| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file. |
| StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files. |
| Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. |
| Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument. |
| Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option. |
| Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option. |
| Command execution in Sun systems via buffer overflow in the at program. |
| Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. |
| Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and earlier allows a local user to gain privileges via a long -o argument. |
| ndcgi.exe in Netdynamics 4.x through 5.x, and possibly earlier versions, allows remote attackers to steal session IDs and hijack user sessions by reading the SPIDERSESSION and uniqueValue variables from the login field, then using those variables after the next user logs in. |
| traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . (dot). |
| Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command. |
| Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). |
| Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code. |
| Unspecified vulnerability in Unix File System (UFS) on Solaris 8 and 9, when logging is enabled, allows local users to cause a denial of service ("soft hang") via certain write operations to UFS. |
| Unspecified vulnerability in Sun Solaris X Inter Client Exchange library (libICE) on Solaris 8 and 9 allows context-dependent attackers to cause a denial of service (application crash) to applications that use the library. |
| Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to corrupt files or create arbitrary files via unspecified attack vectors related to a temporary directory, possibly due to a symlink attack. |
| Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges. |
| Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set in the kmem_flags kernel parameter, allows local users to cause a denial of service (system panic). |
