admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:47:34 +00:00
parent 97b733ca4e
commit 028d2293af
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
59 changed files with 3972 additions and 3972 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2002/0xxx/CVE-2002-0076.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0076", "ID": "CVE-2002-0076",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the \"Virtual Machine Verifier\" vulnerability." "value": "Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the \"Virtual Machine Verifier\" vulnerability."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS02-013", "name": "MS02-013",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-013" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-013"
}, },
{ {
"name" : "00218", "name": "java-vm-verifier-variant(8480)",
"refsource" : "SUN", "refsource": "XF",
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218" "url": "http://www.iss.net/security_center/static/8480.php"
}, },
{ {
"name" : "4313", "name": "4313",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/4313" "url": "http://www.securityfocus.com/bid/4313"
}, },
{ {
"name" : "java-vm-verifier-variant(8480)", "name": "00218",
"refsource" : "XF", "refsource": "SUN",
"url" : "http://www.iss.net/security_center/static/8480.php" "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218"
} }
] ]
} }

110
2002/0xxx/CVE-2002-0371.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0371", "ID": "CVE-2002-0371",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response." "value": "Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020604 Buffer overflow in MSIE gopher code", "name": "4930",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://marc.info/?l=bugtraq&m=102320516707940&w=2" "url": "http://www.securityfocus.com/bid/4930"
}, },
{ {
"name" : "MS02-027", "name": "ie-gopher-bo(9247)",
"refsource" : "MS", "refsource": "XF",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027" "url": "http://www.iss.net/security_center/static/9247.php"
}, },
{ {
"name" : "20020613 Microsoft releases critical fix that breaks their own software!", "name": "20020604 Buffer overflow in MSIE gopher code",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=102397955217618&w=2" "url": "http://marc.info/?l=bugtraq&m=102320516707940&w=2"
}, },
{ {
"name" : "20020613 Flawed workaround in MS02-027 -- gopher can run on _any_ port, not just 70", "name": "20020613 Microsoft releases critical fix that breaks their own software!",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/276848" "url": "http://marc.info/?l=bugtraq&m=102397955217618&w=2"
}, },
{ {
"name" : "VU#440275", "name": "oval:org.mitre.oval:def:98",
"refsource" : "CERT-VN", "refsource": "OVAL",
"url" : "http://www.kb.cert.org/vuls/id/440275" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A98"
}, },
{ {
"name" : "http://www.pivx.com/workaround_fail.html", "name": "VU#440275",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "http://www.pivx.com/workaround_fail.html" "url": "http://www.kb.cert.org/vuls/id/440275"
}, },
{ {
"name" : "ie-gopher-bo(9247)", "name": "MS02-027",
"refsource" : "XF", "refsource": "MS",
"url" : "http://www.iss.net/security_center/static/9247.php" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-027"
}, },
{ {
"name" : "4930", "name": "20020613 Flawed workaround in MS02-027 -- gopher can run on _any_ port, not just 70",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/4930" "url": "http://online.securityfocus.com/archive/1/276848"
}, },
{ {
"name" : "oval:org.mitre.oval:def:98", "name": "http://www.pivx.com/workaround_fail.html",
"refsource" : "OVAL", "refsource": "MISC",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A98" "url": "http://www.pivx.com/workaround_fail.html"
} }
] ]
} }

86
2002/0xxx/CVE-2002-0387.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0387", "ID": "CVE-2002-0387",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL." "value": "Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "A031303-1", "name": "N-064",
"refsource" : "ATSTAKE", "refsource": "CIAC",
"url" : "http://www.atstake.com/research/advisories/2003/a031303-1.txt" "url": "http://www.ciac.org/ciac/bulletins/n-064.shtml"
}, },
{ {
"name" : "52022", "name": "A031303-1",
"refsource" : "SUNALERT", "refsource": "ATSTAKE",
"url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/52022" "url": "http://www.atstake.com/research/advisories/2003/a031303-1.txt"
}, },
{ {
"name" : "N-064", "name": "sunone-gxnsapi6-bo(11529)",
"refsource" : "CIAC", "refsource": "XF",
"url" : "http://www.ciac.org/ciac/bulletins/n-064.shtml" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11529"
}, },
{ {
"name" : "sunone-gxnsapi6-bo(11529)", "name": "7082",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11529" "url": "http://www.securityfocus.com/bid/7082"
}, },
{ {
"name" : "7082", "name": "52022",
"refsource" : "BID", "refsource": "SUNALERT",
"url" : "http://www.securityfocus.com/bid/7082" "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/52022"
} }
] ]
} }

80
2002/1xxx/CVE-2002-1038.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1038", "ID": "CVE-2002-1038",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features." "value": "Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020714 [VulnWatch] Double Choco Latte multiple vulnerabilities", "name": "dcl-file-upload(9742)",
"refsource" : "VULNWATCH", "refsource": "XF",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.html" "url": "http://www.iss.net/security_center/static/9742.php"
}, },
{ {
"name" : "20020714 Double Choco Latte multiple vulnerabilities", "name": "http://dcl.sourceforge.net/index.php",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://marc.info/?l=bugtraq&m=102668783632589&w=2" "url": "http://dcl.sourceforge.net/index.php"
}, },
{ {
"name" : "http://dcl.sourceforge.net/index.php", "name": "20020714 [VulnWatch] Double Choco Latte multiple vulnerabilities",
"refsource" : "CONFIRM", "refsource": "VULNWATCH",
"url" : "http://dcl.sourceforge.net/index.php" "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0022.html"
}, },
{ {
"name" : "dcl-file-upload(9742)", "name": "20020714 Double Choco Latte multiple vulnerabilities",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "http://www.iss.net/security_center/static/9742.php" "url": "http://marc.info/?l=bugtraq&m=102668783632589&w=2"
} }
] ]
} }

86
2002/1xxx/CVE-2002-1575.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1575", "ID": "CVE-2002-1575",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as \"required-subject,\" which can be used to modify the CC, BCC, and other header fields in the generated email message." "value": "cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as \"required-subject,\" which can be used to modify the CC, BCC, and other header fields in the generated email message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20020614 Another cgiemail bug", "name": "cgiemail-open-mail-relay(9361)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://marc.info/?l=bugtraq&m=102406554627053&w=2" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9361"
}, },
{ {
"name" : "20031003 patch for vulnerability in cgiemail", "name": "5013",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://marc.info/?l=bugtraq&m=106520691705768&w=2" "url": "http://www.securityfocus.com/bid/5013"
}, },
{ {
"name" : "DSA-437", "name": "20031003 patch for vulnerability in cgiemail",
"refsource" : "DEBIAN", "refsource": "BUGTRAQ",
"url" : "http://www.debian.org/security/2004/dsa-437" "url": "http://marc.info/?l=bugtraq&m=106520691705768&w=2"
}, },
{ {
"name" : "cgiemail-open-mail-relay(9361)", "name": "20020614 Another cgiemail bug",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/9361" "url": "http://marc.info/?l=bugtraq&m=102406554627053&w=2"
}, },
{ {
"name" : "5013", "name": "DSA-437",
"refsource" : "BID", "refsource": "DEBIAN",
"url" : "http://www.securityfocus.com/bid/5013" "url": "http://www.debian.org/security/2004/dsa-437"
} }
] ]
} }

74
2002/1xxx/CVE-2002-1970.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1970", "ID": "CVE-2002-1970",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers." "value": "SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20021105 SnortCenter 0.9.5 temp file naming problems...", "name": "snortcenter-tmp-file-insecure(10540)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://online.securityfocus.com/archive/1/298587" "url": "http://www.iss.net/security_center/static/10540.php"
}, },
{ {
"name" : "6109", "name": "6109",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/6109" "url": "http://www.securityfocus.com/bid/6109"
}, },
{ {
"name" : "snortcenter-tmp-file-insecure(10540)", "name": "20021105 SnortCenter 0.9.5 temp file naming problems...",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "http://www.iss.net/security_center/static/10540.php" "url": "http://online.securityfocus.com/archive/1/298587"
} }
] ]
} }

62
2002/2xxx/CVE-2002-2429.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2429", "ID": "CVE-2002-2429",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request that contains a negative integer in the Content-Length header." "value": "webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request that contains a negative integer in the Content-Length header."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#fixed-vulnerability-to-malicious-code-in-webs-c", "name": "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#fixed-vulnerability-to-malicious-code-in-webs-c",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#fixed-vulnerability-to-malicious-code-in-webs-c" "url": "http://data.goahead.com/Software/Webserver/2.1.8/release.htm#fixed-vulnerability-to-malicious-code-in-webs-c"
} }
] ]
} }

86
2002/2xxx/CVE-2002-2436.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-2436", "ID": "CVE-2002-2436",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264." "value": "The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://w2spconf.com/2010/papers/p26.pdf", "name": "http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://w2spconf.com/2010/papers/p26.pdf" "url": "http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/"
}, },
{ {
"name" : "http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/", "name": "http://w2spconf.com/2010/papers/p26.pdf",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://blog.mozilla.com/security/2010/03/31/plugging-the-css-history-leak/" "url": "http://w2spconf.com/2010/papers/p26.pdf"
}, },
{ {
"name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=147777", "name": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=147777" "url": "http://bugzilla.mozilla.org/show_bug.cgi?id=147777"
}, },
{ {
"name" : "https://developer.mozilla.org/en/CSS/Privacy_and_the_:visited_selector", "name": "https://developer.mozilla.org/en/CSS/Privacy_and_the_:visited_selector",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://developer.mozilla.org/en/CSS/Privacy_and_the_:visited_selector" "url": "https://developer.mozilla.org/en/CSS/Privacy_and_the_:visited_selector"
}, },
{ {
"name" : "firefox-css-info-disclosure(71816)", "name": "firefox-css-info-disclosure(71816)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71816" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71816"
} }
] ]
} }

92
2005/1xxx/CVE-2005-1371.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1371", "ID": "CVE-2005-1371",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges." "value": "BPFTPServer service in BulletProof FTP Server 2.4.0.31 does not properly drop privileges before opening files through the Help menu, which allows local users to gain privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050427 Privilege escalation in BulletProof FTP Server v2.4.0.31", "name": "20050427 Privilege escalation in BulletProof FTP Server v2.4.0.31",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111464474828477&w=2" "url": "http://marc.info/?l=bugtraq&m=111464474828477&w=2"
}, },
{ {
"name" : "13410", "name": "13410",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/13410" "url": "http://www.securityfocus.com/bid/13410"
}, },
{ {
"name" : "ADV-2005-0419", "name": "15152",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2005/0419" "url": "http://secunia.com/advisories/15152"
}, },
{ {
"name" : "15152", "name": "15898",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/15152" "url": "http://www.osvdb.org/15898"
}, },
{ {
"name" : "15898", "name": "ADV-2005-0419",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://www.osvdb.org/15898" "url": "http://www.vupen.com/english/advisories/2005/0419"
}, },
{ {
"name" : "bpftp-gain-privilege(20301)", "name": "bpftp-gain-privilege(20301)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/20301" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20301"
} }
] ]
} }

62
2005/1xxx/CVE-2005-1547.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1547", "ID": "CVE-2005-1547",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the demo version of Bakbone Netvault, and possibly other versions, allows remote attackers to execute arbitrary commands via a large packet to port 20031." "value": "Heap-based buffer overflow in the demo version of Bakbone Netvault, and possibly other versions, allows remote attackers to execute arbitrary commands via a large packet to port 20031."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050512 Netvault Remote Heap Overflow (another one)", "name": "20050512 Netvault Remote Heap Overflow (another one)",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111600439331242&w=2" "url": "http://marc.info/?l=bugtraq&m=111600439331242&w=2"
} }
] ]
} }

62
2005/1xxx/CVE-2005-1616.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1616", "ID": "CVE-2005-1616",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid (1) id or possibly (2) postorder parameter, which reveals the path in an error message when a file can not be opened." "value": "viewforum.php in Ultimate PHP Board (UPB) 1.8 through 1.9.6 allows remote attackers to obtain sensitive information via an invalid (1) id or possibly (2) postorder parameter, which reveals the path in an error message when a file can not be opened."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20050513 Ultimate PHP Board (UPB) Security Advisory", "name": "20050513 Ultimate PHP Board (UPB) Security Advisory",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=111600262424876&w=2" "url": "http://marc.info/?l=bugtraq&m=111600262424876&w=2"
} }
] ]
} }

80
2005/1xxx/CVE-2005-1716.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1716", "ID": "CVE-2005-1716",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "TOPo 2.2 (2.2.178) stores data files in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as client IP addresses." "value": "TOPo 2.2 (2.2.178) stores data files in the data directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as client IP addresses."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://lostmon.blogspot.com/2005/05/topo-22-multiple-variable-fields-xss.html", "name": "15325",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://lostmon.blogspot.com/2005/05/topo-22-multiple-variable-fields-xss.html" "url": "http://secunia.com/advisories/15325"
}, },
{ {
"name" : "16700", "name": "16700",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/16700" "url": "http://www.osvdb.org/16700"
}, },
{ {
"name" : "1014016", "name": "1014016",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://securitytracker.com/id?1014016" "url": "http://securitytracker.com/id?1014016"
}, },
{ {
"name" : "15325", "name": "http://lostmon.blogspot.com/2005/05/topo-22-multiple-variable-fields-xss.html",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/15325" "url": "http://lostmon.blogspot.com/2005/05/topo-22-multiple-variable-fields-xss.html"
} }
] ]
} }

80
2005/1xxx/CVE-2005-1970.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2005-1970", "ID": "CVE-2005-1970",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Symantec pcAnywhere 10.5x and 11.x before 11.5, with \"Launch with Windows\" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature." "value": "Symantec pcAnywhere 10.5x and 11.x before 11.5, with \"Launch with Windows\" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html", "name": "15673",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html" "url": "http://secunia.com/advisories/15673"
}, },
{ {
"name" : "13933", "name": "13933",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/13933" "url": "http://www.securityfocus.com/bid/13933"
}, },
{ {
"name" : "1014178", "name": "1014178",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://securitytracker.com/id?1014178" "url": "http://securitytracker.com/id?1014178"
}, },
{ {
"name" : "15673", "name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/15673" "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html"
} }
] ]
} }

104
2009/1xxx/CVE-2009-1086.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1086", "ID": "CVE-2009-1086",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a DNS resource record (RR) with a long (1) class field (clas variable) and possibly (2) TTL field." "value": "Heap-based buffer overflow in the ldns_rr_new_frm_str_internal function in ldns 1.4.x allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a DNS resource record (RR) with a long (1) class field (clas variable) and possibly (2) TTL field."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20090324 CVE id request: ldns", "name": "35013",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://www.openwall.com/lists/oss-security/2009/03/24/4" "url": "http://secunia.com/advisories/35013"
}, },
{ {
"name" : "http://www.nlnetlabs.nl/bugs/show_bug.cgi?id=232", "name": "[oss-security] 20090324 CVE id request: ldns",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://www.nlnetlabs.nl/bugs/show_bug.cgi?id=232" "url": "http://www.openwall.com/lists/oss-security/2009/03/24/4"
}, },
{ {
"name" : "http://www.nlnetlabs.nl/svn/ldns/tags/release-1.5.0/Changelog", "name": "34233",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.nlnetlabs.nl/svn/ldns/tags/release-1.5.0/Changelog" "url": "http://www.securityfocus.com/bid/34233"
}, },
{ {
"name" : "DSA-1795", "name": "http://www.nlnetlabs.nl/svn/ldns/tags/release-1.5.0/Changelog",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2009/dsa-1795" "url": "http://www.nlnetlabs.nl/svn/ldns/tags/release-1.5.0/Changelog"
}, },
{ {
"name" : "SUSE-SR:2009:010", "name": "35065",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html" "url": "http://secunia.com/advisories/35065"
}, },
{ {
"name" : "34233", "name": "http://www.nlnetlabs.nl/bugs/show_bug.cgi?id=232",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/34233" "url": "http://www.nlnetlabs.nl/bugs/show_bug.cgi?id=232"
}, },
{ {
"name" : "35013", "name": "SUSE-SR:2009:010",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/35013" "url": "http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00000.html"
}, },
{ {
"name" : "35065", "name": "DSA-1795",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/35065" "url": "http://www.debian.org/security/2009/dsa-1795"
} }
] ]
} }

206
2009/1xxx/CVE-2009-1186.json
View File

@ -1,181 +1,181 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2009-1186", "ID": "CVE-2009-1186",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments." "value": "Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090417 rPSA-2009-0063-1 udev", "name": "20090417 rPSA-2009-0063-1 udev",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/502752/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/502752/100/0/threaded"
}, },
{ {
"name" : "https://launchpad.net/bugs/cve/2009-1186", "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://launchpad.net/bugs/cve/2009-1186" "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063"
}, },
{ {
"name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063", "name": "34801",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063" "url": "http://secunia.com/advisories/34801"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=662c3110803bd8c1aedacc36788e6fd028944314", "name": "1022068",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=662c3110803bd8c1aedacc36788e6fd028944314" "url": "http://www.securitytracker.com/id?1022068"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=495052", "name": "SUSE-SA:2009:020",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=495052" "url": "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html"
}, },
{ {
"name" : "http://wiki.rpath.com/Advisories:rPSA-2009-0063", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=495052",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://wiki.rpath.com/Advisories:rPSA-2009-0063" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495052"
}, },
{ {
"name" : "DSA-1772", "name": "SSA:2009-111-01",
"refsource" : "DEBIAN", "refsource": "SLACKWARE",
"url" : "http://www.debian.org/security/2009/dsa-1772" "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399"
}, },
{ {
"name" : "FEDORA-2009-3711", "name": "FEDORA-2009-3712",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html"
}, },
{ {
"name" : "FEDORA-2009-3712", "name": "DSA-1772",
"refsource" : "FEDORA", "refsource": "DEBIAN",
"url" : "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html" "url": "http://www.debian.org/security/2009/dsa-1772"
}, },
{ {
"name" : "GLSA-200904-18", "name": "GLSA-200904-18",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml" "url": "http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml"
}, },
{ {
"name" : "MDVSA-2009:103", "name": "https://launchpad.net/bugs/cve/2009-1186",
"refsource" : "MANDRIVA", "refsource": "MISC",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:103" "url": "https://launchpad.net/bugs/cve/2009-1186"
}, },
{ {
"name" : "SSA:2009-111-01", "name": "MDVSA-2009:103",
"refsource" : "SLACKWARE", "refsource": "MANDRIVA",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:103"
}, },
{ {
"name" : "SUSE-SA:2009:020", "name": "34776",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html" "url": "http://secunia.com/advisories/34776"
}, },
{ {
"name" : "USN-758-1", "name": "34731",
"refsource" : "UBUNTU", "refsource": "SECUNIA",
"url" : "http://www.ubuntu.com/usn/usn-758-1" "url": "http://secunia.com/advisories/34731"
}, },
{ {
"name" : "34539", "name": "34753",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/34539" "url": "http://secunia.com/advisories/34753"
}, },
{ {
"name" : "1022068", "name": "34785",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://www.securitytracker.com/id?1022068" "url": "http://secunia.com/advisories/34785"
}, },
{ {
"name" : "34731", "name": "34787",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/34731" "url": "http://secunia.com/advisories/34787"
}, },
{ {
"name" : "34750", "name": "FEDORA-2009-3711",
"refsource" : "SECUNIA", "refsource": "FEDORA",
"url" : "http://secunia.com/advisories/34750" "url": "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html"
}, },
{ {
"name" : "34753", "name": "34539",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/34753" "url": "http://www.securityfocus.com/bid/34539"
}, },
{ {
"name" : "34771", "name": "ADV-2009-1053",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/34771" "url": "http://www.vupen.com/english/advisories/2009/1053"
}, },
{ {
"name" : "34785", "name": "USN-758-1",
"refsource" : "SECUNIA", "refsource": "UBUNTU",
"url" : "http://secunia.com/advisories/34785" "url": "http://www.ubuntu.com/usn/usn-758-1"
}, },
{ {
"name" : "34787", "name": "34771",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/34787" "url": "http://secunia.com/advisories/34771"
}, },
{ {
"name" : "34801", "name": "34750",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/34801" "url": "http://secunia.com/advisories/34750"
}, },
{ {
"name" : "34776", "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0063",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/34776" "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0063"
}, },
{ {
"name" : "ADV-2009-1053", "name": "http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=662c3110803bd8c1aedacc36788e6fd028944314",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2009/1053" "url": "http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=662c3110803bd8c1aedacc36788e6fd028944314"
} }
] ]
} }

86
2009/1xxx/CVE-2009-1465.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-1465", "ID": "CVE-2009-1465",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Application Access Server (A-A-S) 2.0.48 has \"wildbat\" as its default password for the admin account, which makes it easier for remote attackers to obtain access." "value": "Application Access Server (A-A-S) 2.0.48 has \"wildbat\" as its default password for the admin account, which makes it easier for remote attackers to obtain access."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20090512 Syhunt: A-A-S (Application Access Server) Multiple Security Vulnerabilities", "name": "http://www.syhunt.com/advisories/?id=aas-multiple",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/503434/100/0/threaded" "url": "http://www.syhunt.com/advisories/?id=aas-multiple"
}, },
{ {
"name" : "http://www.syhunt.com/advisories/?id=aas-multiple", "name": "20090512 Syhunt: A-A-S (Application Access Server) Multiple Security Vulnerabilities",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.syhunt.com/advisories/?id=aas-multiple" "url": "http://www.securityfocus.com/archive/1/503434/100/0/threaded"
}, },
{ {
"name" : "34911", "name": "34911",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/34911" "url": "http://www.securityfocus.com/bid/34911"
}, },
{ {
"name" : "1022204", "name": "aas-default-password(50589)",
"refsource" : "SECTRACK", "refsource": "XF",
"url" : "http://securitytracker.com/id?1022204" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50589"
}, },
{ {
"name" : "aas-default-password(50589)", "name": "1022204",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50589" "url": "http://securitytracker.com/id?1022204"
} }
] ]
} }

98
2009/1xxx/CVE-2009-1917.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2009-1917", "ID": "CVE-2009-1917",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka \"Memory Corruption Vulnerability.\"" "value": "Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka \"Memory Corruption Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=953693", "name": "1022611",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=953693" "url": "http://www.securitytracker.com/id?1022611"
}, },
{ {
"name" : "MS09-034", "name": "ADV-2009-2033",
"refsource" : "MS", "refsource": "VUPEN",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-034" "url": "http://www.vupen.com/english/advisories/2009/2033"
}, },
{ {
"name" : "TA09-195A", "name": "MS09-034",
"refsource" : "CERT", "refsource": "MS",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-195A.html" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-034"
}, },
{ {
"name" : "35831", "name": "35831",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/35831" "url": "http://www.securityfocus.com/bid/35831"
}, },
{ {
"name" : "oval:org.mitre.oval:def:6072", "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=953693",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6072" "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=953693"
}, },
{ {
"name" : "1022611", "name": "oval:org.mitre.oval:def:6072",
"refsource" : "SECTRACK", "refsource": "OVAL",
"url" : "http://www.securitytracker.com/id?1022611" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6072"
}, },
{ {
"name" : "ADV-2009-2033", "name": "TA09-195A",
"refsource" : "VUPEN", "refsource": "CERT",
"url" : "http://www.vupen.com/english/advisories/2009/2033" "url": "http://www.us-cert.gov/cas/techalerts/TA09-195A.html"
} }
] ]
} }

