admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:36:43 +00:00
parent ef8522925e
commit 031179c9e1
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
57 changed files with 4752 additions and 4752 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2006/1xxx/CVE-2006-1374.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1374", "ID": "CVE-2006-1374",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and earlier allows remote attackers to execute arbitrary SQL commands via the transactions_offset parameter." "value": "SQL injection vulnerability in viewStatement.php in AdMan 1.0.20051221 and earlier allows remote attackers to execute arbitrary SQL commands via the transactions_offset parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://pridels0.blogspot.com/2006/03/adman-v10x-sql-vuln.html", "name": "http://pridels0.blogspot.com/2006/03/adman-v10x-sql-vuln.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://pridels0.blogspot.com/2006/03/adman-v10x-sql-vuln.html" "url": "http://pridels0.blogspot.com/2006/03/adman-v10x-sql-vuln.html"
}, },
{ {
"name" : "17208", "name": "adman-viewstatement-sql-injection(25403)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/17208" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25403"
}, },
{ {
"name" : "ADV-2006-1071", "name": "19351",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2006/1071" "url": "http://secunia.com/advisories/19351"
}, },
{ {
"name" : "24064", "name": "ADV-2006-1071",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://www.osvdb.org/24064" "url": "http://www.vupen.com/english/advisories/2006/1071"
}, },
{ {
"name" : "19351", "name": "24064",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/19351" "url": "http://www.osvdb.org/24064"
}, },
{ {
"name" : "adman-viewstatement-sql-injection(25403)", "name": "17208",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25403" "url": "http://www.securityfocus.com/bid/17208"
} }
] ]
} }

68
2006/1xxx/CVE-2006-1423.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1423", "ID": "CVE-2006-1423",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 br5, 6.0.1, 6.0.2, and earlier, allows remote attackers to execute arbitrary SQL commands via the Number parameter." "value": "SQL injection vulnerability in showflat.php in UBB.threads 5.5.1, 6.0 br5, 6.0.1, 6.0.2, and earlier, allows remote attackers to execute arbitrary SQL commands via the Number parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060325 UBBThreads<=5.5.1+6.0.2+6.0 br5+6.0.1 SQL injection", "name": "20060325 UBBThreads<=5.5.1+6.0.2+6.0 br5+6.0.1 SQL injection",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/428833/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/428833/100/0/threaded"
}, },
{ {
"name" : "628", "name": "628",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/628" "url": "http://securityreason.com/securityalert/628"
} }
] ]
} }

110
2006/1xxx/CVE-2006-1470.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1470", "ID": "CVE-2006-1470",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error." "value": "OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "APPLE-SA-2006-06-27", "name": "26932",
"refsource" : "APPLE", "refsource": "OSVDB",
"url" : "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html" "url": "http://www.osvdb.org/26932"
}, },
{ {
"name" : "VU#652196", "name": "APPLE-SA-2006-06-27",
"refsource" : "CERT-VN", "refsource": "APPLE",
"url" : "http://www.kb.cert.org/vuls/id/652196" "url": "http://lists.apple.com/archives/security-announce/2006/Jun/msg00000.html"
}, },
{ {
"name" : "18686", "name": "18686",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/18686" "url": "http://www.securityfocus.com/bid/18686"
}, },
{ {
"name" : "18728", "name": "1016396",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/18728" "url": "http://securitytracker.com/id?1016396"
}, },
{ {
"name" : "ADV-2006-2566", "name": "VU#652196",
"refsource" : "VUPEN", "refsource": "CERT-VN",
"url" : "http://www.vupen.com/english/advisories/2006/2566" "url": "http://www.kb.cert.org/vuls/id/652196"
}, },
{ {
"name" : "26932", "name": "macosx-openldap-directory-dos(27480)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/26932" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27480"
}, },
{ {
"name" : "1016396", "name": "18728",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://securitytracker.com/id?1016396" "url": "http://www.securityfocus.com/bid/18728"
}, },
{ {
"name" : "20877", "name": "20877",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/20877" "url": "http://secunia.com/advisories/20877"
}, },
{ {
"name" : "macosx-openldap-directory-dos(27480)", "name": "ADV-2006-2566",
"refsource" : "XF", "refsource": "VUPEN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27480" "url": "http://www.vupen.com/english/advisories/2006/2566"
} }
] ]
} }

86
2006/1xxx/CVE-2006-1609.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1609", "ID": "CVE-2006-1609",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Hitachi XFIT/S, XFIT/S/JCA, XFIT/S/ZGN, and XFIT/S ZENGIN TCP/IP Procedure allows remote attackers to cause a denial of service (server process and transfer control process stop) when the products \"receive data unexpectedly\"." "value": "Unspecified vulnerability in Hitachi XFIT/S, XFIT/S/JCA, XFIT/S/ZGN, and XFIT/S ZENGIN TCP/IP Procedure allows remote attackers to cause a denial of service (server process and transfer control process stop) when the products \"receive data unexpectedly\"."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-004_e/index-e.html", "name": "17329",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://www.hitachi-support.com/security_e/vuls_e/HS06-004_e/index-e.html" "url": "http://www.securityfocus.com/bid/17329"
}, },
{ {
"name" : "17329", "name": "19472",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/17329" "url": "http://secunia.com/advisories/19472"
}, },
{ {
"name" : "24309", "name": "xfits-data-dos(25567)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://www.osvdb.org/24309" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25567"
}, },
{ {
"name" : "19472", "name": "http://www.hitachi-support.com/security_e/vuls_e/HS06-004_e/index-e.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/19472" "url": "http://www.hitachi-support.com/security_e/vuls_e/HS06-004_e/index-e.html"
}, },
{ {
"name" : "xfits-data-dos(25567)", "name": "24309",
"refsource" : "XF", "refsource": "OSVDB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25567" "url": "http://www.osvdb.org/24309"
} }
] ]
} }

98
2006/1xxx/CVE-2006-1716.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1716", "ID": "CVE-2006-1716",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag. NOTE: the email vector is already covered by CVE-2006-1625, although it might stem from the same core issue." "value": "Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag. NOTE: the email vector is already covered by CVE-2006-1625, although it might stem from the same core issue."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060407 [KAPDA::#38] - MyBB 1.1.0~functions_post.php~XSS Attack", "name": "17413",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/430344/100/0/threaded" "url": "http://www.securityfocus.com/bid/17413"
}, },
{ {
"name" : "http://kapda.ir/advisory-305.html", "name": "http://kapda.ir/advisory-305.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://kapda.ir/advisory-305.html" "url": "http://kapda.ir/advisory-305.html"
}, },
{ {
"name" : "http://myimei.com/security/2006-03-12/mybb-110functions_postphpxss-attack.html", "name": "19516",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://myimei.com/security/2006-03-12/mybb-110functions_postphpxss-attack.html" "url": "http://secunia.com/advisories/19516"
}, },
{ {
"name" : "17413", "name": "mybb-email-img-bbcode-xss(25615)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/17413" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25615"
}, },
{ {
"name" : "24375", "name": "24375",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/24375" "url": "http://www.osvdb.org/24375"
}, },
{ {
"name" : "19516", "name": "http://myimei.com/security/2006-03-12/mybb-110functions_postphpxss-attack.html",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/19516" "url": "http://myimei.com/security/2006-03-12/mybb-110functions_postphpxss-attack.html"
}, },
{ {
"name" : "mybb-email-img-bbcode-xss(25615)", "name": "20060407 [KAPDA::#38] - MyBB 1.1.0~functions_post.php~XSS Attack",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25615" "url": "http://www.securityfocus.com/archive/1/430344/100/0/threaded"
} }
] ]
} }

128
2006/1xxx/CVE-2006-1882.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-1882", "ID": "CVE-2006-1882",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknown impact and attack vectors, as identified by Vuln# (1) APPS03 in (a) iProcurement; (2) APPS04 in (b) Oracle Application Object Library; (3) APPS06, (4) APPS07, and (5) APPS08 in (c) Oracle Applications Technology Stack; and (6) APPS11 in (d) Oracle Order Capture." "value": "Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10 have unknown impact and attack vectors, as identified by Vuln# (1) APPS03 in (a) iProcurement; (2) APPS04 in (b) Oracle Application Object Library; (3) APPS06, (4) APPS07, and (5) APPS08 in (c) Oracle Applications Technology Stack; and (6) APPS11 in (d) Oracle Order Capture."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html", "name": "19712",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html" "url": "http://secunia.com/advisories/19712"
}, },
{ {
"name" : "HPSBMA02113", "name": "oracle-ebusiness-multiple-unspecifed(26058)",
"refsource" : "HP", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/432267/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26058"
}, },
{ {
"name" : "SSRT061148", "name": "19859",
"refsource" : "HP", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/archive/1/432267/100/0/threaded" "url": "http://secunia.com/advisories/19859"
}, },
{ {
"name" : "VU#619194", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html",
"refsource" : "CERT-VN", "refsource": "CONFIRM",
"url" : "http://www.kb.cert.org/vuls/id/619194" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html"
}, },
{ {
"name" : "VU#824833", "name": "ADV-2006-1571",
"refsource" : "CERT-VN", "refsource": "VUPEN",
"url" : "http://www.kb.cert.org/vuls/id/824833" "url": "http://www.vupen.com/english/advisories/2006/1571"
}, },
{ {
"name" : "17590", "name": "VU#824833",
"refsource" : "BID", "refsource": "CERT-VN",
"url" : "http://www.securityfocus.com/bid/17590" "url": "http://www.kb.cert.org/vuls/id/824833"
}, },
{ {
"name" : "ADV-2006-1397", "name": "VU#619194",
"refsource" : "VUPEN", "refsource": "CERT-VN",
"url" : "http://www.vupen.com/english/advisories/2006/1397" "url": "http://www.kb.cert.org/vuls/id/619194"
}, },
{ {
"name" : "ADV-2006-1571", "name": "17590",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2006/1571" "url": "http://www.securityfocus.com/bid/17590"
}, },
{ {
"name" : "1015961", "name": "SSRT061148",
"refsource" : "SECTRACK", "refsource": "HP",
"url" : "http://securitytracker.com/id?1015961" "url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
}, },
{ {
"name" : "19712", "name": "ADV-2006-1397",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/19712" "url": "http://www.vupen.com/english/advisories/2006/1397"
}, },
{ {
"name" : "19859", "name": "HPSBMA02113",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/19859" "url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
}, },
{ {
"name" : "oracle-ebusiness-multiple-unspecifed(26058)", "name": "1015961",
"refsource" : "XF", "refsource": "SECTRACK",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26058" "url": "http://securitytracker.com/id?1015961"
} }
] ]
} }

86
2006/5xxx/CVE-2006-5083.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5083", "ID": "CVE-2006-5083",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in includes/functions_portal.php in Integrated MODs (IM) Portal 1.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter." "value": "PHP remote file inclusion vulnerability in includes/functions_portal.php in Integrated MODs (IM) Portal 1.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "2430", "name": "22113",
"refsource" : "EXPLOIT-DB", "refsource": "SECUNIA",
"url" : "https://www.exploit-db.com/exploits/2430" "url": "http://secunia.com/advisories/22113"
}, },
{ {
"name" : "84255", "name": "84255",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/84255" "url": "http://www.securityfocus.com/bid/84255"
}, },
{ {
"name" : "ADV-2006-3774", "name": "importal-functions-file-include(29146)",
"refsource" : "VUPEN", "refsource": "XF",
"url" : "http://www.vupen.com/english/advisories/2006/3774" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29146"
}, },
{ {
"name" : "22113", "name": "2430",
"refsource" : "SECUNIA", "refsource": "EXPLOIT-DB",
"url" : "http://secunia.com/advisories/22113" "url": "https://www.exploit-db.com/exploits/2430"
}, },
{ {
"name" : "importal-functions-file-include(29146)", "name": "ADV-2006-3774",
"refsource" : "XF", "refsource": "VUPEN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29146" "url": "http://www.vupen.com/english/advisories/2006/3774"
} }
] ]
} }

