cvelist/2010/4xxx/CVE-2010-4208.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2010-4208",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "20101103 Security Advisory for Bugzilla 3.2.8, 3.4.8, 3.6.2, and 3.7.3",
            "refsource" : "BUGTRAQ",
            "url" : "http://www.securityfocus.com/archive/1/514622"
         },
         {
            "name" : "[oss-security] 20101107 Re: CVE request: moodle 1.9.10",
            "refsource" : "MLIST",
            "url" : "http://www.openwall.com/lists/oss-security/2010/11/07/1"
         },
         {
            "name" : "http://moodle.org/mod/forum/discuss.php?d=160910",
            "refsource" : "CONFIRM",
            "url" : "http://moodle.org/mod/forum/discuss.php?d=160910"
         },
         {
            "name" : "http://www.bugzilla.org/security/3.2.8/",
            "refsource" : "CONFIRM",
            "url" : "http://www.bugzilla.org/security/3.2.8/"
         },
         {
            "name" : "http://yuilibrary.com/support/2.8.2/",
            "refsource" : "CONFIRM",
            "url" : "http://yuilibrary.com/support/2.8.2/"
         },
         {
            "name" : "FEDORA-2010-17235",
            "refsource" : "FEDORA",
            "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050830.html"
         },
         {
            "name" : "FEDORA-2010-17274",
            "refsource" : "FEDORA",
            "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050820.html"
         },
         {
            "name" : "FEDORA-2010-17280",
            "refsource" : "FEDORA",
            "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050813.html"
         },
         {
            "name" : "SUSE-SR:2010:021",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html"
         },
         {
            "name" : "44420",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/44420"
         },
         {
            "name" : "1024683",
            "refsource" : "SECTRACK",
            "url" : "http://www.securitytracker.com/id?1024683"
         },
         {
            "name" : "41955",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/41955"
         },
         {
            "name" : "42271",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/42271"
         },
         {
            "name" : "ADV-2010-2878",
            "refsource" : "VUPEN",
            "url" : "http://www.vupen.com/english/advisories/2010/2878"
         },
         {
            "name" : "ADV-2010-2975",
            "refsource" : "VUPEN",
            "url" : "http://www.vupen.com/english/advisories/2010/2975"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2010-4208",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "20101103 Security Advisory for Bugzilla 3.2.8, 3.4.8, 3.6.2, and 3.7.3",`
			`"refsource" : "BUGTRAQ",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/archive/1/514622"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "[oss-security] 20101107 Re: CVE request: moodle 1.9.10",`
			`"refsource" : "MLIST",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.openwall.com/lists/oss-security/2010/11/07/1"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://moodle.org/mod/forum/discuss.php?d=160910",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://moodle.org/mod/forum/discuss.php?d=160910"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.bugzilla.org/security/3.2.8/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.bugzilla.org/security/3.2.8/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://yuilibrary.com/support/2.8.2/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://yuilibrary.com/support/2.8.2/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "FEDORA-2010-17235",`
			`"refsource" : "FEDORA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050830.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "FEDORA-2010-17274",`
			`"refsource" : "FEDORA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050820.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "FEDORA-2010-17280",`
			`"refsource" : "FEDORA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050813.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "SUSE-SR:2010:021",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00005.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "44420",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/44420"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "1024683",`
			`"refsource" : "SECTRACK",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securitytracker.com/id?1024683"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "41955",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/41955"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "42271",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/42271"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "ADV-2010-2878",`
			`"refsource" : "VUPEN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.vupen.com/english/advisories/2010/2878"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "ADV-2010-2975",`
			`"refsource" : "VUPEN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.vupen.com/english/advisories/2010/2975"`
			`}`
			`]`
			`}`
			`}`