800.126506820-May-2010Multiple Security Vulnerabilities in Firefox Versions Prior to 3.5 May Allow Execution of Arbitrary Code or Access to Unauthorized Data 1020811.126524820-Aug-2009Security Vulnerability in Solaris pollwakeup(9F) May Allow an Unprivileged User to Panic the System 1020812.126526819-Jan-2010Security Vulnerability in Sun VirtualBox May Lead to Denial of Service (DoS) 1020815.126532906-Aug-2009Security Vulnerabilities in Sun Java System Access Manager Policy Agent 2.2 (Web Agents) May Cause Denial of Service (DoS) 1020816.126533031-Aug-2009Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS) (Adobe Security Bulletin APSB09-07) 1020824.126548814-May-2010A Security Vulnerability in Sun Virtual Desktop Infrastructure (VDI) Software 3.0 may Lead to Inadvertent use of an Insecure LDAP Connection 1020829.126560816-Jun-2010Security Vulnerability with the Solaris IPv6 Networking Stack Involving the Cassini Gigabit-Ethernet Device Driver and Jumbo Frames 1020841.126580819-Aug-2009Multiple Integer Overflow Vulnerabilities in the libtiff(3) Image Conversion Tools 'tiff2rgba' and 'rgb2ycbcr' May Lead to Arbitrary Code Execution 1020844.126588809-Sep-2009Security Vulnerability in Solaris sockfs Related to HTTP Request Handling May Allow Remote Users to Panic Web Servers Resulting in a Denial of Service (DoS) 1020845.126590813-Dec-2009A Security Vulnerability in the ZFS Filesystem May Allow An Unprivileged User to Take Ownership of Files Belonging to Another User 1020855.126608819-Jan-2010Security Vulnerability in StarOffice/StarSuite 8 and 9 Related to XML Document Processing may Lead to Arbitrary Code Execution 1020856.126610830-Aug-2009Multiple Security Vulnerabilities in the Flash Player for Solaris 10 (Adobe Security Bulletin APSB09-10) 1020858.126614820-Aug-2009Multiple Security Vulnerabilities in Firefox Versions Prior to 3.5.2 May Allow Execution of Arbitrary Code or Application Crash 1020861.126622808-Sep-2009Security Vulnerability in lx Branded Zones May Result in Denial of Service (DoS) 1020866.126634801-Nov-2009Security Vulnerability in the w(1) Utility may Lead to Execution of Arbitrary Code 1020868.126638803-Nov-2009Security Vulnerability in Solaris SCTP (Stream Control Transmission Protocol (see sctp(7P)) and SDP (Sockets Direct Protocol driver (see sdp(7D)) sockets May Allow Unprivileged Users to Cause a Denial of Service (DoS) … 1020871.126642801-Dec-2009Multiple Security Vulnerabilities in the XML Library (see libxml2(3)) Bundled With Sun Management Center (SunMC) May Result in Arbitrary Code Execution or a Denial of Service (DoS) 1020872.126642928-Sep-2010A Security Vulnerability in the Sun Java System Web Server Related to Handling of Dynamic Content May Lead to Unauthorized Information Disclosure 1020876.126648809-Nov-2009Security Vulnerability in Solaris TCP sockets May Allow Unprivileged Users to Cause a Denial of Service (DoS) Condition 1020887.126668828-Sep-2009Security Vulnerabilities in libxml2 Library Related to Parsing of Element Declarations, Notation and Enumeration Attribute Types may Lead to a Denial of Service (DoS) 1020896.126690814-Dec-2009Security vulnerability in Solaris Pidgin (see pidgin(1)), Versions Prior to 2.5.9 may Lead to Execution of Arbitrary Code or a Denial of Service (DoS) Condition 1020905.126703112-Oct-2009Heap Overflow in a Regular Expression Parser in Network Security Services (NSS) may Affect SSL Clients (CVE-2009-2404) 1020909.126708818-Jan-2010Multiple Security Vulnerabilities in Solaris TCP (see tcp(7P)) Implementation May Lead to a Denial of Service (DoS) Condition 1020912.126714821-Sep-2009A Security Vulnerability in Solaris Cluster 3.2 Configuration Utility (clsetup(1CL)) may Lead to Escalation of Privileges 1020930.126748822-Sep-2009Security Vulnerabilities in Solaris Trusted