74
2006/5xxx/CVE-2006-5090.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5090", "ID": "CVE-2006-5090",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Phoenix Evolution CMS (PECMS) allow remote attackers to inject arbitrary web script or HTML via the (1) mod or (2) action parameters in index.php, or the (3) pageid parameter in modules/pageedit/index.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information." "value": "Multiple cross-site scripting (XSS) vulnerabilities in Phoenix Evolution CMS (PECMS) allow remote attackers to inject arbitrary web script or HTML via the (1) mod or (2) action parameters in index.php, or the (3) pageid parameter in modules/pageedit/index.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20212", "name": "33676",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/20212" "url": "http://osvdb.org/33676"
}, },
{ {
"name" : "33676", "name": "33677",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://osvdb.org/33676" "url": "http://osvdb.org/33677"
}, },
{ {
"name" : "33677", "name": "20212",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://osvdb.org/33677" "url": "http://www.securityfocus.com/bid/20212"
} }
] ]
} }

122
2006/5xxx/CVE-2006-5097.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5097", "ID": "CVE-2006-5097",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in net2ftp, possibly 0.1 through 0.62, allows remote attackers to execute arbitrary PHP code via a URL in the application_rootdir parameter. NOTE: this issue has been disputed by a third party researcher, CVE, and the vendor. The vendor says \"the variable is set in settings.inc.php, so this is not a vulnerability.\"" "value": "** DISPUTED ** PHP remote file inclusion vulnerability in index.php in net2ftp, possibly 0.1 through 0.62, allows remote attackers to execute arbitrary PHP code via a URL in the application_rootdir parameter. NOTE: this issue has been disputed by a third party researcher, CVE, and the vendor. The vendor says \"the variable is set in settings.inc.php, so this is not a vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060926 net2ftp: a web based FTP client :) <= Remote File Inclusion", "name": "http://www.net2ftp.org/forums/viewtopic.php?pid=6689",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/447156/100/0/threaded" "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6689"
}, },
{ {
"name" : "20061002 Re: net2ftp: a web based FTP client :) <= Remote File Inclusion", "name": "20061002 Re: net2ftp: a web based FTP client :) <= Remote File Inclusion",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/447535/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/447535/100/0/threaded"
}, },
{ {
"name" : "20061006 Re: net2ftp Remote File Inclusion - bogus report", "name": "http://www.net2ftp.org/forums/viewtopic.php?pid=6676",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/447916/100/0/threaded" "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6676"
}, },
{ {
"name" : "20061009 Re: net2ftp: a web based FTP client :) <= Remote File Inclusion", "name": "http://www.net2ftp.org/forums/viewtopic.php?pid=6687",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/448037/100/0/threaded" "url": "http://www.net2ftp.org/forums/viewtopic.php?pid=6687"
}, },
{ {
"name" : "http://www.net2ftp.org/forums/viewtopic.php?pid=6687", "name": "20061009 Re: net2ftp: a web based FTP client :) <= Remote File Inclusion",
"refsource" : "MISC", "refsource": "BUGTRAQ",
"url" : "http://www.net2ftp.org/forums/viewtopic.php?pid=6687" "url": "http://www.securityfocus.com/archive/1/448037/100/0/threaded"
}, },
{ {
"name" : "20061009 net2ftp: a web based FTP client :) <= Remote File Inclusion (fwd)", "name": "20061009 net2ftp: a web based FTP client :) <= Remote File Inclusion (fwd)",
"refsource" : "VIM", "refsource": "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2006-October/001076.html" "url": "http://www.attrition.org/pipermail/vim/2006-October/001077.html"
}, },
{ {
"name" : "20061009 net2ftp: a web based FTP client :) <= Remote File Inclusion (fwd)", "name": "20061006 Re: net2ftp Remote File Inclusion - bogus report",
"refsource" : "VIM", "refsource": "BUGTRAQ",
"url" : "http://www.attrition.org/pipermail/vim/2006-October/001077.html" "url": "http://www.securityfocus.com/archive/1/447916/100/0/threaded"
}, },
{ {
"name" : "http://www.net2ftp.org/forums/viewtopic.php?pid=6676", "name": "net2ftp-index-file-include(29203)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.net2ftp.org/forums/viewtopic.php?pid=6676" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29203"
}, },
{ {
"name" : "http://www.net2ftp.org/forums/viewtopic.php?pid=6689", "name": "1655",
"refsource" : "MISC", "refsource": "SREASON",
"url" : "http://www.net2ftp.org/forums/viewtopic.php?pid=6689" "url": "http://securityreason.com/securityalert/1655"
}, },
{ {
"name" : "1655", "name": "20060926 net2ftp: a web based FTP client :) <= Remote File Inclusion",
"refsource" : "SREASON", "refsource": "BUGTRAQ",
"url" : "http://securityreason.com/securityalert/1655" "url": "http://www.securityfocus.com/archive/1/447156/100/0/threaded"
}, },
{ {
"name" : "net2ftp-index-file-include(29203)", "name": "20061009 net2ftp: a web based FTP client :) <= Remote File Inclusion (fwd)",
"refsource" : "XF", "refsource": "VIM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29203" "url": "http://www.attrition.org/pipermail/vim/2006-October/001076.html"
} }
] ]
} }

80
2006/5xxx/CVE-2006-5237.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5237", "ID": "CVE-2006-5237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in Blue Smiley Organizer before 4.46 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." "value": "SQL injection vulnerability in Blue Smiley Organizer before 4.46 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.bookmark-manager.com/CHANGES", "name": "http://www.bookmark-manager.com/CHANGES",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.bookmark-manager.com/CHANGES" "url": "http://www.bookmark-manager.com/CHANGES"
}, },
{ {
"name" : "20417", "name": "20417",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/20417" "url": "http://www.securityfocus.com/bid/20417"
}, },
{ {
"name" : "ADV-2006-3958", "name": "22310",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2006/3958" "url": "http://secunia.com/advisories/22310"
}, },
{ {
"name" : "22310", "name": "ADV-2006-3958",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/22310" "url": "http://www.vupen.com/english/advisories/2006/3958"
} }
] ]
} }

104
2006/5xxx/CVE-2006-5397.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-5397", "ID": "CVE-2006-5397",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor." "value": "The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugs.freedesktop.org/show_bug.cgi?id=8699", "name": "22749",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://bugs.freedesktop.org/show_bug.cgi?id=8699" "url": "http://secunia.com/advisories/22749"
}, },
{ {
"name" : "http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git;a=commit;h=686bb8b35acf6cecae80fe89b2b5853f5816ce19", "name": "20845",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git;a=commit;h=686bb8b35acf6cecae80fe89b2b5853f5816ce19" "url": "http://www.securityfocus.com/bid/20845"
}, },
{ {
"name" : "MDKSA-2006:199", "name": "https://bugs.freedesktop.org/show_bug.cgi?id=8699",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:199" "url": "https://bugs.freedesktop.org/show_bug.cgi?id=8699"
}, },
{ {
"name" : "20845", "name": "ADV-2006-4289",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/20845" "url": "http://www.vupen.com/english/advisories/2006/4289"
}, },
{ {
"name" : "ADV-2006-4289", "name": "22642",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2006/4289" "url": "http://secunia.com/advisories/22642"
}, },
{ {
"name" : "22642", "name": "http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git;a=commit;h=686bb8b35acf6cecae80fe89b2b5853f5816ce19",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/22642" "url": "http://gitweb.freedesktop.org/?p=xorg/lib/libX11.git;a=commit;h=686bb8b35acf6cecae80fe89b2b5853f5816ce19"
}, },
{ {
"name" : "22749", "name": "MDKSA-2006:199",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/22749" "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:199"
}, },
{ {
"name" : "libx11-xinput-information-disclosure(29956)", "name": "libx11-xinput-information-disclosure(29956)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29956" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29956"
} }
] ]
} }

74
2007/2xxx/CVE-2007-2004.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2004", "ID": "CVE-2007-2004",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple SQL injection vulnerabilities in InoutMailingListManager 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to changename.php and other unspecified vectors." "value": "Multiple SQL injection vulnerabilities in InoutMailingListManager 3.1 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to changename.php and other unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "3702", "name": "24842",
"refsource" : "EXPLOIT-DB", "refsource": "SECUNIA",
"url" : "https://www.exploit-db.com/exploits/3702" "url": "http://secunia.com/advisories/24842"
}, },
{ {
"name" : "ADV-2007-1345", "name": "3702",
"refsource" : "VUPEN", "refsource": "EXPLOIT-DB",
"url" : "http://www.vupen.com/english/advisories/2007/1345" "url": "https://www.exploit-db.com/exploits/3702"
}, },
{ {
"name" : "24842", "name": "ADV-2007-1345",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/24842" "url": "http://www.vupen.com/english/advisories/2007/1345"
} }
] ]
} }

86
2007/2xxx/CVE-2007-2307.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2307", "ID": "CVE-2007-2307",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in engine/engine.inc.php in WebKalk2 1.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter." "value": "PHP remote file inclusion vulnerability in engine/engine.inc.php in WebKalk2 1.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "3717", "name": "35747",
"refsource" : "EXPLOIT-DB", "refsource": "OSVDB",
"url" : "https://www.exploit-db.com/exploits/3717" "url": "http://osvdb.org/35747"
}, },
{ {
"name" : "23451", "name": "ADV-2007-1385",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/23451" "url": "http://www.vupen.com/english/advisories/2007/1385"
}, },
{ {
"name" : "ADV-2007-1385", "name": "23451",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2007/1385" "url": "http://www.securityfocus.com/bid/23451"
}, },
{ {
"name" : "35747", "name": "webkalk2-engine-file-include(33598)",
"refsource" : "OSVDB", "refsource": "XF",
"url" : "http://osvdb.org/35747" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33598"
}, },
{ {
"name" : "webkalk2-engine-file-include(33598)", "name": "3717",
"refsource" : "XF", "refsource": "EXPLOIT-DB",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33598" "url": "https://www.exploit-db.com/exploits/3717"
} }
] ]
} }

98
2007/2xxx/CVE-2007-2739.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-2739", "ID": "CVE-2007-2739",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in xajax before 0.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." "value": "Cross-site scripting (XSS) vulnerability in xajax before 0.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=508650", "name": "36174",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=508650" "url": "http://osvdb.org/36174"
}, },
{ {
"name" : "DSA-1692", "name": "DSA-1692",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "http://www.debian.org/security/2008/dsa-1692" "url": "http://www.debian.org/security/2008/dsa-1692"
}, },
{ {
"name" : "ADV-2007-1841", "name": "http://sourceforge.net/project/shownotes.php?release_id=508650",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2007/1841" "url": "http://sourceforge.net/project/shownotes.php?release_id=508650"
}, },
{ {
"name" : "36174", "name": "ADV-2007-1841",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://osvdb.org/36174" "url": "http://www.vupen.com/english/advisories/2007/1841"
}, },
{ {
"name" : "25299", "name": "25299",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/25299" "url": "http://secunia.com/advisories/25299"
}, },
{ {
"name" : "33265", "name": "xajax-xajaxinc-xss(34323)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/33265" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34323"
}, },
{ {
"name" : "xajax-xajaxinc-xss(34323)", "name": "33265",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34323" "url": "http://secunia.com/advisories/33265"
} }
] ]
} }