74
2009/1xxx/CVE-2009-1925.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2009-1925", "ID": "CVE-2009-1925",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecified field as a function pointer, aka \"TCP/IP Timestamps Code Execution Vulnerability.\"" "value": "The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecified field as a function pointer, aka \"TCP/IP Timestamps Code Execution Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS09-048", "name": "oval:org.mitre.oval:def:6374",
"refsource" : "MS", "refsource": "OVAL",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6374"
}, },
{ {
"name" : "TA09-251A", "name": "TA09-251A",
"refsource" : "CERT", "refsource": "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-251A.html" "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:6374", "name": "MS09-048",
"refsource" : "OVAL", "refsource": "MS",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6374" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
} }
] ]
} }

98
2009/1xxx/CVE-2009-1984.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2009-1984", "ID": "CVE-2009-1984",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Application Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Patch Administrator." "value": "Unspecified vulnerability in the Application Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Patch Administrator."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html", "name": "35776",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html" "url": "http://secunia.com/advisories/35776"
}, },
{ {
"name" : "35690", "name": "35690",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/35690" "url": "http://www.securityfocus.com/bid/35690"
}, },
{ {
"name" : "55899", "name": "ADV-2009-1900",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://osvdb.org/55899" "url": "http://www.vupen.com/english/advisories/2009/1900"
}, },
{ {
"name" : "1022562", "name": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id?1022562" "url": "http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html"
}, },
{ {
"name" : "35776", "name": "oracle-ebs-ai-unspecified(51767)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/35776" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51767"
}, },
{ {
"name" : "ADV-2009-1900", "name": "55899",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2009/1900" "url": "http://osvdb.org/55899"
}, },
{ {
"name" : "oracle-ebs-ai-unspecified(51767)", "name": "1022562",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51767" "url": "http://www.securitytracker.com/id?1022562"
} }
] ]
} }

86
2009/5xxx/CVE-2009-5109.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2009-5109", "ID": "CVE-2009-5109",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long entry in a .pls file." "value": "Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long entry in a .pls file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "10745", "name": "10782",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/10745" "url": "http://www.exploit-db.com/exploits/10782"
}, },
{ {
"name" : "10747", "name": "18082",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/10747" "url": "http://www.exploit-db.com/exploits/18082"
}, },
{ {
"name" : "10782", "name": "10745",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/10782" "url": "http://www.exploit-db.com/exploits/10745"
}, },
{ {
"name" : "18082", "name": "10747",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/18082" "url": "http://www.exploit-db.com/exploits/10747"
}, },
{ {
"name" : "61341", "name": "61341",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/61341" "url": "http://www.osvdb.org/61341"
} }
] ]
} }

86
2012/0xxx/CVE-2012-0202.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-0202", "ID": "CVE-2012-0202",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data." "value": "Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21590314", "name": "cognos-tm1admsd-bo(73182)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21590314" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73182"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24032164", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24032164" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21590314"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24032165", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24032165" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032164"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24032166", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24032166" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032165"
}, },
{ {
"name" : "cognos-tm1admsd-bo(73182)", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/73182" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24032166"
} }
] ]
} }

62
2012/3xxx/CVE-2012-3057.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-3057", "ID": "CVE-2012-3057",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755." "value": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player", "name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
} }
] ]
} }

104
2012/3xxx/CVE-2012-3354.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-3354", "ID": "CVE-2012-3354",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allows remote attackers to obtain sensitive information via the prefix parameter, which reveals the installation path in an error message." "value": "doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allows remote attackers to obtain sensitive information via the prefix parameter, which reveals the installation path in an error message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120624 CVE request: Full path disclosure in DokuWiki", "name": "[oss-security] 20120624 Re: CVE request: Full path disclosure in DokuWiki",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/24/2" "url": "http://www.openwall.com/lists/oss-security/2012/06/25/2"
}, },
{ {
"name" : "[oss-security] 20120624 Re: CVE request: Full path disclosure in DokuWiki", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=835145",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://www.openwall.com/lists/oss-security/2012/06/25/2" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=835145"
}, },
{ {
"name" : "http://www.freelists.org/post/dokuwiki/Fwd-DokuWiki-Full-path-disclosure", "name": "MDVSA-2013:073",
"refsource" : "MISC", "refsource": "MANDRIVA",
"url" : "http://www.freelists.org/post/dokuwiki/Fwd-DokuWiki-Full-path-disclosure" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:073"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=835145", "name": "[oss-security] 20120624 CVE request: Full path disclosure in DokuWiki",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=835145" "url": "http://www.openwall.com/lists/oss-security/2012/06/24/2"
}, },
{ {
"name" : "FEDORA-2012-16550", "name": "FEDORA-2012-16550",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090755.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090755.html"
}, },
{ {
"name" : "FEDORA-2012-16605", "name": "FEDORA-2012-16605",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090938.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090938.html"
}, },
{ {
"name" : "FEDORA-2012-16614", "name": "FEDORA-2012-16614",
"refsource" : "FEDORA", "refsource": "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090899.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090899.html"
}, },
{ {
"name" : "MDVSA-2013:073", "name": "http://www.freelists.org/post/dokuwiki/Fwd-DokuWiki-Full-path-disclosure",
"refsource" : "MANDRIVA", "refsource": "MISC",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:073" "url": "http://www.freelists.org/post/dokuwiki/Fwd-DokuWiki-Full-path-disclosure"
} }
] ]
} }

92
2012/3xxx/CVE-2012-3615.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2012-3615", "ID": "CVE-2012-3615",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1." "value": "WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT5400", "name": "http://support.apple.com/kb/HT5485",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5400" "url": "http://support.apple.com/kb/HT5485"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5485", "name": "APPLE-SA-2012-09-19-1",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://support.apple.com/kb/HT5485" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html"
}, },
{ {
"name" : "http://support.apple.com/kb/HT5503", "name": "http://support.apple.com/kb/HT5503",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT5503" "url": "http://support.apple.com/kb/HT5503"
}, },
{ {
"name" : "APPLE-SA-2012-07-25-1", "name": "APPLE-SA-2012-09-12-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html" "url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html"
}, },
{ {
"name" : "APPLE-SA-2012-09-12-1", "name": "APPLE-SA-2012-07-25-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html" "url": "http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html"
}, },
{ {
"name" : "APPLE-SA-2012-09-19-1", "name": "http://support.apple.com/kb/HT5400",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2012/Sep/msg00003.html" "url": "http://support.apple.com/kb/HT5400"
} }
] ]
} }

22
2012/3xxx/CVE-2012-3764.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3764", "ID": "CVE-2012-3764",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2012/3xxx/CVE-2012-3878.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-3878", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2012-3878",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} }
] ]
} }

128
2012/3xxx/CVE-2012-3961.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3961", "ID": "CVE-2012-3961",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors." "value": "Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-58.html", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=771873",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-58.html" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=771873"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=771873", "name": "RHSA-2012:1211",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=771873" "url": "http://rhn.redhat.com/errata/RHSA-2012-1211.html"
}, },
{ {
"name" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf", "name": "55321",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf" "url": "http://www.securityfocus.com/bid/55321"
}, },
{ {
"name" : "RHSA-2012:1211", "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-58.html",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1211.html" "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-58.html"
}, },
{ {
"name" : "RHSA-2012:1210", "name": "USN-1548-1",
"refsource" : "REDHAT", "refsource": "UBUNTU",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1210.html" "url": "http://www.ubuntu.com/usn/USN-1548-1"
}, },
{ {
"name" : "SUSE-SU-2012:1167", "name": "oval:org.mitre.oval:def:16514",
"refsource" : "SUSE", "refsource": "OVAL",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16514"
}, },
{ {
"name" : "openSUSE-SU-2012:1065", "name": "USN-1548-2",
"refsource" : "SUSE", "refsource": "UBUNTU",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html" "url": "http://www.ubuntu.com/usn/USN-1548-2"
}, },
{ {
"name" : "SUSE-SU-2012:1157", "name": "RHSA-2012:1210",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html" "url": "http://rhn.redhat.com/errata/RHSA-2012-1210.html"
}, },
{ {
"name" : "USN-1548-2", "name": "SUSE-SU-2012:1167",
"refsource" : "UBUNTU", "refsource": "SUSE",
"url" : "http://www.ubuntu.com/usn/USN-1548-2" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00014.html"
}, },
{ {
"name" : "USN-1548-1", "name": "SUSE-SU-2012:1157",
"refsource" : "UBUNTU", "refsource": "SUSE",
"url" : "http://www.ubuntu.com/usn/USN-1548-1" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00011.html"
}, },
{ {
"name" : "55321", "name": "openSUSE-SU-2012:1065",
"refsource" : "BID", "refsource": "SUSE",
"url" : "http://www.securityfocus.com/bid/55321" "url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00028.html"
}, },
{ {
"name" : "oval:org.mitre.oval:def:16514", "name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16514" "url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
} }
] ]
} }

62
2012/4xxx/CVE-2012-4096.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-4096", "ID": "CVE-2012-4096",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574." "value": "The local file editor in the Baseboard Management Controller (BMC) in Cisco Unified Computing System (UCS) allows local users to gain privileges and modify arbitrary fabric-interconnect files, in the context of a vi process, via unspecified commands, aka Bug ID CSCtn06574."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20130930 Cisco Unified Computing System Baseboard Management Controller Arbitrary File Access Vulnerability", "name": "20130930 Cisco Unified Computing System Baseboard Management Controller Arbitrary File Access Vulnerability",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4096" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4096"
} }
] ]
} }

98
2012/4xxx/CVE-2012-4241.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4241", "ID": "CVE-2012-4241",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Microcart 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO or (2) query string to _admin/index.php or (3) first_name, (4) last_name, (5) cc, (6) exp, (7) cvv, (8) address1, (9) address2, (10) city, (11) state, (12) zip, (13) phone, or (14) email parameter to checkout.php, which is not properly handled in an error message." "value": "Multiple cross-site scripting (XSS) vulnerabilities in Microcart 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO or (2) query string to _admin/index.php or (3) first_name, (4) last_name, (5) cc, (6) exp, (7) cvv, (8) address1, (9) address2, (10) city, (11) state, (12) zip, (13) phone, or (14) email parameter to checkout.php, which is not properly handled in an error message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.com/files/116714/Microcart-1.0-Checkout-Cross-Site-Scripting.html", "name": "http://packetstormsecurity.com/files/116714/Microcart-1.0-Checkout-Cross-Site-Scripting.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/116714/Microcart-1.0-Checkout-Cross-Site-Scripting.html" "url": "http://packetstormsecurity.com/files/116714/Microcart-1.0-Checkout-Cross-Site-Scripting.html"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/116721/Microcart-1.0-Cross-Site-Scripting.html", "name": "microcart-index-xss(78690)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://packetstormsecurity.com/files/116721/Microcart-1.0-Cross-Site-Scripting.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78690"
}, },
{ {
"name" : "http://www.reactionpenetrationtesting.co.uk/microcart-_admin-xss.html", "name": "http://packetstormsecurity.com/files/116721/Microcart-1.0-Cross-Site-Scripting.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.reactionpenetrationtesting.co.uk/microcart-_admin-xss.html" "url": "http://packetstormsecurity.com/files/116721/Microcart-1.0-Cross-Site-Scripting.html"
}, },
{ {
"name" : "http://www.reactionpenetrationtesting.co.uk/microcart-checkout-xss.html", "name": "microcart-checkout-xss(78691)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.reactionpenetrationtesting.co.uk/microcart-checkout-xss.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78691"
}, },
{ {
"name" : "55620", "name": "http://www.reactionpenetrationtesting.co.uk/microcart-checkout-xss.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/55620" "url": "http://www.reactionpenetrationtesting.co.uk/microcart-checkout-xss.html"
}, },
{ {
"name" : "microcart-checkout-xss(78691)", "name": "55620",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78691" "url": "http://www.securityfocus.com/bid/55620"
}, },
{ {
"name" : "microcart-index-xss(78690)", "name": "http://www.reactionpenetrationtesting.co.uk/microcart-_admin-xss.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78690" "url": "http://www.reactionpenetrationtesting.co.uk/microcart-_admin-xss.html"
} }
] ]
} }

22
2012/4xxx/CVE-2012-4381.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4381", "ID": "CVE-2012-4381",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

104
2012/4xxx/CVE-2012-4432.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-4432", "ID": "CVE-2012-4432",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to \"palette reduction.\"" "value": "Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to \"palette reduction.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20120917 CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability", "name": "55566",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2012/09/17/5" "url": "http://www.securityfocus.com/bid/55566"
}, },
{ {
"name" : "[oss-security] 20120917 Re: CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability", "name": "http://optipng.sourceforge.net/",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2012/09/18/2" "url": "http://optipng.sourceforge.net/"
}, },
{ {
"name" : "http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2", "name": "optipng-palette-code-execution(78743)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78743"
}, },
{ {
"name" : "http://optipng.sourceforge.net/", "name": "[oss-security] 20120917 CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://optipng.sourceforge.net/" "url": "http://www.openwall.com/lists/oss-security/2012/09/17/5"
}, },
{ {
"name" : "http://sourceforge.net/news/?group_id=151404", "name": "http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://sourceforge.net/news/?group_id=151404" "url": "http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2"
}, },
{ {
"name" : "55566", "name": "50654",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/55566" "url": "http://secunia.com/advisories/50654"
}, },
{ {
"name" : "50654", "name": "http://sourceforge.net/news/?group_id=151404",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/50654" "url": "http://sourceforge.net/news/?group_id=151404"
}, },
{ {
"name" : "optipng-palette-code-execution(78743)", "name": "[oss-security] 20120917 Re: CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability",
"refsource" : "XF", "refsource": "MLIST",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78743" "url": "http://www.openwall.com/lists/oss-security/2012/09/18/2"
} }
] ]
} }

74
2012/4xxx/CVE-2012-4893.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4893", "ID": "CVE-2012-4893",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in file/show.cgi in Webmin 1.590 and earlier allow remote attackers to hijack the authentication of privileged users for requests that (1) read files or execute (2) tar, (3) zip, or (4) gzip commands, a different issue than CVE-2012-2982." "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in file/show.cgi in Webmin 1.590 and earlier allow remote attackers to hijack the authentication of privileged users for requests that (1) read files or execute (2) tar, (3) zip, or (4) gzip commands, a different issue than CVE-2012-2982."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://americaninfosec.com/research/index.html", "name": "http://www.americaninfosec.com/research/dossiers/AISG-12-001.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://americaninfosec.com/research/index.html" "url": "http://www.americaninfosec.com/research/dossiers/AISG-12-001.pdf"
}, },
{ {
"name" : "http://www.americaninfosec.com/research/dossiers/AISG-12-001.pdf", "name": "VU#788478",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "http://www.americaninfosec.com/research/dossiers/AISG-12-001.pdf" "url": "http://www.kb.cert.org/vuls/id/788478"
}, },
{ {
"name" : "VU#788478", "name": "http://americaninfosec.com/research/index.html",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/788478" "url": "http://americaninfosec.com/research/index.html"
} }
] ]
} }

