cvelist/2012/3xxx/CVE-2012-3414.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2012-3414",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the \"ExternalInterface.call\" function."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "[oss-security] 20120716 CVE id request: libjs-swfupload",
            "refsource" : "MLIST",
            "url" : "http://www.openwall.com/lists/oss-security/2012/07/16/4"
         },
         {
            "name" : "[oss-security] 20120717 Re: CVE id request: libjs-swfupload",
            "refsource" : "MLIST",
            "url" : "http://www.openwall.com/lists/oss-security/2012/07/17/12"
         },
         {
            "name" : "http://code.google.com/p/swfupload/issues/detail?id=376",
            "refsource" : "MISC",
            "url" : "http://code.google.com/p/swfupload/issues/detail?id=376"
         },
         {
            "name" : "http://packetstormsecurity.com/files/122399/TinyMCE-Image-Manager-1.1-Cross-Site-Scripting.html",
            "refsource" : "MISC",
            "url" : "http://packetstormsecurity.com/files/122399/TinyMCE-Image-Manager-1.1-Cross-Site-Scripting.html"
         },
         {
            "name" : "https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/",
            "refsource" : "MISC",
            "url" : "https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/"
         },
         {
            "name" : "http://bot24.blogspot.ca/2013/04/swfupload-object-injectioncsrf.html",
            "refsource" : "MISC",
            "url" : "http://bot24.blogspot.ca/2013/04/swfupload-object-injectioncsrf.html"
         },
         {
            "name" : "http://make.wordpress.org/core/2013/06/21/secure-swfupload/",
            "refsource" : "CONFIRM",
            "url" : "http://make.wordpress.org/core/2013/06/21/secure-swfupload/"
         },
         {
            "name" : "54245",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/54245"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2012-3414",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the \"ExternalInterface.call\" function."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "[oss-security] 20120716 CVE id request: libjs-swfupload",`
			`"refsource" : "MLIST",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.openwall.com/lists/oss-security/2012/07/16/4"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "[oss-security] 20120717 Re: CVE id request: libjs-swfupload",`
			`"refsource" : "MLIST",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.openwall.com/lists/oss-security/2012/07/17/12"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://code.google.com/p/swfupload/issues/detail?id=376",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://code.google.com/p/swfupload/issues/detail?id=376"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://packetstormsecurity.com/files/122399/TinyMCE-Image-Manager-1.1-Cross-Site-Scripting.html",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://packetstormsecurity.com/files/122399/TinyMCE-Image-Manager-1.1-Cross-Site-Scripting.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://nealpoole.com/blog/2012/05/xss-and-csrf-via-swf-applets-swfupload-plupload/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://bot24.blogspot.ca/2013/04/swfupload-object-injectioncsrf.html",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://bot24.blogspot.ca/2013/04/swfupload-object-injectioncsrf.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://make.wordpress.org/core/2013/06/21/secure-swfupload/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://make.wordpress.org/core/2013/06/21/secure-swfupload/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "54245",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/54245"`
			`}`
			`]`
			`}`
			`}`