The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Sun Solaris

OpenJPEG: buffer overflow via opj_t2_encode_packet
An attacker can generate a buffer overflow via opj_t2_encode_packet() of OpenJPEG, in order to trigger a denial of service, and possibly to run code...
bulletinjul2018, CVE-2017-14039, DSA-4013-1, openSUSE-SU-2017:2685-1, openSUSE-SU-2017:2686-1, SSA:2017-279-02, VIGILANCE-VUL-24043
X.Org Server: buffer overflow via xkb
An attacker can generate a buffer overflow via xkb of X.Org Server, in order to trigger a denial of service, and possibly to run code...
bulletinjan2018, CVE-2017-13723, DLA-1186-1, DSA-4000-1, SSA:2017-279-03, USN-3453-1, VIGILANCE-VUL-24027
X.Org Server: memory corruption via Xext/shm Shmseg Resource Id
An attacker can generate a memory corruption via Xext/shm Shmseg Resource Id of X.Org Server, in order to trigger a denial of service, and possibly to run code...
bulletinjan2018, CVE-2017-13721, DSA-4000-1, SSA:2017-279-03, USN-3453-1, VIGILANCE-VUL-24026
OpenSSH: empty file creation via read-only sftp-server
An attacker can use sftp-server of OpenSSH, in order to create an empty file, even if the read-only mode is selected...
bulletinjan2019, CVE-2017-15906, DLA-1500-1, DLA-1500-2, FEDORA-2017-4862a3bfb1, FEDORA-2017-78f0991378, FEDORA-2017-96d1995b70, JSA10880, openSUSE-SU-2017:3243-1, RHSA-2018:0980-01, SUSE-SU-2018:2275-1, SUSE-SU-2018:2685-1, SUSE-SU-2018:3540-1, USN-3538-1, VIGILANCE-VUL-24020
curl: out-of-bounds memory reading via FTP PWD
An attacker can force a read at an invalid address via FTP PWD of curl, in order to trigger a denial of service, or to obtain sensitive information...
2011879, bulletinapr2018, CVE-2017-1000254, DLA-1121-1, DSA-2019-114, DSA-2020-030, DSA-3992-1, FEDORA-2017-601b4c20a4, HT208331, HT208394, JSA10874, K-511316, openSUSE-SU-2017:2880-1, RHSA-2018:3558-01, SSA:2017-279-01, STORM-2019-002, USN-3441-1, USN-3441-2, VIGILANCE-VUL-24018
Mozilla NSS: use after free via Verifying Client Authentication
An attacker can force the usage of a freed memory area via Verifying Client Authentication of Mozilla NSS, in order to trigger a denial of service, and possibly to run code...
bulletinoct2017, cpuapr2018, cpuoct2018, CVE-2017-7805, DLA-1118-1, DLA-1138-1, DSA-2020-030, DSA-3987-1, DSA-3998-1, FEDORA-2017-2e7badfe67, FEDORA-2017-6e2071419d, FEDORA-2019-7f7489dc8c, MFSA-2017-21, MFSA-2017-22, openSUSE-SU-2017:2615-1, openSUSE-SU-2017:2707-1, openSUSE-SU-2017:2710-1, RHSA-2017:2831-01, RHSA-2017:2832-01, SSA:2017-271-01, SSA:2019-247-01, SUSE-SU-2017:2688-1, SUSE-SU-2017:2872-1, SUSE-SU-2017:2872-2, USN-3431-1, USN-3435-1, USN-3435-2, USN-3436-1, VIGILANCE-VUL-23976
Poppler: denial of service via Splash-scaleImageYuXd
An attacker can generate a fatal error via Splash::scaleImageYuXd() of Poppler, in order to trigger a denial of service...
bulletinjan2019, CVE-2017-14520, DSA-4079-1, DSA-4079-2, FEDORA-2017-51ff8fe326, FEDORA-2017-805d9423f8, FEDORA-2017-9d9d8173df, FEDORA-2017-b29d431ac7, FEDORA-2017-ccb10391ad, openSUSE-SU-2018:1721-1, SUSE-SU-2018:1662-1, USN-3440-1, VIGILANCE-VUL-23974
Firefox, Thunderbird: multiple vulnerabilities
An attacker can use several vulnerabilities of Firefox and Thunderbird...
bulletinoct2017, CERTFR-2017-AVI-327, CERTFR-2017-AVI-340, CVE-2017-7793, CVE-2017-7810, CVE-2017-7811, CVE-2017-7812, CVE-2017-7813, CVE-2017-7814, CVE-2017-7815, CVE-2017-7816, CVE-2017-7817, CVE-2017-7818, CVE-2017-7819, CVE-2017-7820, CVE-2017-7821, CVE-2017-7822, CVE-2017-7823, CVE-2017-7824, CVE-2017-7825, DLA-1118-1, DLA-1153-1, DSA-2020-030, DSA-3987-1, DSA-4014-1, FEDORA-2017-2e7badfe67, FEDORA-2017-6967efb3f0, FEDORA-2017-6e2071419d, FEDORA-2017-730e299c49, FEDORA-2017-845c543ea4, FEDORA-2019-7f7489dc8c, MFSA-2017-21, MFSA-2017-22, MFSA-2017-23, openSUSE-SU-2017:2615-1, openSUSE-SU-2017:2707-1, openSUSE-SU-2017:2710-1, RHSA-2017:2831-01, RHSA-2017:2885-01, SSA:2017-271-01, SSA:2019-247-01, SUSE-SU-2017:2688-1, SUSE-SU-2017:2872-1, SUSE-SU-2017:2872-2, USN-3435-1, USN-3435-2, USN-3436-1, USN-3688-1, VIGILANCE-VUL-23970
Poppler: memory corruption via Object-streamGetChar
An attacker can generate a memory corruption via Object::streamGetChar() of Poppler, in order to trigger a denial of service, and possibly to run code...
bulletinjan2019, CVE-2017-14519, DLA-1116-1, DSA-4079-1, DSA-4079-2, FEDORA-2017-51ff8fe326, FEDORA-2017-6127ddb036, FEDORA-2017-805d9423f8, FEDORA-2017-a0ffdf1fbd, USN-3433-1, VIGILANCE-VUL-23942
Poppler: NULL pointer dereference via XRef-parseEntry
An attacker can force a NULL pointer to be dereferenced via XRef::parseEntry() of Poppler, in order to trigger a denial of service...
bulletinjan2019, CVE-2017-14517, DLA-1116-1, DSA-4079-1, DSA-4079-2, FEDORA-2017-51ff8fe326, FEDORA-2017-6127ddb036, FEDORA-2017-805d9423f8, FEDORA-2017-a0ffdf1fbd, openSUSE-SU-2018:1721-1, SUSE-SU-2018:1662-1, SUSE-SU-2020:1626-1, USN-3433-1, VIGILANCE-VUL-23941
Our database contains other pages. You can request a free trial to read them.

Display information about Sun Solaris: