MDVSA-2013:150

http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html

56034

This Solaris system is missing necessary patches to address critical security updates :

  - Vulnerability in the Solaris component of Oracle Sun     Products Suite (subcomponent: Kernel). Supported     versions that are affected are 10 and 11. Easily     exploitable vulnerability requiring logon to Operating     System. Successful attack of this vulnerability can     result in unauthorized Operating System takeover     including arbitrary code execution. Note: CVE-2012-0217     only affects Solaris instances running on platforms     other than SPARC. (CVE-2012-0217)

  - Vulnerability in the Solaris component of Oracle Sun     Products Suite (subcomponent: Power Management). The     supported version that is affected is 11. Easily     exploitable vulnerability requiring logon to Operating     System. Successful attack of this vulnerability can     result in unauthorized Operating System takeover     including arbitrary code execution. (CVE-2012-3204)

  - Vulnerability in the Solaris component of Oracle Sun     Products Suite (subcomponent: Logical Domain(LDOM)).
    Supported versions that are affected are 10 and 11.
    Easily exploitable vulnerability requiring logon to     Operating System. Successful attack of this     vulnerability can result in unauthorized Operating     System hang or frequently repeatable crash (complete     DOS) as well as update, insert or delete access to some     Solaris accessible data. Note: CVE-2012-3209 and     CVE-2012-3215 only affects Solaris on the SPARC     platform. (CVE-2012-3209)

  - Vulnerability in the Solaris component of Oracle Sun     Products Suite (subcomponent: Vino server). The     supported version that is affected is 11. Easily     exploitable vulnerability requiring logon to Operating     System. Successful attack of this vulnerability can     result in unauthorized update, insert or delete access     to some Solaris accessible data. (CVE-2012-3205)

CVE-2012-3205

low

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Tenable Plugins

high