122
2007/6xxx/CVE-2007-6017.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2007-6017", "ID": "CVE-2007-6017",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server (BEWS) 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, exposes the unsafe Save method, which allows remote attackers to cause a denial of service (browser crash), or create or overwrite arbitrary files, via string values of the (1) _DOWText0, (2) _DOWText1, (3) _DOWText2, (4) _DOWText3, (5) _DOWText4, (6) _DOWText5, (7) _DOWText6, (8) _MonthText0, (9) _MonthText1, (10) _MonthText2, (11) _MonthText3, (12) _MonthText4, (13) _MonthText5, (14) _MonthText6, (15) _MonthText7, (16) _MonthText8, (17) _MonthText9, (18) _MonthText10, and (19) _MonthText11 properties. NOTE: the vendor states \"Authenticated user involvement required,\" but authentication is not needed to attack a client machine that loads this control." "value": "The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server (BEWS) 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, exposes the unsafe Save method, which allows remote attackers to cause a denial of service (browser crash), or create or overwrite arbitrary files, via string values of the (1) _DOWText0, (2) _DOWText1, (3) _DOWText2, (4) _DOWText3, (5) _DOWText4, (6) _DOWText5, (7) _DOWText6, (8) _MonthText0, (9) _MonthText1, (10) _MonthText2, (11) _MonthText3, (12) _MonthText4, (13) _MonthText5, (14) _MonthText6, (15) _MonthText7, (16) _MonthText8, (17) _MonthText9, (18) _MonthText10, and (19) _MonthText11 properties. NOTE: the vendor states \"Authenticated user involvement required,\" but authentication is not needed to attack a client machine that loads this control."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://secunia.com/secunia_research/2007-101/", "name": "http://support.veritas.com/docs/300471",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://secunia.com/secunia_research/2007-101/" "url": "http://support.veritas.com/docs/300471"
}, },
{ {
"name" : "http://www.symantec.com/avcenter/security/Content/2008.02.29.html", "name": "1019525",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.symantec.com/avcenter/security/Content/2008.02.29.html" "url": "http://securitytracker.com/id?1019525"
}, },
{ {
"name" : "http://seer.entsupport.symantec.com/docs/300471.htm", "name": "http://www.symantec.com/avcenter/security/Content/2008.02.29.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://seer.entsupport.symantec.com/docs/300471.htm" "url": "http://www.symantec.com/avcenter/security/Content/2008.02.29.html"
}, },
{ {
"name" : "http://support.veritas.com/docs/300471", "name": "http://seer.entsupport.symantec.com/docs/300471.htm",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.veritas.com/docs/300471" "url": "http://seer.entsupport.symantec.com/docs/300471.htm"
}, },
{ {
"name" : "http://www.symantec.com/avcenter/security/Content/2008.02.28.html", "name": "http://seer.support.veritas.com/docs/308669.htm",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.symantec.com/avcenter/security/Content/2008.02.28.html" "url": "http://seer.support.veritas.com/docs/308669.htm"
}, },
{ {
"name" : "http://seer.support.veritas.com/docs/308669.htm", "name": "http://www.symantec.com/avcenter/security/Content/2008.02.28.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://seer.support.veritas.com/docs/308669.htm" "url": "http://www.symantec.com/avcenter/security/Content/2008.02.28.html"
}, },
{ {
"name" : "28008", "name": "ADV-2008-0718",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/28008" "url": "http://www.vupen.com/english/advisories/2008/0718"
}, },
{ {
"name" : "ADV-2008-0718", "name": "27885",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2008/0718" "url": "http://secunia.com/advisories/27885"
}, },
{ {
"name" : "ADV-2008-2672", "name": "http://secunia.com/secunia_research/2007-101/",
"refsource" : "VUPEN", "refsource": "MISC",
"url" : "http://www.vupen.com/english/advisories/2008/2672" "url": "http://secunia.com/secunia_research/2007-101/"
}, },
{ {
"name" : "1019525", "name": "28008",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://securitytracker.com/id?1019525" "url": "http://www.securityfocus.com/bid/28008"
}, },
{ {
"name" : "27885", "name": "ADV-2008-2672",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/27885" "url": "http://www.vupen.com/english/advisories/2008/2672"
} }
] ]
} }

86
2007/6xxx/CVE-2007-6752.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2007-6752", "ID": "CVE-2007-6752",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in Drupal 7.12 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that end a session via the user/logout URI. NOTE: the vendor disputes the significance of this issue, by considering the \"security benefit against platform complexity and performance impact\" and concluding that a change to the logout behavior is not planned because \"for most sites it is not worth the trade-off.\"" "value": "** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in Drupal 7.12 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that end a session via the user/logout URI. NOTE: the vendor disputes the significance of this issue, by considering the \"security benefit against platform complexity and performance impact\" and concluding that a change to the logout behavior is not planned because \"for most sites it is not worth the trade-off.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "18564", "name": "http://ivanobinetti.blogspot.it/2012/03/drupal-cms-712-latest-stable-release.html",
"refsource" : "EXPLOIT-DB", "refsource": "MISC",
"url" : "http://www.exploit-db.com/exploits/18564/" "url": "http://ivanobinetti.blogspot.it/2012/03/drupal-cms-712-latest-stable-release.html"
}, },
{ {
"name" : "http://drupal.org/node/144538", "name": "http://groups.drupal.org/node/216314",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://drupal.org/node/144538" "url": "http://groups.drupal.org/node/216314"
}, },
{ {
"name" : "http://groups.drupal.org/node/216314", "name": "http://drupal.org/node/144538",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://groups.drupal.org/node/216314" "url": "http://drupal.org/node/144538"
}, },
{ {
"name" : "http://ivanobinetti.blogspot.it/2012/03/drupal-cms-712-latest-stable-release.html", "name": "18564",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "http://ivanobinetti.blogspot.it/2012/03/drupal-cms-712-latest-stable-release.html" "url": "http://www.exploit-db.com/exploits/18564/"
}, },
{ {
"name" : "http://packetstormsecurity.org/files/110404/drupal712-xsrf.txt", "name": "http://packetstormsecurity.org/files/110404/drupal712-xsrf.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.org/files/110404/drupal712-xsrf.txt" "url": "http://packetstormsecurity.org/files/110404/drupal712-xsrf.txt"
} }
] ]
} }

116
2010/0xxx/CVE-2010-0649.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0649", "ID": "CVE-2010-0649",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages." "value": "Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server.cc in Google Chrome before 4.0.249.89 allows attackers to leverage renderer access to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a malformed message, related to deserializing of sandbox messages."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=32915", "name": "38177",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://code.google.com/p/chromium/issues/detail?id=32915" "url": "http://www.securityfocus.com/bid/38177"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html", "name": "http://code.google.com/p/chromium/issues/detail?id=32915",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html" "url": "http://code.google.com/p/chromium/issues/detail?id=32915"
}, },
{ {
"name" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs", "name": "62320",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs" "url": "http://www.osvdb.org/62320"
}, },
{ {
"name" : "38177", "name": "oval:org.mitre.oval:def:14256",
"refsource" : "BID", "refsource": "OVAL",
"url" : "http://www.securityfocus.com/bid/38177" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14256"
}, },
{ {
"name" : "62320", "name": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://www.osvdb.org/62320" "url": "http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs"
}, },
{ {
"name" : "oval:org.mitre.oval:def:14256", "name": "googlechrome-sandbox-code-exec(56217)",
"refsource" : "OVAL", "refsource": "XF",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14256" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56217"
}, },
{ {
"name" : "1023583", "name": "1023583",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://securitytracker.com/id?1023583" "url": "http://securitytracker.com/id?1023583"
}, },
{ {
"name" : "38545", "name": "ADV-2010-0361",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/38545" "url": "http://www.vupen.com/english/advisories/2010/0361"
}, },
{ {
"name" : "ADV-2010-0361", "name": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2010/0361" "url": "http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html"
}, },
{ {
"name" : "googlechrome-sandbox-code-exec(56217)", "name": "38545",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56217" "url": "http://secunia.com/advisories/38545"
} }
] ]
} }