Extensions Common Desktop Environment (CDE) may allow Privilege Escalation or Mandatory Access Control (MAC) Policy Violation 1020933.126754821-Dec-2009Security Vulnerability in the Sun Ray Server Software Authentication Manager May Allow a Denial of Service (DoS) 1020934.126756819-May-2010This Alert Covers CVE-2010-0894 for the Sun Java System Access Manager Product 1020936.126762828-Sep-2009Security Vulnerability in Samba (SAMBA(7)) May Allow Unauthorized Changes to Access Control Lists (ACL) 1020945.126780805-Oct-2009Buffer Underflow Vulnerability in the Solaris Tag Image File Format Library libtiff(3) may Lead to a Denial of Service (DoS) Condition 1020966.126818819-Jan-2010Security Vulnerability in the VBoxNetAdpCtl Configuration Tool for Sun VirtualBox May Lead to Escalation of Privileges 1020967.126818903-Dec-2009Security Vulnerability in the Solaris IP(7p) Kernel Module May Allow Remote Users to Panic the System, Resulting in a Denial of Service (DoS) 1020969.126822809-Dec-2009Vulnerability in Sun Ray Server Software due to Logout Failure 1020972.126828819-Oct-2009A Regression in the Solaris 10 Gnome-XScreenSaver (see xscreensaver(1)) may Allow Pop-up Windows to Appear through XScreenSaver when the Accessibility Feature is On 1020974.126832814-May-2010A Security Vulnerability in Sun Virtual Desktop Infrastructure (VDI) Software 3.0 may Lead to Unauthorized Access to the VirtualBox Web Service 1020980.126844812-Oct-2009Multiple Security Vulnerabilities in Firefox Versions Before 3.5.3 May Allow Execution of Arbitrary Code, Access to Unauthorized Data, or Denial of Service (DoS) 1021007.126900812-Oct-2009Multiple Security Vulnerabilities in the JBIG2 Decoder in the OpenSolaris GNOME PDF Viewer may Lead to Execution of Arbitrary Code 1021017.126920828-Oct-2009A Security Vulnerability With Verifying HMAC-based XML Digital Signatures in the XML Digital Signature Implementation Included With the Sun GlassFish Enterprise Server v2.1 may Allow Authentication to be Bypassed 1021023.126936819-Jan-2010Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Portal Server's Gateway May Lead to Execution of Arbitrary Code 1021030.126946820-Jan-2010Security Vulnerability in Mozilla Thunderbird Related to SSL Certificates May Cause Arbitrary Code Execution 1021043.126978809-Nov-2009Security Vulnerability in Solaris libpng(3) May Allow a Remote User to Disclose Potentially Sensitive Information from Applications Linked to libpng(3) 1021046.126986819-Jan-2010The Java Update Mechanism on Non-English Versions Does Not Update the JRE When a New Version is Available 1021047.126986919-Jan-2010Command Execution Vulnerability in the Java Runtime Environment Deployment Toolkit May be Leveraged to Execute Arbitrary Code 1021048.126987019-Jan-2010Security Vulnerability in the Java Web Start Installer May be Leveraged to Allow Untrusted Java Web Start Application to Run As Trusted Application 1021068.127026821-Oct-2010Multiple Integer Overflow Vulnerabilities in the FreeType 2 Font Engine May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code 1021076.127040802-Nov-2009Security Vulnerabilities in PostgreSQL Shipped with Solaris may Allow a Denial of Service (DoS) or Privilege Escalation 1021082.127047420-Jan-2010Buffer and Integer Overflow Vulnerabilities in the Java Runtime Environment With Processing Audio and Image Files May Allow Privileges to be Escalated 1021083.127047520-Jan-2010A Security Vulnerability in the Java Runtime Environment With Verifying HMAC Digests may Allow Authentication to be Bypassed 1021084.127047620-Jan-2010Two Security Vulnerabilities in the Java Runtime Environment With Decoding DER Encoded Data and Parsing HTTP Headers may Result in a Denial of Service (DoS) 1021089.127054908-Dec-2009A Security Vulnerability in the Generation of