ByteOS Network

Vulnerability Details :

CVE-2009-3100

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-08 Sep, 2009 | 18:00

Updated At-17 Sep, 2024 | 02:58

xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 9 and 10, OpenSolaris snv_109 through snv_122, and X11 6.4.1 on Solaris 8 does not properly handle Accessibility support, which allows local users to cause a denial of service (system hang) by locking the screen and then attempting to launch an Accessibility pop-up window, related to a regression in certain Solaris and OpenSolaris patches.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:08 Sep, 2009 | 18:00

Updated At:17 Sep, 2024 | 02:58

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://bugs.opensolaris.org/view_bug.do?bug_id=6839026	x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1	vendor-advisory x_refsource_SUNALERT

Hyperlink: http://bugs.opensolaris.org/view_bug.do?bug_id=6839026

Resource:

x_refsource_CONFIRM

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1

Resource:

vendor-advisory

x_refsource_SUNALERT

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://bugs.opensolaris.org/view_bug.do?bug_id=6839026	x_refsource_CONFIRM x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1	vendor-advisory x_refsource_SUNALERT x_transferred

Hyperlink: http://bugs.opensolaris.org/view_bug.do?bug_id=6839026

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1

Resource:

vendor-advisory

x_refsource_SUNALERT

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:08 Sep, 2009 | 18:30

Updated At:21 Dec, 2011 | 05:00

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.0	MEDIUM	AV:L/AC:H/Au:N/C:N/I:N/A:C

Type: Primary

Version: 2.0

Base score: 4.0

Base severity: MEDIUM

Vector:

AV:L/AC:H/Au:N/C:N/I:N/A:C

CPE Matches

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_109

cpe:2.3:o:sun:opensolaris:snv_109:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_109

cpe:2.3:o:sun:opensolaris:snv_109:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_110

cpe:2.3:o:sun:opensolaris:snv_110:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_110

cpe:2.3:o:sun:opensolaris:snv_110:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_111

cpe:2.3:o:sun:opensolaris:snv_111:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_111

cpe:2.3:o:sun:opensolaris:snv_111:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_112

cpe:2.3:o:sun:opensolaris:snv_112:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_112

cpe:2.3:o:sun:opensolaris:snv_112:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_113

cpe:2.3:o:sun:opensolaris:snv_113:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_113

cpe:2.3:o:sun:opensolaris:snv_113:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_114

cpe:2.3:o:sun:opensolaris:snv_114:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_114

cpe:2.3:o:sun:opensolaris:snv_114:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_115

cpe:2.3:o:sun:opensolaris:snv_115:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_115

cpe:2.3:o:sun:opensolaris:snv_115:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_116

cpe:2.3:o:sun:opensolaris:snv_116:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_116

cpe:2.3:o:sun:opensolaris:snv_116:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_117

cpe:2.3:o:sun:opensolaris:snv_117:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_117

cpe:2.3:o:sun:opensolaris:snv_117:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_118

cpe:2.3:o:sun:opensolaris:snv_118:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_118

cpe:2.3:o:sun:opensolaris:snv_118:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_119

cpe:2.3:o:sun:opensolaris:snv_119:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_119

cpe:2.3:o:sun:opensolaris:snv_119:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_120

cpe:2.3:o:sun:opensolaris:snv_120:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_120

cpe:2.3:o:sun:opensolaris:snv_120:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_121

cpe:2.3:o:sun:opensolaris:snv_121:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_121

cpe:2.3:o:sun:opensolaris:snv_121:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_122

cpe:2.3:o:sun:opensolaris:snv_122:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>opensolaris>>snv_122

cpe:2.3:o:sun:opensolaris:snv_122:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>solaris>>9

cpe:2.3:o:sun:solaris:9:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>solaris>>9

cpe:2.3:o:sun:solaris:9:*:x86:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>solaris>>10

cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>solaris>>10

cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*

X.Org Foundation

>>x11>>6.4.1

cpe:2.3:a:x.org:x11:6.4.1:*:*:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>solaris>>8

cpe:2.3:o:sun:solaris:8:*:sparc:*:*:*:*:*

Sun Microsystems (Oracle Corporation)

>>solaris>>8

cpe:2.3:o:sun:solaris:8:*:x86:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://bugs.opensolaris.org/view_bug.do?bug_id=6839026	cve@mitre.org	Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1	cve@mitre.org	Patch Vendor Advisory

Hyperlink: http://bugs.opensolaris.org/view_bug.do?bug_id=6839026

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-266469-1

Source: cve@mitre.org

Resource:

Patch

Vendor Advisory

Similar CVEs

3Records found

CVE-2009-4774

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-4||MEDIUM

EPSS-0.04% / 13.11%

7 Day CHG~0.00%

Published-21 Apr, 2010 | 14:00

Updated-11 Apr, 2025 | 00:51

Unspecified vulnerability in Sun Solaris 10 and OpenSolaris snv_49 through snv_117, when 64bit mode is used on the Intel x86 platform and a Linux (lx) branded zone is configured, allows local users to cause a denial of service (panic) via unspecified vectors, a different vulnerability than CVE-2007-6225.

Vendor-n/a Sun Microsystems (Oracle Corporation)

Product-solaris opensolaris n/a

CVE-2008-5009

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-4||MEDIUM

EPSS-0.04% / 10.88%

7 Day CHG~0.00%

Published-10 Nov, 2008 | 15:00

Updated-07 Aug, 2024 | 10:40

Race condition in the s_xout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service (panic) via vectors involving reading the /dev/xty file.

Vendor-n/a Sun Microsystems (Oracle Corporation)

Product-sunos solstice_x.25 n/a

CWE ID-CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE-2003-1563

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-4||MEDIUM

EPSS-0.07% / 20.64%

7 Day CHG~0.00%

Published-18 Aug, 2008 | 19:00

Updated-03 Apr, 2025 | 01:03

Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC) allows local users to cause a denial of service (cluster node panic or abort) by launching a daemon listening on a TCP port that would otherwise be used by the Distributed Lock Manager (DLM), possibly involving this daemon responding in a manner that spoofs a cluster reconfiguration.

Vendor-n/a Sun Microsystems (Oracle Corporation)

Product-solaris cluster sunos n/a

CVE-2009-3100

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs