Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2002-2374

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-31 Oct, 2007 | 16:00
Updated At-17 Sep, 2024 | 04:13
Rejected At-
Credits

Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files."

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:31 Oct, 2007 | 16:00
Updated At:17 Sep, 2024 | 04:13
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files."

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/5540
vdb-entry
x_refsource_BID
http://sunsolve.sun.com/search/document.do?assetkey=1-21-113176-01-1&searchclause=113176
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/5540
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-21-113176-01-1&searchclause=113176
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/5540
vdb-entry
x_refsource_BID
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-21-113176-01-1&searchclause=113176
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/5540
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-21-113176-01-1&searchclause=113176
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:31 Dec, 2002 | 05:00
Updated At:03 Apr, 2025 | 01:03

Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Sun Microsystems (Oracle Corporation)
sun
>>patchpro>>2.0
cpe:2.3:a:sun:patchpro:2.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-59Primarynvd@nist.gov
CWE-362Primarynvd@nist.gov
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: CWE-59
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-362
Type: Primary
Source: nvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://sunsolve.sun.com/search/document.do?assetkey=1-21-113176-01-1&searchclause=113176cve@mitre.org
Patch
http://www.securityfocus.com/bid/5540cve@mitre.org
Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-21-113176-01-1&searchclause=113176af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/5540af854a3a-2127-422b-91ae-364da2661108
Patch
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-21-113176-01-1&searchclause=113176
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/5540
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-21-113176-01-1&searchclause=113176
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.securityfocus.com/bid/5540
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

295Records found
CVE-2010-4454
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-7.41% / 91.36%
||
7 Day CHG~0.00%
Published-17 Feb, 2011 | 18:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4462 and CVE-2010-4473.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-4463
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-1.10% / 77.16%
||
7 Day CHG~0.00%
Published-17 Feb, 2011 | 18:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 21 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2003-0196
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-6.78% / 90.93%
||
7 Day CHG~0.00%
Published-15 Apr, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

Action-Not Available
Vendor-samba-tngcompaqn/aSambaSun Microsystems (Oracle Corporation)HP Inc.
Product-tru64hp-uxsolarissamba-tngsambasunoscifs-9000_servern/a
CVE-2010-4473
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-7.41% / 91.36%
||
7 Day CHG~0.00%
Published-17 Feb, 2011 | 18:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4454 and CVE-2010-4462.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2003-0161
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-65.76% / 98.44%
||
7 Day CHG~0.00%
Published-01 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

Action-Not Available
Vendor-compaqsendmailn/aSun Microsystems (Oracle Corporation)HP Inc.
Product-sendmailtru64hp-uxhp-ux_series_700sendmail_switchsolarishp-ux_series_800sunossisn/a
CVE-2010-4452
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-87.78% / 99.44%
||
7 Day CHG~0.00%
Published-17 Feb, 2011 | 18:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2010-4467
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-3.46% / 87.06%
||
7 Day CHG~0.00%
Published-17 Feb, 2011 | 18:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 10 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2010-4462
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-7.41% / 91.36%
||
7 Day CHG~0.00%
Published-17 Feb, 2011 | 18:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound and unspecified APIs, a different vulnerability than CVE-2010-4454 and CVE-2010-4473.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2002-1584
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.26% / 89.60%
||
7 Day CHG~0.00%
Published-08 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)
Product-solarissunosirixn/a
CVE-2010-4465
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.66% / 92.58%
||
7 Day CHG~0.00%
Published-17 Feb, 2011 | 18:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or "clipboard access in Applets."

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2002-1337
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-51.02% / 97.78%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

Action-Not Available
Vendor-windriversendmailn/aNetBSDGentoo Foundation, Inc.Oracle CorporationSun Microsystems (Oracle Corporation)HP Inc.
Product-sendmailplatform_sanetbsdhp-uxsolarisalphaserver_scsunoslinuxbsdosn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2010-4435
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-36.48% / 97.00%
||
7 Day CHG~0.00%
Published-19 Jan, 2011 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims from a reliable third party that this is a buffer overflow in rpc.cmsd via long XDR-encoded ASCII strings in RPC call 10.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/a
CVE-2010-3566
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-7.21% / 91.23%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that leads to a buffer overflow via a crafted devs (device information) tag structure in a color profile.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2010-3574
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.47% / 91.99%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that HttpURLConnection does not properly check for the allowHttpTrace permission, which allows untrusted code to perform HTTP TRACE requests.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2002-1034
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.71% / 92.12%
||
7 Day CHG~0.00%
Published-31 Aug, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-i-runbookn/a
CVE-2002-0797
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.29% / 89.63%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the MIB parsing component of mibiisa for Solaris 5.6 through 8 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2002-0033
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-55.47% / 97.98%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2010-3559
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-13.66% / 93.99%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this involves an incorrect sign extension in the HeadspaceSoundbank.nGetName function, which allows attackers to execute arbitrary code via a crafted BANK record that leads to a buffer overflow.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3571
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-14.12% / 94.10%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the color profile parser that allows remote attackers to execute arbitrary code via a crafted Tag structure in a color profile.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3565
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.04% / 92.30%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3562
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-15.53% / 94.41%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3569
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-16.09% / 94.53%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3554
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-6.88% / 91.00%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects."

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3558
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-5.16% / 89.49%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2010-3568
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-9.13% / 92.35%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3553
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-10.97% / 93.14%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3556
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-11.45% / 93.32%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3572
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-11.45% / 93.32%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sdkjdkjren/a
CVE-2010-3563
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-88.76% / 99.49%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to "how Web Start retrieves security policies," BasicServiceImpl, and forged policies that bypass sandbox restrictions.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2002-0391
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.57% / 88.78%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.

Action-Not Available
Vendor-n/aOpenBSDFreeBSD FoundationMicrosoft CorporationSun Microsystems (Oracle Corporation)
Product-windows_ntopenbsdsolariswindows_xpsunosfreebsdwindows_2000n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2002-0796
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.57% / 84.95%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2010-0886
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-80.97% / 99.11%
||
7 Day CHG~0.00%
Published-20 Apr, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Deployment Toolkit component in Oracle Java SE and Java for Business JDK and JRE 6 Update 10 through 19 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Microsoft Corporation
Product-windowsjdkjren/a
CVE-2001-0797
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-88.62% / 99.48%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

Action-Not Available
Vendor-scon/aIBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-hp-uxaixsolarisopenserveririxsunosn/a
CVE-2001-0554
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-16.67% / 94.66%
||
7 Day CHG-10.76%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.

Action-Not Available
Vendor-netkitn/aNetBSDMIT (Massachusetts Institute of Technology)IBM CorporationSilicon Graphics, Inc.Debian GNU/LinuxOpenBSDFreeBSD FoundationSun Microsystems (Oracle Corporation)
Product-netbsdopenbsdaixsolarisirixsunosdebian_linuxfreebsdkerberoslinux_netkitkerberos_5n/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2000-1076
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.51% / 65.57%
||
7 Day CHG~0.00%
Published-29 Nov, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.

Action-Not Available
Vendor-n/aNetscape (Yahoo Inc.)Sun Microsystems (Oracle Corporation)
Product-iplanet_certificate_management_systemdirectory_servern/a
CVE-2001-0236
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-77.74% / 98.96%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Solaris snmpXdmid SNMP to DMI mapper daemon allows remote attackers to execute arbitrary commands via a long "indication" event.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2000-0844
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.89% / 74.61%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Action-Not Available
Vendor-conectivatrustiximmunixturbolinuxn/aMandriva (Mandrakesoft)SlackwareDebian GNU/LinuxRed Hat, Inc.SUSEIBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)The MITRE Corporation (Caldera)
Product-openlinux_eserversecure_linuxaixsolaristurbolinuxirixopenlinux_ebuilderimmunixdebian_linuxsunossuse_linuxlinuxslackware_linuxopenlinuxmandrake_linuxn/a
CVE-2000-0812
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.55% / 84.90%
||
7 Day CHG~0.00%
Published-18 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_web_servern/a
CVE-2000-0175
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.19% / 77.96%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-starofficen/a
CVE-1999-1588
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.85% / 90.97%
||
7 Day CHG~0.00%
Published-21 Apr, 2006 | 10:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarisn/asolaris
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2000-0697
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-15.92% / 94.49%
||
7 Day CHG~0.00%
Published-21 Sep, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solaris_answerbook2n/a
CVE-1999-1467
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.86% / 85.73%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/a
CVE-2010-0360
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.80% / 73.11%
||
7 Day CHG~0.00%
Published-20 Jan, 2010 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to overwrite memory locations in the heap, and discover the contents of memory locations, via a malformed HTTP TRACE request that includes a long URI and many empty headers, related to an "overflow." NOTE: this might overlap CVE-2010-0272 and CVE-2010-0273.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-java_system_web_servern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-0079
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-1.28% / 78.73%
||
7 Day CHG~0.00%
Published-13 Jan, 2010 | 01:00
Updated-07 Aug, 2024 | 00:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps CVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871, CVE-2009-3872, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, and CVE-2009-3877.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrebea_product_suitejdkn/a
CVE-2000-0032
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.02% / 76.31%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-1999-0974
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.44% / 84.56%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Solaris snoop allows remote attackers to gain root privileges via GETQUOTA requests to the rpc.rquotad service.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-1999-0837
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.15% / 77.58%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in BIND by improperly closing TCP sessions via so_linger.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Internet Systems Consortium, Inc.
Product-solarissunosbindn/a
CVE-1999-0568
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.48% / 64.25%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rpc.admind in Solaris is not running in a secure mode.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarisn/a
CVE-1999-0973
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.14% / 86.35%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Solaris snoop program allows remote attackers to gain root privileges via a long domain name when snoop is running in verbose mode.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-1999-0835
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.59% / 68.25%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in BIND named via malformed SIG records.

Action-Not Available
Vendor-scon/aIBM CorporationSun Microsystems (Oracle Corporation)
Product-aixsunosunixwareopenservern/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found