68
2010/0xxx/CVE-2010-0695.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-0695", "ID": "CVE-2010-0695",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter." "value": "Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://packetstormsecurity.org/1002-exploits/basiccms-sqlxss.txt", "name": "http://packetstormsecurity.org/1002-exploits/basiccms-sqlxss.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.org/1002-exploits/basiccms-sqlxss.txt" "url": "http://packetstormsecurity.org/1002-exploits/basiccms-sqlxss.txt"
}, },
{ {
"name" : "38235", "name": "38235",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/38235" "url": "http://www.securityfocus.com/bid/38235"
} }
] ]
} }

116
2010/0xxx/CVE-2010-0731.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-0731", "ID": "CVE-2010-0731",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number." "value": "The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endian, 64-bit platforms, calls the asn1_read_value with a pointer to the wrong data type and the wrong length value, which allows remote attackers to bypass the certificate revocation list (CRL) check and cause a stack-based buffer overflow via a crafted X.509 certificate, related to extraction of a serial number."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4230", "name": "RHSA-2010:0167",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4230" "url": "http://www.redhat.com/support/errata/RHSA-2010-0167.html"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=573028", "name": "39127",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=573028" "url": "http://secunia.com/advisories/39127"
}, },
{ {
"name" : "MDVSA-2010:089", "name": "MDVSA-2010:089",
"refsource" : "MANDRIVA", "refsource": "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:089"
}, },
{ {
"name" : "RHSA-2010:0167", "name": "38959",
"refsource" : "REDHAT", "refsource": "BID",
"url" : "http://www.redhat.com/support/errata/RHSA-2010-0167.html" "url": "http://www.securityfocus.com/bid/38959"
}, },
{ {
"name" : "SUSE-SR:2010:014", "name": "ADV-2010-0713",
"refsource" : "SUSE", "refsource": "VUPEN",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html" "url": "http://www.vupen.com/english/advisories/2010/0713"
}, },
{ {
"name" : "38959", "name": "oval:org.mitre.oval:def:9759",
"refsource" : "BID", "refsource": "OVAL",
"url" : "http://www.securityfocus.com/bid/38959" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9759"
}, },
{ {
"name" : "oval:org.mitre.oval:def:9759", "name": "http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4230",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9759" "url": "http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/4230"
}, },
{ {
"name" : "39127", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=573028",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/39127" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=573028"
}, },
{ {
"name" : "ADV-2010-0713", "name": "SUSE-SR:2010:014",
"refsource" : "VUPEN", "refsource": "SUSE",
"url" : "http://www.vupen.com/english/advisories/2010/0713" "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
}, },
{ {
"name" : "ADV-2010-1054", "name": "ADV-2010-1054",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1054" "url": "http://www.vupen.com/english/advisories/2010/1054"
} }
] ]
} }

86
2010/0xxx/CVE-2010-0884.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2010-0884", "ID": "CVE-2010-0884",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite, a different vulnerability than CVE-2010-0883." "value": "Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allows local users to affect confidentiality via unknown vectors related to Data Service for Oracle E-Business Suite, a different vulnerability than CVE-2010-0883."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html", "name": "TA10-103B",
"refsource" : "CONFIRM", "refsource": "CERT",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html" "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"
}, },
{ {
"name" : "1021808", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html",
"refsource" : "SUNALERT", "refsource": "CONFIRM",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021808.1-1" "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html"
}, },
{ {
"name" : "TA10-103B", "name": "osps-cluster-unspecified-var1(57760)",
"refsource" : "CERT", "refsource": "XF",
"url" : "http://www.us-cert.gov/cas/techalerts/TA10-103B.html" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57760"
}, },
{ {
"name" : "39464", "name": "1021808",
"refsource" : "BID", "refsource": "SUNALERT",
"url" : "http://www.securityfocus.com/bid/39464" "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021808.1-1"
}, },
{ {
"name" : "osps-cluster-unspecified-var1(57760)", "name": "39464",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57760" "url": "http://www.securityfocus.com/bid/39464"
} }
] ]
} }

98
2010/1xxx/CVE-2010-1189.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1189", "ID": "CVE-2010-1189",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka \"CSS validation issue.\"" "value": "MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka \"CSS validation issue.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[MediaWiki-announce] 20100303 MediaWiki security update: 1.15.2", "name": "39656",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html" "url": "http://secunia.com/advisories/39656"
}, },
{ {
"name" : "DSA-2022", "name": "DSA-2022",
"refsource" : "DEBIAN", "refsource": "DEBIAN",
"url" : "http://www.debian.org/security/2010/dsa-2022" "url": "http://www.debian.org/security/2010/dsa-2022"
}, },
{ {
"name" : "SUSE-SR:2010:010", "name": "[MediaWiki-announce] 20100303 MediaWiki security update: 1.15.2",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html" "url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2010-March/000088.html"
}, },
{ {
"name" : "39022", "name": "SUSE-SR:2010:010",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/39022" "url": "http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html"
}, },
{ {
"name" : "39656", "name": "ADV-2010-0685",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/39656" "url": "http://www.vupen.com/english/advisories/2010/0685"
}, },
{ {
"name" : "ADV-2010-0685", "name": "39022",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2010/0685" "url": "http://secunia.com/advisories/39022"
}, },
{ {
"name" : "ADV-2010-1001", "name": "ADV-2010-1001",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1001" "url": "http://www.vupen.com/english/advisories/2010/1001"
} }
] ]
} }

