A new security vulnerability in the iPlanet Messaging Server/Sun ONE Messaging Server may allow a remote unprivileged user the ability to cause JavaScript to be evaluated in a local user's Internet Explorer (IE) browser and thus execute arbitrary code with the privileges of the user running IE.

Note: This issue only occurs when the client browser is Internet Explorer (IE).

Unprivileged local or remote users may be able to execute arbitrary code on Solaris systems which have installed and enabled the Sun Management Center (SunMC) server software. The SunMC server software typically runs as the unprivileged uid "smcorau" and uses the Oracle listener, and is thus affected by the multiple Oracle vulnerabilities described in Oracle Security Alert #68 at http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf.

These issues are also described in CERT Technical Cyber Security Alert TA04-245A at http://www.us-cert.gov/cas/techalerts/TA04-245A.html.

A local unprivileged user with "write" access to a Unix File System (UFS) on which UFS logging is enabled (see also ufs(7fs)) may have the ability to cause a "soft hang" of the Solaris operating system, resulting in a Denial-of-Service (DoS) condition.

A security vulnerability in the Solaris 10 "tl" driver may allow a local unprivileged user the ability to panic the system, resulting in a Denial of Service (DoS).

When a deployed web application created for the Sun Java System Application Server contains a "jar" file, contents of the jar file may be exposed.

Three vulnerabilities may (separately) allow a remote unpriviledged user to cause various releases of the Sun Java Web Proxy Server to become unresponsive to requests, which is a Denial-of-Service (DoS) condition.

Security vulnerabilities in the Sun StorEdge Enterprise Backup Software may result in one or both of the following issues:

1. A remote unauthorized user may be able to circumvent the authentication procedure in the Sun StorEdge Enterprise Backup Software, and also the database server which forms part of the software, to gain elevated privileges, execute arbitrary commands, or cause a denial of service (DoS) to the backup server. The remote user may be able to view files backed up by the software from other hosts, regardless of the permissions, and may be able to use the server to run arbitrary commands on other hosts running as backup clients.

In addition, a local unprivileged user may be able to gain elevated privileges on a system running the StorEdge Enterprise Backup Software.

This issue is referenced in the following documents:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0357
• http://www.kb.cert.org/vuls/id/606857
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0358
• http://www.kb.cert.org/vuls/id/407641

2. A remote unauthorized user may be able to access the port mapping configuration of the Sun StorEdge Enterprise Backup server to cause a denial of backup service to the backup server or reconfigure the port mappings to achieve goals such as eavesdropping on network communication.

This issue is referenced in the following documents:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0359
• http://www.kb.cert.org/vuls/id/801089