Oracle Sun Products Suite vulnerabilities

CVE-2013-0417 [MEDIUM] CVE-2013-0417: Unspecified vulnerability in the Sun Storage Common Array Manager (CAM) component in Oracle Sun Prod Unspecified vulnerability in the Sun Storage Common Array Manager (CAM) component in Oracle Sun Products Suite 6.9.0 allows remote attackers to affect confidentiality, related to Fault Management System (FMS).

CVE-2012-3126 [MEDIUM] CVE-2012-3126: Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows l Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent.

CVE-2012-0208 [CRITICAL] CVE-2012-0208: Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6 Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to qrsh.

CVE-2012-0523 [HIGH] CVE-2012-0523: Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6 Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to sgepasswd.

CVE-2012-0516 [MEDIUM] CVE-2012-0516: Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite 7. Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console.

CVE-2011-2310 [HIGH] CVE-2011-2310: Unspecified vulnerability in the Oracle Waveset component in Oracle Sun Products Suite 8.1.0 and 8.1 Unspecified vulnerability in the Oracle Waveset component in Oracle Sun Products Suite 8.1.0 and 8.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to User Administration.

CVE-2011-3517 [HIGH] CVE-2011-3517: Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows re Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication.

CVE-2011-3535 [MEDIUM] CVE-2011-3535: Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 8, 9, 10, and 11 Exp Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Remote Quota Server (rquotad).

CVE-2011-3506 [MEDIUM] CVE-2011-3506: Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 a Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.

CVE-2011-3507 [LOW] CVE-2011-3507: Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suit Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suite 7.0 allows remote authenticated users to affect integrity via unknown vectors related to Messaging Server.

CVE-2011-2327 [LOW] CVE-2011-2327: Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suit Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suite 7.0 allows local users to affect confidentiality via unknown vectors related to Delegated Administrator.

CVE-2011-2245 [HIGH] CVE-2011-2245: Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 9 and 10 allows remo Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 9 and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to SSH.

CVE-2011-2260 [MEDIUM] CVE-2011-2260: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1. Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration.

CVE-2011-1511 [MEDIUM] CVE-2011-1511: Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1. Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 and 3.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to Administration.

CVE-2011-0847 [MEDIUM] CVE-2011-0847: Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Authentication.

CVE-2011-0844 [MEDIUM] CVE-2011-0844: Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.

CVE-2010-3544 [MEDIUM] CVE-2010-3544: Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect integrity and availability via unknown vectors related to Administration. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable

CVE-2010-3535 [MEDIUM] CVE-2010-3535: Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Product Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Products Suite 6.0, 6.1, 6.2, and 6.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Identity Synchronization for Windows.

CVE-2010-3545 [MEDIUM] CVE-2010-3545: Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration.

CVE-2010-3564 [MEDIUM] CVE-2010-3564: Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging S Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims f