Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4435Sunos vulnerability

4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
30.9%
top 3.26%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
SUN Sunos
Timeline
PublishedJan 19
Latest updateMay 14

Description

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims from a reliable third party that this is a buffer overflow in rpc.cmsd via long XDR-encoded ASCII strings

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDsun/sunos5.10, 5.8, 5.9+2

🔴Vulnerability Details

2
GHSA
GHSA-wxfq-r6w9-2mg2: Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CD2022-05-14
CVEList
CVE-2010-4435: Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CD2011-01-19

💥Exploits & PoCs

1
Exploit-DB
Multiple Vendor Calendar Manager - Remote Code Execution2011-02-09
CVE-2010-4435 — SUN Sunos vulnerability | cvebase