Executive Summary

Title Sun Alert 244826 A Security Vulnerability in the Sun System Firmware on Certain SPARC Systems May Allow Unauthorized Data Access
Name SUN-244826 First vendor Publication 2008-11-05
Vendor Sun Last vendor Modification 2008-11-05
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:S/C:C/I:N/A:N)
Cvss Base Score 4.6 Attack Range Local
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 3.1 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores


Product: Sun System Firmware 6.6.x Sun System Firmware 7.1.x

A security vulnerability in the firmware for certain Sun SPARC Systems using the Sun UltraSPARC T1, UltraSPARC T2, and UltraSPARC T2+ processors may allow unauthorized data access, where local privileged users in one Logical Domain (ldm(1M)) may be able to gain access to memory in another logical domain.

State: Resolved
First released: 05-Nov-2008

Original Source

Url : http://blogs.sun.com/security/entry/sun_alert_244826_a_security

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

Hardware 3
Hardware 2
Hardware 3
Hardware 3
Hardware 3
Hardware 3
Hardware 1
Hardware 3
Hardware 3
Hardware 1
Hardware 2
Hardware 2
Hardware 2

Open Source Vulnerability Database (OSVDB)

Id Description
49735 Sun SPARC System Firmware Unspecified Cross Logical Domain (ldm(1M)) Data Access

Alert History

If you want to see full details history, please login or register.
Date Informations
2013-02-06 19:08:20
  • Multiple Updates