The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of SunOS

Perl: bypassing Taint via File-Spec-canonpath
An attacker can bypass the Taint mechanism of Perl, when an application uses the File::Spec::canonpath() function...
126862, bulletinapr2017, CVE-2015-8607, DSA-3441-1, FEDORA-2016-4ca904238f, FEDORA-2016-69e506e02d, openSUSE-SU-2016:0881-1, USN-2878-1, VIGILANCE-VUL-18682
NTP.org: altering time via Small-step/Big-step
An attacker can act as a Man-in-the-Middle of NTP.org, in order to change the client time...
2956, bulletinjan2016, CTX220112, CVE-2015-5300, FEDORA-2016-34bc10a2c8, FreeBSD-SA-16:02.ntp, openSUSE-SU-2016:1292-1, openSUSE-SU-2016:1329-1, openSUSE-SU-2016:1423-1, sk109942, SSA:2016-054-04, SUSE-SU-2016:1175-1, SUSE-SU-2016:1177-1, SUSE-SU-2016:1247-1, SUSE-SU-2016:1278-1, SUSE-SU-2016:1291-1, SUSE-SU-2016:1311-1, SUSE-SU-2016:1471-1, SUSE-SU-2016:1912-1, SUSE-SU-2016:2094-1, VIGILANCE-VUL-18665
LibTIFF: unreachable memory reading via DECLAREContigPutFunc
An attacker can force a read at an invalid address in DECLAREContigPutFunc() of LibTIFF, in order to trigger a denial of service...
bulletinapr2016, CVE-2015-8683, DLA-610-1, DLA-610-2, DSA-3467-1, K11220361, K35155453, openSUSE-SU-2016:3035-1, RHSA-2016:1546-01, RHSA-2016:1547-01, SOL35155453, SSA:2017-098-01, USN-2939-1, VIGILANCE-VUL-18596
LibTIFF: memory corruption via _TIFFVGetField
An attacker can generate a memory corruption in _TIFFVGetField() of LibTIFF, in order to trigger a denial of service, and possibly to run code...
bulletinjan2018, CVE-2015-7554, DLA-692-1, DLA-693-1, DLA-693-2, K38871451, openSUSE-SU-2016:0212-1, openSUSE-SU-2016:0215-1, openSUSE-SU-2016:0252-1, openSUSE-SU-2016:3035-1, openSUSE-SU-2018:0097-1, RHSA-2016:1546-01, RHSA-2016:1547-01, SOL38871451, SUSE-SU-2018:0073-1, SUSE-SU-2018:1835-1, USN-3212-1, USN-3212-2, USN-3212-3, USN-3212-4, VIGILANCE-VUL-18595
LibTIFF: unreachable memory reading via tif_getimage.c
An attacker can force a read at an invalid address in tif_getimage.c of LibTIFF, in order to trigger a denial of service...
bulletinapr2016, CVE-2015-8665, DLA-610-1, DLA-610-2, DSA-3467-1, K11220361, K35155453, openSUSE-SU-2016:3035-1, RHSA-2016:1546-01, RHSA-2016:1547-01, SOL35155453, SSA:2017-098-01, USN-2939-1, VIGILANCE-VUL-18594
LibRaw: denial of service
An attacker can generate a fatal error of LibRaw, in order to trigger a denial of service...
bulletinoct2015, CVE-2013-1438, CVE-2013-1439, DSA-2748-1, FEDORA-2013-15562, FEDORA-2013-15576, FEDORA-2013-22832, FEDORA-2013-22854, FEDORA-2013-22899, FEDORA-2013-22900, FEDORA-2013-22924, FEDORA-2013-22929, MDVSA-2013:249, MDVSA-2014:098, VIGILANCE-VUL-18542
Samba: seven vulnerabilities
An attacker can use several vulnerabilities of Samba...
bulletinjan2016, c05115993, CERTFR-2015-AVI-545, CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467, DSA-3433-1, FEDORA-2015-0e0879cc8a, FEDORA-2015-af140eefbc, FEDORA-2015-b36076d32e, FEDORA-2015-b960ca78bf, HPSBUX03574, openSUSE-SU-2015:2354-1, openSUSE-SU-2015:2356-1, openSUSE-SU-2016:1064-1, openSUSE-SU-2016:1106-1, openSUSE-SU-2016:1107-1, openSUSE-SU-2016:1108-1, openSUSE-SU-2016:1440-1, RHSA-2016:0006-01, RHSA-2016:0009-01, RHSA-2016:0010-02, RHSA-2016:0011-01, SUSE-SU-2015:2304-1, SUSE-SU-2015:2305-1, SUSE-SU-2016:0032-1, SUSE-SU-2016:0164-1, SUSE-SU-2016:1105-1, USN-2855-1, USN-2855-2, USN-2856-1, VIGILANCE-VUL-18541
ISC BIND: two vulnerabilities
An attacker can use several vulnerabilities of ISC BIND...
bulletinoct2015, c04923105, c05019901, CERTFR-2015-AVI-562, CVE-2015-8000, CVE-2015-8461, DSA-2019-197, DSA-3420-1, FEDORA-2015-09bf9e06ea, FEDORA-2015-2df40de264, FEDORA-2015-40882ddfb1, FEDORA-2015-e278e12ebc, FreeBSD-SA-15:27.bind, HPSBUX03529, HPSBUX03552, openSUSE-SU-2015:2364-1, openSUSE-SU-2015:2365-1, openSUSE-SU-2015:2391-1, RHSA-2015:2655-01, RHSA-2015:2656-01, RHSA-2015:2658-01, RHSA-2016:0078-01, RHSA-2016:0079-01, SOL34250741, SSA:2015-349-01, SSRT102967, SSRT102983, SUSE-SU-2015:2340-1, SUSE-SU-2015:2341-1, SUSE-SU-2015:2359-1, SUSE-SU-2016:0227-1, USN-2837-1, VIGILANCE-VUL-18535
libpng: unreachable memory reading via png_check_keyword
An attacker can force a read at an invalid address in png_check_keyword of libpng, in order to trigger a denial of service...
1975365, 1976200, 1976262, 1977405, bulletinjul2016, CVE-2015-8540, DSA-2020-030, DSA-3443-1, FEDORA-2015-0a543024bf, FEDORA-2015-3868cfa17b, FEDORA-2015-39499d9af8, FEDORA-2015-ac8100927a, openSUSE-SU-2016:2672-1, openSUSE-SU-2017:0942-1, openSUSE-SU-2017:1037-1, RHSA-2016:0099-01, RHSA-2016:0100-01, RHSA-2016:0101-01, SSA:2015-351-02, SUSE-SU-2016:0399-1, SUSE-SU-2016:0401-1, SUSE-SU-2016:0428-1, SUSE-SU-2016:0431-1, SUSE-SU-2016:0433-1, SUSE-SU-2016:0636-1, SUSE-SU-2016:0770-1, SUSE-SU-2016:0776-1, USN-2861-1, VIGILANCE-VUL-18495
OpenSSL: use after free via PSK Identify Hint
An attacker can force the usage of a freed memory area via PSK Identify Hint of an OpenSSL multi-threaded client, in order to trigger a denial of service, and possibly to run code...
1972951, 1976113, 1976148, 1981612, 2003480, 2003620, 2003673, 9010051, BSA-2016-006, bulletinjan2016, c05398322, CERTFR-2015-AVI-517, cisco-sa-20151204-openssl, cpuoct2017, CVE-2015-3196, DSA-3413-1, FEDORA-2015-d87d60b9a9, FreeBSD-SA-15:26.openssl, HPESBHF03709, JSA10759, NTAP-20151207-0001, openSUSE-SU-2015:2288-1, openSUSE-SU-2015:2289-1, RHSA-2015:2617-01, SA40100, SB10203, SOL12824341, SOL30714460, SOL55540723, SOL86772626, SSA:2015-349-04, USN-2830-1, VIGILANCE-VUL-18437
Our database contains other pages. You can request a free trial to read them.

Display information about SunOS: