This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sun First view 2007-09-27
Product Solaris Last view 2008-06-16
Version 9.0 Type Os
Update unkown  
Edition x86  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:sun:solaris

Activity : Overall

Related : CVE

  Date Alert Description
7.2 2008-06-16 CVE-2008-2710

Integer signedness error in the ip_set_srcfilter function in the IP Multicast Filter in uts/common/inet/ip/ip_multi.c in the kernel in Sun Solaris 10 and OpenSolaris before snv_92 allows local users to execute arbitrary code in other Solaris Zones via an SIOCSIPMSFILTER IOCTL request with a large value of the imsf->imsf_numsrc field, which triggers an out-of-bounds write of kernel memory. NOTE: this was reported as an integer overflow, but the root cause involves the bypass of a signed comparison.

4.7 2007-09-27 CVE-2007-5118

Unspecified vulnerability in the HID (Human Interface Device) class driver in Sun Solaris 8, 9, and 10 before 20070925 allows local users to cause a denial of service (panic) via unspecified vectors.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-189 Numeric Errors

Open Source Vulnerability Database (OSVDB)

id Description
46193 Solaris Kernel SIOCSIPMSFILTER IOCTL Request IP Multicast Filter Local Privil...
37334 Solaris Human Interface Device (HID) Unspecified Local DoS

Nessus® Vulnerability Scanner

id Description
2007-10-12 Name: The remote host is missing Sun Security Patch number 115554-26
File: solaris9_x86_115554.nasl - Type: ACT_GATHER_INFO
2004-07-12 Name: The remote host is missing Sun Security Patch number 109896-37
File: solaris8_109896.nasl - Type: ACT_GATHER_INFO
2004-07-12 Name: The remote host is missing Sun Security Patch number 115553-31
File: solaris9_115553.nasl - Type: ACT_GATHER_INFO