Documents Associated to Sun Microsystems

New User, Welcome! Login

Sun Microsystems

ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability

ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-075
April 13, 2010

-- CVE ID:
CVE-2010-0897

-- Affected Vendors:
Sun Microsystems

ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability

ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-073
April 13, 2010

-- CVE ID:
CVE-2010-0897

-- Affected Vendors:
Sun Microsystems

ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability

ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-074
April 13, 2010

-- CVE ID:
CVE-2010-0897

-- Affected Vendors:
Sun Microsystems

CORE-2008-0716 - Sun xVM VirtualBox Privilege Escalation Vulnerability

Advisory ID: CORE-2008-0716
Advisory URL:
http://www.coresecurity.com/content/virtualbox-privilege-escalation-vulnerability
Date published: 2008-08-04
Date of last update: 2008-08-04
Vendors contacted: Sun Microsystems
Release mode: Coordinated release


*Vulnerability Information*

iDefense Security Advisory 10.14.08: Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow

http://labs.idefense.com/intelligence/vulnerabilities/
Oct 09, 2008

I. BACKGROUND

Sun Microsystems Inc's Java System is a collection of server
applications bundled together. One such server application included is
the Web Proxy Server. This software implements proxy services including
HTTP and SOCKSv5.

For more information, visit

ZDI-08-080: Sun Java AWT Library Sandbox Violation Vulnerability

ZDI-08-080: Sun Java AWT Library Sandbox Violation Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-080
December 4, 2008

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-09-076: Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability

ZDI-09-076: Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-076
November 4, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-09-078: Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability

ZDI-09-078: Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-078
November 4, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability

-- CVE ID:
CVE-2010-0843

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-08-010: Java Web Start encoding Stack Buffer Overflow

-- CVE ID:
CVE-2008-1188

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability

-- CVE ID:
CVE-2010-0840

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- Vulnerability Details:

ZDI-09-049: Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability

Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-049
August 5, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- Vulnerability Details:

ZDI-09-077: Sun Java Web Start Arbitrary Command Execution Vulnerability

ZDI-09-077: Sun Java Web Start Arbitrary Command Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-077
November 4, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability

ZDI-08-042: Sun Java Web Start Sandbox Bypass Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-042
July 17, 2008

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-10-053: Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability

-- CVE ID:
CVE-2010-0844

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability

ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-080
November 4, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow

ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow
http://www.zerodayinitiative.com/advisories/ZDI-08-043
July 17, 2008

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

Sun Solaris 10 filesystem rm(1),find(1),etc, Denial-of-service

Original URL:
http://securityreason.com/achievement_securityalert/85


- --- 0.Description ---
Solaris is a Unix operating system introduced by Sun Microsystems in 1992 as the successor to SunOS.

Sun Microsystems, Inc. is a wholly owned subsidiary of Oracle Corporation, selling computers, computer components, computer software, and information technology services. Sun was founded on February 24, 1982. The company was headquartered in Santa Clara, California (part of Silicon Valley), on the former west campus of the Agnews Developmental Center.

In computing, ZFS is a combined file system and logical volume manager designed by Sun Microsystems. The features of ZFS include support for high storage capacities, integration of the concepts of filesystem and volume management, snapshots and copy-on-write  clones, continuous integrity checking and automatic repair, RAID-Z and native NFSv4 ACLs.

ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability

-- CVE ID:
CVE-2010-0841

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-08-009: Java Web Start tempbuff Stack Buffer Overflow

-- CVE ID:
CVE-2008-1188

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability

-- CVE ID:
CVE-2010-0842

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-10-055: Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability

-- CVE ID:
CVE-2010-0095

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- Vulnerability Details:

ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability

-- CVE ID:
CVE-2010-0838

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- Vulnerability Details:

ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability

-- CVE ID:
CVE-2010-0846

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-09-050: Sun Java Web Start JPEG Header Parsing Integer Overflow Vulnerability

Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-050
August 5, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- Vulnerability Details:

ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability

-- CVE ID:
CVE-2010-0849

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- Vulnerability Details:

ZDI-08-081: Sun Java Web Start and Applet Multiple Sandbox Bypass Vulnerabilities

Vulnerabilities
http://www.zerodayinitiative.com/advisories/ZDI-08-081
December 4, 2008

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability

-- CVE ID:
CVE-2010-0094

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

ZDI-09-079: Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability

ZDI-09-079: Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-079
November 4, 2009

-- Affected Vendors:
Sun Microsystems

-- Affected Products:
Sun Microsystems Java Runtime

-- TippingPoint(TM) IPS Customer Protection:

iDefense Security Advisory 06.03.08: Sun Java System Active Server Pages Authorization Bypass Vulnerability

http://www.sun.com/software/chilisoft/index.xml

II. DESCRIPTION

Remote exploitation of design error in Sun Microsystem's Java System
Active Server Pages allows attackers to bypass administration server
authentication mechanisms.

The vulnerability exists due to improper design of the ASP application
server. The administration application server exists as a stand-alone

Next Page>>

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!