2017-10-16 12:31:07 -04:00
{
2019-03-17 23:06:56 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org" ,
"ID" : "CVE-2016-6189" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
2017-10-16 12:31:07 -04:00
{
2019-03-17 23:06:56 +00:00
"lang" : "eng" ,
"value" : "Incomplete blacklist in SOGo before 2.3.12 and 3.x before 3.1.1 allows remote authenticated users to obtain sensitive information by reading the fields in the (1) ics or (2) XML calendar feeds."
2017-10-16 12:31:07 -04:00
}
2019-03-17 23:06:56 +00:00
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "https://github.com/inverse-inc/sogo/commit/875a4aca3218340fd4d3141950c82c2ff45b343d" ,
"refsource" : "CONFIRM" ,
"url" : "https://github.com/inverse-inc/sogo/commit/875a4aca3218340fd4d3141950c82c2ff45b343d"
} ,
{
"name" : "https://github.com/inverse-inc/sogo/commit/717f45f640a2866b76a8984139391fae64339225" ,
"refsource" : "CONFIRM" ,
"url" : "https://github.com/inverse-inc/sogo/commit/717f45f640a2866b76a8984139391fae64339225"
} ,
{
"name" : "[oss-security] 20160709 Re: CVE request: several SOGo issues (DOS, XSS, information leakage)" ,
"refsource" : "MLIST" ,
"url" : "http://www.openwall.com/lists/oss-security/2016/07/09/3"
} ,
{
"name" : "https://sogo.nu/bugs/view.php?id=3695" ,
"refsource" : "CONFIRM" ,
"url" : "https://sogo.nu/bugs/view.php?id=3695"
}
]
}
}