92
2010/1xxx/CVE-2010-1818.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2010-1818", "ID": "CVE-2010-1818",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer." "value": "The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://reversemode.com/index.php?option=com_content&task=view&id=69&Itemid=1", "name": "oval:org.mitre.oval:def:7523",
"refsource" : "MISC", "refsource": "OVAL",
"url" : "http://reversemode.com/index.php?option=com_content&task=view&id=69&Itemid=1" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7523"
}, },
{ {
"name" : "http://threatpost.com/en_us/blogs/new-remote-flaw-apple-quicktime-bypasses-aslr-and-dep-083010", "name": "https://www.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://threatpost.com/en_us/blogs/new-remote-flaw-apple-quicktime-bypasses-aslr-and-dep-083010" "url": "https://www.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb"
}, },
{ {
"name" : "https://www.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb", "name": "http://reversemode.com/index.php?option=com_content&task=view&id=69&Itemid=1",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/apple_quicktime_marshaled_punk.rb" "url": "http://reversemode.com/index.php?option=com_content&task=view&id=69&Itemid=1"
}, },
{ {
"name" : "http://support.apple.com/kb/ht4339", "name": "http://threatpost.com/en_us/blogs/new-remote-flaw-apple-quicktime-bypasses-aslr-and-dep-083010",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://support.apple.com/kb/ht4339" "url": "http://threatpost.com/en_us/blogs/new-remote-flaw-apple-quicktime-bypasses-aslr-and-dep-083010"
}, },
{ {
"name" : "APPLE-SA-2010-09-15-1", "name": "http://support.apple.com/kb/ht4339",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2010/Sep/msg00003.html" "url": "http://support.apple.com/kb/ht4339"
}, },
{ {
"name" : "oval:org.mitre.oval:def:7523", "name": "APPLE-SA-2010-09-15-1",
"refsource" : "OVAL", "refsource": "APPLE",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7523" "url": "http://lists.apple.com/archives/security-announce/2010/Sep/msg00003.html"
} }
] ]
} }

86
2010/1xxx/CVE-2010-1978.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-1978", "ID": "CVE-2010-1978",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in default_theme.php in FreePHPBlogSoftware 1.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpincdir parameter. NOTE: some of these details are obtained from third party information." "value": "PHP remote file inclusion vulnerability in default_theme.php in FreePHPBlogSoftware 1.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpincdir parameter. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "12063", "name": "12063",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/12063" "url": "http://www.exploit-db.com/exploits/12063"
}, },
{ {
"name" : "39233", "name": "63558",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/39233" "url": "http://www.osvdb.org/63558"
}, },
{ {
"name" : "63558", "name": "39321",
"refsource" : "OSVDB", "refsource": "SECUNIA",
"url" : "http://www.osvdb.org/63558" "url": "http://secunia.com/advisories/39321"
}, },
{ {
"name" : "39321", "name": "fpbs-phpincdir-file-include(57560)",
"refsource" : "SECUNIA", "refsource": "XF",
"url" : "http://secunia.com/advisories/39321" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57560"
}, },
{ {
"name" : "fpbs-phpincdir-file-include(57560)", "name": "39233",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57560" "url": "http://www.securityfocus.com/bid/39233"
} }
] ]
} }

92
2010/4xxx/CVE-2010-4071.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4071", "ID": "CVE-2010-4071",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail." "value": "Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://bugs.gentoo.org/342687", "name": "68882",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://bugs.gentoo.org/342687" "url": "http://www.osvdb.org/68882"
}, },
{ {
"name" : "http://www.vuxml.org/freebsd/96e776c7-e75c-11df-8f26-00151735203a.html", "name": "41978",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://www.vuxml.org/freebsd/96e776c7-e75c-11df-8f26-00151735203a.html" "url": "http://secunia.com/advisories/41978"
}, },
{ {
"name" : "http://otrs.org/advisory/OSA-2010-03-en/", "name": "http://bugs.gentoo.org/342687",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://otrs.org/advisory/OSA-2010-03-en/" "url": "http://bugs.gentoo.org/342687"
}, },
{ {
"name" : "SUSE-SR:2010:024", "name": "http://otrs.org/advisory/OSA-2010-03-en/",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" "url": "http://otrs.org/advisory/OSA-2010-03-en/"
}, },
{ {
"name" : "68882", "name": "SUSE-SR:2010:024",
"refsource" : "OSVDB", "refsource": "SUSE",
"url" : "http://www.osvdb.org/68882" "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html"
}, },
{ {
"name" : "41978", "name": "http://www.vuxml.org/freebsd/96e776c7-e75c-11df-8f26-00151735203a.html",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/41978" "url": "http://www.vuxml.org/freebsd/96e776c7-e75c-11df-8f26-00151735203a.html"
} }
] ]
} }

98
2010/4xxx/CVE-2010-4148.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4148", "ID": "CVE-2010-4148",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP servers to write arbitrary files via a \"..\\\" (dot dot backslash) in a filename." "value": "Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP servers to write arbitrary files via a \"..\\\" (dot dot backslash) in a filename."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20101013 Directory Traversal Vulnerability in AnyConnect", "name": "68666",
"refsource" : "BUGTRAQ", "refsource": "OSVDB",
"url" : "http://marc.info/?l=bugtraq&m=128699692209082&w=2" "url": "http://www.osvdb.org/68666"
}, },
{ {
"name" : "http://packetstormsecurity.org/1010-exploits/anyconnect-traversal.txt", "name": "http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_anyconnect.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.org/1010-exploits/anyconnect-traversal.txt" "url": "http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_anyconnect.html"
}, },
{ {
"name" : "http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_anyconnect.html", "name": "http://packetstormsecurity.org/1010-exploits/anyconnect-traversal.txt",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.htbridge.ch/advisory/directory_traversal_vulnerability_in_anyconnect.html" "url": "http://packetstormsecurity.org/1010-exploits/anyconnect-traversal.txt"
}, },
{ {
"name" : "44076", "name": "20101013 Directory Traversal Vulnerability in AnyConnect",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/44076" "url": "http://marc.info/?l=bugtraq&m=128699692209082&w=2"
}, },
{ {
"name" : "68666", "name": "44076",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://www.osvdb.org/68666" "url": "http://www.securityfocus.com/bid/44076"
}, },
{ {
"name" : "41802", "name": "41802",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/41802" "url": "http://secunia.com/advisories/41802"
}, },
{ {
"name" : "anyconnect-filename-directory-traversal(62563)", "name": "anyconnect-filename-directory-traversal(62563)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62563" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62563"
} }
] ]
} }