Encryption Keys for Sun Ray Firmware 1021093.127066929-Nov-2009Multiple Security Vulnerabilities in Adobe Reader for Solaris 10 May Allow Execution of Arbitrary Code or Cause Denial of Service (DoS) - Adobe Security Bulletin APSB09-15 1021100.127078919-Jan-2010Directory Proxy Server Provided with Directory Server Enterprise Edition 6 is Subject to Denial of Service (DoS) and May Allow Unauthorized Access to Certain Data 1021101.127080928-Oct-2009Security Vulnerability in Solaris Trusted Extensions may Prevent XScreenSaver (xscreensaver(1)) From Running 1021107.127096925-Oct-2009A Security Weakness in Solaris Trusted Extensions May Facilitate Privilege Escalation 1021111.127106910-Feb-2010Two Security Vulnerabilities in SAMBA(7) May Allow Unauthorized Access to the Remote Root Filesystem or May Lead to a Denial of Service (DoS) Condition 1021114.127114903-Dec-2009Security Vulnerability in VirtualBox Guest Additions May Lead to Denial of Service against the Virtual Machine 1021115.127116901-Mar-2010Multiple Security Vulnerabilities in the Common Unix Printing System (CUPS) Web Interface in OpenSolaris May Lead to Cross-Site Scripting (XSS) and HTTP Response Splitting Attacks 1021506.127220919-Jan-2010A Security Vulnerability in the Java Runtime Environment (JRE) Bundled With Sun GlassFish Enterprise Server v2.1 / Sun Java System Application Server 8.x While Parsing XML Data May Cause a Denial of Service (DoS) 1021508.127223011-Mar-2010Security Vulnerabilities in the Apache 2 "mod_perl2" Module Components "PerlRun.pm" and "Status.pm" May Lead to Denial of Service (DoS) or Unauthorized Access to Data 1021575.127248910-Jan-2010Security Vulnerability in the OSCAR Protocol Plugin for pidgin(1) may Lead to a Denial of Service (DoS) Condition 1021628.127262919-Jan-2010Security Vulnerability in the Timeout Mechanism of Solaris sshd(1M) may Lead to a Denial of Service (DoS) 1021645.127290923-Nov-2009Multiple Security Vulnerabilities in Firefox Versions Before 3.5.5 May Allow Execution of Arbitrary Code or Unauthorized Access to Certain Data 1021653.127302922-Jun-2010Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Involving Handshake Renegotiation Affects OpenSSL 1021660.127316922-Jun-2010Security Vulnerability in BIND DNS Software Shipped With Solaris May Allow DNS Cache Poisoning 1021671.127335011-Jan-2010Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Involving Handshake Renegotiation Affects Applications Utilizing Network Security Services (NSS) 1021680.127355118-Oct-2010Two Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a Denial of Service (DoS) 1021682.127357010-Jan-2010Multiple Buffer and Integer Overflow Vulnerabilities in Python (python(1)) May Lead to a Denial of Service (DoS) or Allow Execution of Arbitrary Code 1021683.127359029-Sep-2010Security Vulnerability in wget(1) Related to Certificate Parsing may Allow Encrypted HTTP Communication to be Intercepted Using a Man-in-the-Middle (MITM) Attack 1021686.127363013-Dec-2009Multiple Security Vulnerabilities in the libexpat Library May Lead to a Denial of Service (DoS) Condition 1021697.127385021-May-2010This Alert covers CVE-2010-0889 for the kernel component of the Solaris and OpenSolaris products. 1021699.127391021-May-2010This Alert covers CVE-2009-2404 and CVE-2009-0688 for the Directory Server component of the Sun ONE Directory Server and Sun Java System Directory Server products. 1021706.127403024-Feb-2010Multiple Security Vulnerabilities in the Solaris GNOME PDF Rendering Libraries May Lead to a Denial of Service (DoS) or Execution of Arbitrary Code 1021709.127411007-Mar-2010Security Vulnerability in the Apache 1.3 "mod_perl" Module Component "Status.pm" May Lead to Unauthorized Access to Data 1021716.127425020-May-2010Multiple Security Vulnerabilities in the Adobe Flash Player for Solaris May Lead to a Denial of Service (DoS) or Arbitrary Code Execution (Adobe Security Bulletin APSB09-19) 1021722.127439010-Jan-2010An Integer Overflow Vulnerability in GIMP(1) May Lead to Denial of Service (DoS) or Execution of Arbitrary Code 1021732.127459019-May-2010This Alert Covers CVE-2010-0888 for the Device Services Component of the Sun Ray Server Software Product 1021744.127483004-Jan-2010Security Vulnerability May Prevent OpenSolaris "hald" Daemon From Correctly Writing Audit Records 1021746.127487018-Jan-2010Security Vulnerabilities in PostgreSQL Shipped With Solaris May Allow Escalation of Privileges or Man-in-the-Middle on SSL Connections 1021752.127499004-Mar-2010Security Vulnerability in the Transport Layer Security (TLS) and Secure Sockets Layer 3.0 (SSLv3) Protocols Affects Multiple Server Products in the Sun Java Enterprise System Suite 1021753.127501010-Jan-2010Security Vulnerability in Identity Manager 8.1.0.5 and 8.1.0.6 Configured with Sun Java System Access Manager, OpenSSO Enterprise 8.0 or IBM Tivoli Access Manager 1021763.127523006-Jan-2010A "use-after-free" Vulnerability in the OpenSolaris Common Unix Printing System (CUPS) may Lead to a Denial of Service (DoS) Condition 1021773.127541010-Jan-2010A Security Vulnerability in Solaris Trusted Extensions due to Missing Libraries may Allow Privilege Escalation 1021779.127553017-Mar-2010Integer Overflow Security Vulnerability in AES and RC4 Decryption in the Solaris Kerberos Crypto Library May Lead to Execution of Arbitrary Code or a Denial of Service (DoS) 1021781.127559030-Jun-2010A Security Vulnerability in the ntp Daemon (xntpd(1M)) May Lead to a Denial of the Solaris Network Time Protocol (NTP) Service 1021784.127565014-Apr-2010A Race Condition Security Vulnerability in the OpenSolaris "automake" Utility may Allow Modification of Package Files or Execution of Arbitrary Code 1021788.127571122-Oct-2010Security Vulnerability in the Sun Java System Directory Server May Allow Crafted LDAP Search Requests To Cause A Denial Of Service (DoS) Condition 1021793.127579019-May-2010A Security Vulnerability Exists if an OpenSolaris System was Joined to a Windows Domain Using kclient(1M) or smbadm(1M) 1021796.127585003-Feb-2010Multiple security vulnerabilities in the HTTP TRACE, WebDAV and Digest Authentication Methods in the Sun Java System Web Server and Sun Java System Web Proxy Server 1021797.127587007-Jun-2010A Security Vulnerability Relating to Certificate Handling in sendmail(1M) Versions Prior to 8.14.4 May Allow Server Identification Forgery 1021798.127589007-Jun-2010Multiple Security Vulnerabilities in BIND DNSSEC Software Shipped With Solaris May Cause Bogus NXDOMAIN Responses 1021799.127591021-May-2010This Alert Covers CVE-2010-0453 for the /dev/ucode Component of the Solaris and OpenSolaris Products. 1021807.127609021-May-2010This Alert Covers CVE-2010-0893 for the Mail Component of the Sun Convergence Product 1021808.127613019-May-2010This Alert covers CVE-2010-0883 and CVE-2010-0884 for the Data Service for Oracle E-Business Suite component of the Sun Cluster product. 1021812.127621019-May-2010This Alert covers CVE-2010-0897 for the Sun Java System Directory Server product. 1021863.127641117-May-2010This Alert covers CVE-2010-0896 for the mail component of the Sun Convergence product. 1021965.127653321-May-2010This Alert covers CVE-2010-0895 for the IP Filter component of the OpenSolaris product. 1022024.127663021-May-2010This Alert covers the Address Book component of the Sun Java System Communications Express product. 1022203.127745020-May-2010A Security Vulnerability in Solaris Pidgin (see pidgin(1)) May Allow Remote Unprivileged Users to Access Arbitrary Files 1022294.127959021-May-2010Oracle Security Alert for CVE-2010-0886 was released on April 15th, 2010.