62
2012/4xxx/CVE-2012-4932.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4932", "ID": "CVE-2012-4932",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via (1) the having parameter in a manage action to index.php; (2) the Email field in an Add User action; (3) the Customer Name field in an Add Customer action; the (4) Street address, (5) Street address 2, (6) City, (7) Zip code, (8) State, (9) Country, (10) Mobile Phone, (11) Phone, (12) Fax, (13) Email, (14) PayPal business name, (15) PayPal notify url, (16) PayPal return url, (17) Eway customer ID, (18) Custom field 1, (19) Custom field 2, (20) Custom field 3, or (21) Custom field 4 field in an Add Biller action; (22) the Customer field in an Add Invoice action; the (23) Invoice or (24) Notes field in a Process Payment action; (25) the Payment type description field in a Payment Types action; (26) the Description field in an Invoice Preferences action; (27) the Description field in a Manage Products action; or (28) the Description field in a Tax Rates action." "value": "Multiple cross-site scripting (XSS) vulnerabilities in SimpleInvoices before stable-2012-1-CIS3000 allow remote attackers to inject arbitrary web script or HTML via (1) the having parameter in a manage action to index.php; (2) the Email field in an Add User action; (3) the Customer Name field in an Add Customer action; the (4) Street address, (5) Street address 2, (6) City, (7) Zip code, (8) State, (9) Country, (10) Mobile Phone, (11) Phone, (12) Fax, (13) Email, (14) PayPal business name, (15) PayPal notify url, (16) PayPal return url, (17) Eway customer ID, (18) Custom field 1, (19) Custom field 2, (20) Custom field 3, or (21) Custom field 4 field in an Add Biller action; (22) the Customer field in an Add Invoice action; the (23) Invoice or (24) Notes field in a Process Payment action; (25) the Payment type description field in a Payment Types action; (26) the Description field in an Invoice Preferences action; (27) the Description field in a Manage Products action; or (28) the Description field in a Tax Rates action."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20121209 SimpleInvoices 2011.1 Cross-Site-Scripting (XSS) Vulnerabilities CVE-2012-4932", "name": "20121209 SimpleInvoices 2011.1 Cross-Site-Scripting (XSS) Vulnerabilities CVE-2012-4932",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-12/0074.html" "url": "http://archives.neohapsis.com/archives/bugtraq/2012-12/0074.html"
} }
] ]
} }

22
2012/6xxx/CVE-2012-6214.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2012-6214", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2012-6214",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none."
} }
] ]
} }

22
2012/6xxx/CVE-2012-6320.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6320", "ID": "CVE-2012-6320",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2012/6xxx/CVE-2012-6509.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-6509", "ID": "CVE-2012-6509",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg." "value": "Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.org/files/112226/Car-Portal-CMS-3.0-CSRF-XSS-Shell-Upload.html", "name": "53267",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://packetstormsecurity.org/files/112226/Car-Portal-CMS-3.0-CSRF-XSS-Shell-Upload.html" "url": "http://www.securityfocus.com/bid/53267"
}, },
{ {
"name" : "http://www.vulnerability-lab.com/get_content.php?id=502", "name": "http://packetstormsecurity.org/files/112226/Car-Portal-CMS-3.0-CSRF-XSS-Shell-Upload.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.vulnerability-lab.com/get_content.php?id=502" "url": "http://packetstormsecurity.org/files/112226/Car-Portal-CMS-3.0-CSRF-XSS-Shell-Upload.html"
}, },
{ {
"name" : "53267", "name": "http://www.vulnerability-lab.com/get_content.php?id=502",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/53267" "url": "http://www.vulnerability-lab.com/get_content.php?id=502"
} }
] ]
} }

80
2017/2xxx/CVE-2017-2245.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2017-2245", "ID": "CVE-2017-2245",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Shortcodes Ultimate", "product_name": "Shortcodes Ultimate",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to version 4.10.0" "version_value": "prior to version 4.10.0"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Vladimir Anokhin" "vendor_name": "Vladimir Anokhin"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in Shortcodes Ultimate prior to version 4.10.0 allows remote attackers to read arbitrary files via unspecified vectors." "value": "Directory traversal vulnerability in Shortcodes Ultimate prior to version 4.10.0 allows remote attackers to read arbitrary files via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal" "value": "Directory traversal"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://plugins.trac.wordpress.org/changeset/1684377/#file217", "name": "https://plugins.trac.wordpress.org/changeset/1684377/#file217",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://plugins.trac.wordpress.org/changeset/1684377/#file217" "url": "https://plugins.trac.wordpress.org/changeset/1684377/#file217"
}, },
{ {
"name" : "https://wordpress.org/plugins/shortcodes-ultimate/#developers", "name": "99495",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://wordpress.org/plugins/shortcodes-ultimate/#developers" "url": "http://www.securityfocus.com/bid/99495"
}, },
{ {
"name" : "JVN#63249051", "name": "JVN#63249051",
"refsource" : "JVN", "refsource": "JVN",
"url" : "https://jvn.jp/en/jp/JVN63249051/index.html" "url": "https://jvn.jp/en/jp/JVN63249051/index.html"
}, },
{ {
"name" : "99495", "name": "https://wordpress.org/plugins/shortcodes-ultimate/#developers",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/99495" "url": "https://wordpress.org/plugins/shortcodes-ultimate/#developers"
} }
] ]
} }

68
2017/2xxx/CVE-2017-2258.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "vultures@jpcert.or.jp", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2017-2258", "ID": "CVE-2017-2258",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cybozu Garoon", "product_name": "Cybozu Garoon",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "4.2.4 to 4.2.5" "version_value": "4.2.4 to 4.2.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Cybozu, Inc." "vendor_name": "Cybozu, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API \"WorkflowHandleApplications\"." "value": "Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API \"WorkflowHandleApplications\"."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal" "value": "Directory traversal"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.cybozu.com/ja-jp/article/9846", "name": "https://support.cybozu.com/ja-jp/article/9846",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.cybozu.com/ja-jp/article/9846" "url": "https://support.cybozu.com/ja-jp/article/9846"
}, },
{ {
"name" : "JVN#63564682", "name": "JVN#63564682",
"refsource" : "JVN", "refsource": "JVN",
"url" : "https://jvn.jp/en/jp/JVN63564682/index.html" "url": "https://jvn.jp/en/jp/JVN63564682/index.html"
} }
] ]
} }

68
2017/2xxx/CVE-2017-2321.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "sirt@juniper.net", "ASSIGNER": "sirt@juniper.net",
"ID" : "CVE-2017-2321", "ID": "CVE-2017-2321",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "NorthStar Controller Application", "product_name": "NorthStar Controller Application",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "prior to version 2.1.0 Service Pack 1" "version_value": "prior to version 2.1.0 Service Pack 1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Juniper Networks" "vendor_name": "Juniper Networks"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system services partial to full denials of services, modification of system states and files, and potential disclosure of sensitive information which may assist the attacker in further attacks on the system through the use of multiple attack vectors, including man-in-the-middle attacks, file injections, and malicious execution of commands causing out of bound memory conditions leading to other attacks." "value": "A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system services partial to full denials of services, modification of system states and files, and potential disclosure of sensitive information which may assist the attacker in further attacks on the system through the use of multiple attack vectors, including man-in-the-middle attacks, file injections, and malicious execution of commands causing out of bound memory conditions leading to other attacks."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "denials of services, modification of system states and files, and potential disclosure of sensitive information" "value": "denials of services, modification of system states and files, and potential disclosure of sensitive information"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://kb.juniper.net/JSA10783", "name": "https://kb.juniper.net/JSA10783",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://kb.juniper.net/JSA10783" "url": "https://kb.juniper.net/JSA10783"
}, },
{ {
"name" : "97693", "name": "97693",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/97693" "url": "http://www.securityfocus.com/bid/97693"
} }
] ]
} }

