cvelist/2017/1000xxx/CVE-2017-1000250.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
      "DATE_ASSIGNED" : "2017-09-08",
      "ID" : "CVE-2017-1000250",
      "REQUESTER" : "security@armis.com",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "BlueZ",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "5.46 and older"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Bluez"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "CWE-125"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://www.armis.com/blueborne",
            "refsource" : "MISC",
            "url" : "https://www.armis.com/blueborne"
         },
         {
            "name" : "https://access.redhat.com/security/vulnerabilities/blueborne",
            "refsource" : "CONFIRM",
            "url" : "https://access.redhat.com/security/vulnerabilities/blueborne"
         },
         {
            "name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
            "refsource" : "CONFIRM",
            "url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
         },
         {
            "name" : "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne",
            "refsource" : "CONFIRM",
            "url" : "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne"
         },
         {
            "name" : "DSA-3972",
            "refsource" : "DEBIAN",
            "url" : "http://www.debian.org/security/2017/dsa-3972"
         },
         {
            "name" : "RHSA-2017:2685",
            "refsource" : "REDHAT",
            "url" : "https://access.redhat.com/errata/RHSA-2017:2685"
         },
         {
            "name" : "VU#240311",
            "refsource" : "CERT-VN",
            "url" : "https://www.kb.cert.org/vuls/id/240311"
         },
         {
            "name" : "100814",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/100814"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"DATE_ASSIGNED" : "2017-09-08",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"ID" : "CVE-2017-1000250",`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"REQUESTER" : "security@armis.com",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"product_name" : "BlueZ",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"version" : {`
			`"version_data" : [`
			`{`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"version_value" : "5.46 and older"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"vendor_name" : "Bluez"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
- Populated assignment information for various entries. 2017-10-16 16:44:18 -04:00			`"value" : "CWE-125"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://www.armis.com/blueborne",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://www.armis.com/blueborne"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://access.redhat.com/security/vulnerabilities/blueborne",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://access.redhat.com/security/vulnerabilities/blueborne"`
			`},`
- Synchronized data. 2017-10-18 17:07:33 -04:00			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",`
			`"refsource" : "CONFIRM",`
- Synchronized data. 2017-10-18 17:07:33 -04:00			`"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"`
			`},`
- Synchronized data. 2018-02-16 06:05:26 -05:00			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne",`
			`"refsource" : "CONFIRM",`
- Synchronized data. 2018-02-16 06:05:26 -05:00			`"url" : "https://www.synology.com/support/security/Synology_SA_17_52_BlueBorne"`
			`},`
- Synchronized data. 2017-11-04 06:03:52 -04:00			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "DSA-3972",`
			`"refsource" : "DEBIAN",`
- Synchronized data. 2017-11-04 06:03:52 -04:00			`"url" : "http://www.debian.org/security/2017/dsa-3972"`
			`},`
- Synchronized data. 2017-12-30 06:03:45 -05:00			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "RHSA-2017:2685",`
			`"refsource" : "REDHAT",`
- Synchronized data. 2017-12-30 06:03:45 -05:00			`"url" : "https://access.redhat.com/errata/RHSA-2017:2685"`
			`},`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "VU#240311",`
			`"refsource" : "CERT-VN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://www.kb.cert.org/vuls/id/240311"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "100814",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/100814"`
			`}`
			`]`
			`}`
			`}`