RSS   Podatności dla 'Sun product suite'   RSS

2010-10-14
 
CVE-2010-3579

 

 
Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 components in Oracle Sun Products Suite 1.0 and 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail.

 
 
CVE-2010-3575

CWE-noinfo
 

 
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 6.0, 6.2, 6.3, and 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Mail.

 
 
CVE-2010-3564

CWE-noinfo
 

 
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.

 
 
CVE-2010-3546

 

 
Unspecified vulnerability in the Sun Java System Identity Manager component in Oracle Sun Products Suite 8.1 allows remote attackers to affect confidentiality and integrity via unknown vectors.

 
 
CVE-2010-3545

 

 
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration.

 
 
CVE-2010-3544

 

 
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect integrity and availability via unknown vectors related to Administration. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable source that this is cross-site request forgery (CSRF) that allows remote attackers to stop an instance via the management console.

 
 
CVE-2010-3535

 

 
Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Products Suite 6.0, 6.1, 6.2, and 6.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Identity Synchronization for Windows.

 
2010-04-13
 
CVE-2010-0897

 

 
Unspecified vulnerability in the Sun Java System Directory Server component in Oracle Sun Product Suite 5.2, 6.0, 6.1, 6.2, 6.3, and 6.3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Directory Service Markup Language.

 
 
CVE-2010-0896

 

 
Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows remote attackers to affect confidentiality via unknown vectors related to Address Book and Mail Filter.

 
 
CVE-2010-0894

 

 
Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suite 7.1, 7 2005Q4, and OpenSSO Enterprise 8.0 allows remote attackers to affect confidentiality and integrity via unknown vectors.

 


Copyright 2024, cxsecurity.com

 

Back to Top