92
2017/2xxx/CVE-2017-2508.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-2508", "ID": "CVE-2017-2508",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with container nodes." "value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that improperly interacts with container nodes."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "42066", "name": "1038487",
"refsource" : "EXPLOIT-DB", "refsource": "SECTRACK",
"url" : "https://www.exploit-db.com/exploits/42066/" "url": "http://www.securitytracker.com/id/1038487"
}, },
{ {
"name" : "https://support.apple.com/HT207798", "name": "98474",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.apple.com/HT207798" "url": "http://www.securityfocus.com/bid/98474"
}, },
{ {
"name" : "https://support.apple.com/HT207804", "name": "https://support.apple.com/HT207804",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT207804" "url": "https://support.apple.com/HT207804"
}, },
{ {
"name" : "GLSA-201706-15", "name": "42066",
"refsource" : "GENTOO", "refsource": "EXPLOIT-DB",
"url" : "https://security.gentoo.org/glsa/201706-15" "url": "https://www.exploit-db.com/exploits/42066/"
}, },
{ {
"name" : "98474", "name": "GLSA-201706-15",
"refsource" : "BID", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/bid/98474" "url": "https://security.gentoo.org/glsa/201706-15"
}, },
{ {
"name" : "1038487", "name": "https://support.apple.com/HT207798",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1038487" "url": "https://support.apple.com/HT207798"
} }
] ]
} }

64
2017/2xxx/CVE-2017-2715.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC" : "2017-11-15T00:00:00", "DATE_PUBLIC": "2017-11-15T00:00:00",
"ID" : "CVE-2017-2715", "ID": "CVE-2017-2715",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Files £¨Files is the smartphone APP£©", "product_name": "Files £¨Files is the smartphone APP£©",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "7.1.1.309 and earlier versions" "version_value": "7.1.1.309 and earlier versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Huawei Technologies Co., Ltd." "vendor_name": "Huawei Technologies Co., Ltd."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe passwords, leading to information leak." "value": "The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design of the Safe key database. An unauthorized attacker could access sensitive database information and may crack users' Safe passwords, leading to information leak."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Brute-force attack" "value": "Brute-force attack"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170425-01-files-en", "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170425-01-files-en",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170425-01-files-en" "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170425-01-files-en"
} }
] ]
} }

64
2017/6xxx/CVE-2017-6255.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@nvidia.com", "ASSIGNER": "psirt@nvidia.com",
"DATE_PUBLIC" : "2017-07-27T00:00:00", "DATE_PUBLIC": "2017-07-27T00:00:00",
"ID" : "CVE-2017-6255", "ID": "CVE-2017-6255",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "NVIDIA Windows GPU Display Driver", "product_name": "NVIDIA Windows GPU Display Driver",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All" "version_value": "All"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Nvidia Corporation" "vendor_name": "Nvidia Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an improper input parameter handling may lead to a denial of service or potential escalation of privileges." "value": "NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an improper input parameter handling may lead to a denial of service or potential escalation of privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Denial of Service, Escalation of Privileges" "value": "Denial of Service, Escalation of Privileges"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4525", "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4525",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4525" "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4525"
} }
] ]
} }

68
2017/6xxx/CVE-2017-6642.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-6642", "ID": "CVE-2017-6642",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Remote Expert Manager", "product_name": "Cisco Remote Expert Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco Remote Expert Manager" "version_value": "Cisco Remote Expert Manager"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks. Cisco Bug IDs: CSCvc52856." "value": "A vulnerability in the web interface of Cisco Remote Expert Manager Software 11.0.0 could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software does not sufficiently protect sensitive data when responding to HTTP requests that are sent to the web interface of the software. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web interface of the software on an affected system. A successful exploit could allow the attacker to access sensitive information about the software. The attacker could use this information to conduct additional reconnaissance attacks. Cisco Bug IDs: CSCvc52856."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-200" "value": "CWE-200"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2", "name": "98534",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2" "url": "http://www.securityfocus.com/bid/98534"
}, },
{ {
"name" : "98534", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/98534" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170517-rem2"
} }
] ]
} }

74
2017/6xxx/CVE-2017-6698.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@cisco.com", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2017-6698", "ID": "CVE-2017-6698",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Cisco Prime Infrastructure and Evolved Programmable Network Manager", "product_name": "Cisco Prime Infrastructure and Evolved Programmable Network Manager",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Cisco Prime Infrastructure and Evolved Programmable Network Manager" "version_value": "Cisco Prime Infrastructure and Evolved Programmable Network Manager"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. More Information: CSCvc23892 CSCvc35270 CSCvc35626 CSCvc35630 CSCvc49568. Known Affected Releases: 3.1(1) 2.0(4.0.45B)." "value": "A vulnerability in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) SQL database interface could allow an authenticated, remote attacker to impact the confidentiality and integrity of the application by executing arbitrary SQL queries, aka SQL Injection. More Information: CSCvc23892 CSCvc35270 CSCvc35626 CSCvc35630 CSCvc49568. Known Affected Releases: 3.1(1) 2.0(4.0.45B)."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL Injection Vulnerability" "value": "SQL Injection Vulnerability"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-piepnm2", "name": "1038751",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-piepnm2" "url": "http://www.securitytracker.com/id/1038751"
}, },
{ {
"name" : "99214", "name": "99214",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/99214" "url": "http://www.securityfocus.com/bid/99214"
}, },
{ {
"name" : "1038751", "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-piepnm2",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1038751" "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-piepnm2"
} }
] ]
} }

68
2018/11xxx/CVE-2018-11269.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-11269", "ID": "CVE-2018-11269",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "SSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", "product_name": "SSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016" "version_value": "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options." "value": "In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Validation of Array Index in Storage" "value": "Improper Validation of Array Index in Storage"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.qualcomm.com/company/product-security/bulletins", "name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins" "url": "https://www.qualcomm.com/company/product-security/bulletins"
}, },
{ {
"name" : "105838", "name": "105838",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/105838" "url": "http://www.securityfocus.com/bid/105838"
} }
] ]
} }

62
2018/11xxx/CVE-2018-11687.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-11687", "ID": "CVE-2018-11687",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An integer overflow in the distributeBTR function of a smart contract implementation for Bitcoin Red (BTCR), an Ethereum ERC20 token, allows the owner to accomplish an unauthorized increase of digital assets by providing a large address[] array, as exploited in the wild in May 2018, aka the \"ownerUnderflow\" issue." "value": "An integer overflow in the distributeBTR function of a smart contract implementation for Bitcoin Red (BTCR), an Ethereum ERC20 token, allows the owner to accomplish an unauthorized increase of digital assets by providing a large address[] array, as exploited in the wild in May 2018, aka the \"ownerUnderflow\" issue."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.anquanke.com/post/id/147913", "name": "https://www.anquanke.com/post/id/147913",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.anquanke.com/post/id/147913" "url": "https://www.anquanke.com/post/id/147913"
} }
] ]
} }

62
2018/11xxx/CVE-2018-11862.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2018-11862", "ID": "CVE-2018-11862",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Snapdragon Mobile", "product_name": "Snapdragon Mobile",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "SD 845, SD 850, SDA660" "version_value": "SD 845, SD 850, SDA660"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660." "value": "Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer Copy Without Checking Size of Input in WLAN" "value": "Buffer Copy Without Checking Size of Input in WLAN"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.qualcomm.com/company/product-security/bulletins", "name": "https://www.qualcomm.com/company/product-security/bulletins",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://www.qualcomm.com/company/product-security/bulletins" "url": "https://www.qualcomm.com/company/product-security/bulletins"
} }
] ]
} }

62
2018/14xxx/CVE-2018-14046.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14046", "ID": "CVE-2018-14046",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp." "value": "Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/Exiv2/exiv2/issues/378", "name": "https://github.com/Exiv2/exiv2/issues/378",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/Exiv2/exiv2/issues/378" "url": "https://github.com/Exiv2/exiv2/issues/378"
} }
] ]
} }

62
2018/14xxx/CVE-2018-14521.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14521", "ID": "CVE-2018-14521",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc." "value": "An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/aubio/aubio/issues/187", "name": "https://github.com/aubio/aubio/issues/187",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/aubio/aubio/issues/187" "url": "https://github.com/aubio/aubio/issues/187"
} }
] ]
} }

62
2018/14xxx/CVE-2018-14966.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14966", "ID": "CVE-2018-14966",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=user&do=add page allows CSRF." "value": "An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=user&do=add page allows CSRF."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://github.com/AvaterXXX/emlsoft/blob/master/README.md", "name": "https://github.com/AvaterXXX/emlsoft/blob/master/README.md",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/AvaterXXX/emlsoft/blob/master/README.md" "url": "https://github.com/AvaterXXX/emlsoft/blob/master/README.md"
} }
] ]
} }

22
2018/15xxx/CVE-2018-15086.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15086", "ID": "CVE-2018-15086",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/15xxx/CVE-2018-15586.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15586", "ID": "CVE-2018-15586",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a PGP/INLINE signature wrapped within a specially crafted multipart HTML email." "value": "Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a PGP/INLINE signature wrapped within a specially crafted multipart HTML email."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://sourceforge.net/p/enigmail/bugs/849/", "name": "https://sourceforge.net/p/enigmail/bugs/849/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://sourceforge.net/p/enigmail/bugs/849/" "url": "https://sourceforge.net/p/enigmail/bugs/849/"
} }
] ]
} }

22
2018/15xxx/CVE-2018-15651.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-15651", "ID": "CVE-2018-15651",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

62
2018/20xxx/CVE-2018-20129.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20129", "ID": "CVE-2018-20129",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in DedeCMS V5.7 SP2. uploads/include/dialog/select_images_post.php allows remote attackers to upload and execute arbitrary PHP code via a double extension and a modified \".php\" substring, in conjunction with the image/jpeg content type, as demonstrated by the filename=1.jpg.p*hp value." "value": "An issue was discovered in DedeCMS V5.7 SP2. uploads/include/dialog/select_images_post.php allows remote attackers to upload and execute arbitrary PHP code via a double extension and a modified \".php\" substring, in conjunction with the image/jpeg content type, as demonstrated by the filename=1.jpg.p*hp value."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.iwantacve.cn/index.php/archives/88/", "name": "http://www.iwantacve.cn/index.php/archives/88/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.iwantacve.cn/index.php/archives/88/" "url": "http://www.iwantacve.cn/index.php/archives/88/"
} }
] ]
} }

22
2018/20xxx/CVE-2018-20343.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20343", "ID": "CVE-2018-20343",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

68
2018/20xxx/CVE-2018-20751.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20751", "ID": "CVE-2018-20751",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName(\"MediaBox\"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference." "value": "An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName(\"MediaBox\"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-crop_page-podofo-0-9-6/", "name": "https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-crop_page-podofo-0-9-6/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-crop_page-podofo-0-9-6/" "url": "https://research.loginsoft.com/bugs/null-pointer-dereference-vulnerability-in-crop_page-podofo-0-9-6/"
}, },
{ {
"name" : "https://sourceforge.net/p/podofo/tickets/33/", "name": "https://sourceforge.net/p/podofo/tickets/33/",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://sourceforge.net/p/podofo/tickets/33/" "url": "https://sourceforge.net/p/podofo/tickets/33/"
} }
] ]
} }

76
2018/9xxx/CVE-2018-9062.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@lenovo.com", "ASSIGNER": "psirt@lenovo.com",
"ID" : "CVE-2018-9062", "ID": "CVE-2018-9062",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"TITLE" : "BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack" "TITLE": "BIOS Modules Unprotected by Intel Boot Guard Vulnerable to Physical Attack"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "some Lenovo ThinkPads", "product_name": "some Lenovo ThinkPads",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "various" "version_value": "various"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Lenovo Group Ltd." "vendor_name": "Lenovo Group Ltd."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code." "value": "In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of privilege" "value": "Elevation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.lenovo.com/us/en/solutions/LEN-20527", "name": "105387",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.lenovo.com/us/en/solutions/LEN-20527" "url": "http://www.securityfocus.com/bid/105387"
}, },
{ {
"name" : "105387", "name": "https://support.lenovo.com/us/en/solutions/LEN-20527",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/105387" "url": "https://support.lenovo.com/us/en/solutions/LEN-20527"
} }
] ]
}, },
"source" : { "source": {
"advisory" : "https://support.lenovo.com/us/en/solutions/LEN-20527", "advisory": "https://support.lenovo.com/us/en/solutions/LEN-20527",
"discovery" : "EXTERNAL" "discovery": "EXTERNAL"
} }
} }

70
2018/9xxx/CVE-2018-9208.json
View File

@ -1,65 +1,65 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "larry0@me.com", "ASSIGNER": "larry0@me.com",
"DATE_ASSIGNED" : "2018-10-09", "DATE_ASSIGNED": "2018-10-09",
"ID" : "CVE-2018-9208", "ID": "CVE-2018-9208",
"REQUESTER" : "larry0@me.com", "REQUESTER": "larry0@me.com",
"STATE" : "PUBLIC", "STATE": "PUBLIC",
"UPDATED" : "2018-04-08T13:21Z" "UPDATED": "2018-04-08T13:21Z"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "jQuery Picture Cut", "product_name": "jQuery Picture Cut",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<=", "version_affected": "<=",
"version_value" : "1.1Beta" "version_value": "1.1Beta"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Tuyoshi Vinicius" "vendor_name": "Tuyoshi Vinicius"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta" "value": "Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta"
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "jQuery Picture Cut <= v1.1Beta unauthenticated arbitrary file upload vulnerability" "value": "jQuery Picture Cut <= v1.1Beta unauthenticated arbitrary file upload vulnerability"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.vapidlabs.com/advisory.php?v=207", "name": "http://www.vapidlabs.com/advisory.php?v=207",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.vapidlabs.com/advisory.php?v=207" "url": "http://www.vapidlabs.com/advisory.php?v=207"
} }
] ]
} }

68
2018/9xxx/CVE-2018-9960.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "zdi-disclosures@trendmicro.com", "ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2018-9960", "ID": "CVE-2018-9960",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Foxit Reader", "product_name": "Foxit Reader",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0.1.1049" "version_value": "9.0.1.1049"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Foxit" "vendor_name": "Foxit"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the textColor Field attribute. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5433." "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the textColor Field attribute. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5433."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-416-Use After Free" "value": "CWE-416-Use After Free"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://zerodayinitiative.com/advisories/ZDI-18-344", "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://zerodayinitiative.com/advisories/ZDI-18-344" "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}, },
{ {
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", "name": "https://zerodayinitiative.com/advisories/ZDI-18-344",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "url": "https://zerodayinitiative.com/advisories/ZDI-18-344"
} }
] ]
} }