284
2010/4xxx/CVE-2010-4258.json
View File

@ -1,246 +1,246 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2010-4258", "ID": "CVE-2010-4258",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call." "value": "The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20101207 Linux kernel exploit", "name": "[oss-security] 20101202 CVE request: kernel: failure to revert address limit override in OOPS error path",
"refsource" : "FULLDISC", "refsource": "MLIST",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html" "url": "http://openwall.com/lists/oss-security/2010/12/02/2"
}, },
{ {
"name" : "[linux-kernel] 20101201 Re: [PATCH v2] do_exit(): Make sure we run with get_fs() == USER_DS.", "name": "43056",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "https://lkml.org/lkml/2010/12/1/543" "url": "http://secunia.com/advisories/43056"
}, },
{ {
"name" : "[linux-kernel] 20101201 [PATCH v2] do_exit(): Make sure we run with get_fs() == USER_DS.", "name": "SUSE-SA:2011:004",
"refsource" : "MLIST", "refsource": "SUSE",
"url" : "http://marc.info/?l=linux-kernel&m=129117048916957&w=2" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html"
}, },
{ {
"name" : "[oss-security] 20101202 CVE request: kernel: failure to revert address limit override in OOPS error path", "name": "42778",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://openwall.com/lists/oss-security/2010/12/02/2" "url": "http://secunia.com/advisories/42778"
}, },
{ {
"name" : "[oss-security] 20101202 Re: CVE request: kernel: failure to revert address limit override in OOPS error path", "name": "[oss-security] 20101202 kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://openwall.com/lists/oss-security/2010/12/02/7" "url": "http://openwall.com/lists/oss-security/2010/12/02/3"
}, },
{ {
"name" : "[oss-security] 20101202 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=33dd94ae1ccbfb7bf0fb6c692bc3d1c4269e6177",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://openwall.com/lists/oss-security/2010/12/02/4" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=33dd94ae1ccbfb7bf0fb6c692bc3d1c4269e6177"
}, },
{ {
"name" : "[oss-security] 20101202 kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses", "name": "42801",
"refsource" : "MLIST", "refsource": "SECUNIA",
"url" : "http://openwall.com/lists/oss-security/2010/12/02/3" "url": "http://secunia.com/advisories/42801"
}, },
{ {
"name" : "[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses", "name": "SUSE-SA:2011:002",
"refsource" : "MLIST", "refsource": "SUSE",
"url" : "http://openwall.com/lists/oss-security/2010/12/08/9" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html"
}, },
{ {
"name" : "[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses", "name": "http://blog.nelhage.com/2010/12/cve-2010-4258-from-dos-to-privesc/",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://openwall.com/lists/oss-security/2010/12/08/4" "url": "http://blog.nelhage.com/2010/12/cve-2010-4258-from-dos-to-privesc/"
}, },
{ {
"name" : "[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses", "name": "[oss-security] 20101209 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://openwall.com/lists/oss-security/2010/12/08/5" "url": "http://openwall.com/lists/oss-security/2010/12/09/4"
}, },
{ {
"name" : "[oss-security] 20101209 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses", "name": "FEDORA-2010-18983",
"refsource" : "MLIST", "refsource": "FEDORA",
"url" : "http://openwall.com/lists/oss-security/2010/12/09/4" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html"
}, },
{ {
"name" : "[oss-security] 20101209 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses", "name": "SUSE-SA:2011:001",
"refsource" : "MLIST", "refsource": "SUSE",
"url" : "http://openwall.com/lists/oss-security/2010/12/09/14" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html"
}, },
{ {
"name" : "http://blog.nelhage.com/2010/12/cve-2010-4258-from-dos-to-privesc/", "name": "42932",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://blog.nelhage.com/2010/12/cve-2010-4258-from-dos-to-privesc/" "url": "http://secunia.com/advisories/42932"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=33dd94ae1ccbfb7bf0fb6c692bc3d1c4269e6177", "name": "20101207 Linux kernel exploit",
"refsource" : "CONFIRM", "refsource": "FULLDISC",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=33dd94ae1ccbfb7bf0fb6c692bc3d1c4269e6177" "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-12/0086.html"
}, },
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2", "name": "ADV-2011-0124",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2" "url": "http://www.vupen.com/english/advisories/2011/0124"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=659567", "name": "[linux-kernel] 20101201 [PATCH v2] do_exit(): Make sure we run with get_fs() == USER_DS.",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=659567" "url": "http://marc.info/?l=linux-kernel&m=129117048916957&w=2"
}, },
{ {
"name" : "http://code.google.com/p/chromium-os/issues/detail?id=10234", "name": "SUSE-SA:2011:007",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://code.google.com/p/chromium-os/issues/detail?id=10234" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2011/01/chrome-os-beta-channel-update.html", "name": "ADV-2010-3321",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://googlechromereleases.blogspot.com/2011/01/chrome-os-beta-channel-update.html" "url": "http://www.vupen.com/english/advisories/2010/3321"
}, },
{ {
"name" : "FEDORA-2010-18983", "name": "[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html" "url": "http://openwall.com/lists/oss-security/2010/12/08/9"
}, },
{ {
"name" : "MDVSA-2011:029", "name": "ADV-2011-0298",
"refsource" : "MANDRIVA", "refsource": "VUPEN",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:029" "url": "http://www.vupen.com/english/advisories/2011/0298"
}, },
{ {
"name" : "SUSE-SA:2011:001", "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html" "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36.2"
}, },
{ {
"name" : "SUSE-SA:2011:002", "name": "[oss-security] 20101209 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html" "url": "http://openwall.com/lists/oss-security/2010/12/09/14"
}, },
{ {
"name" : "SUSE-SA:2011:004", "name": "SUSE-SA:2011:005",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html"
}, },
{ {
"name" : "SUSE-SA:2011:005", "name": "http://code.google.com/p/chromium-os/issues/detail?id=10234",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html" "url": "http://code.google.com/p/chromium-os/issues/detail?id=10234"
}, },
{ {
"name" : "SUSE-SA:2011:007", "name": "ADV-2011-0375",
"refsource" : "SUSE", "refsource": "VUPEN",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html" "url": "http://www.vupen.com/english/advisories/2011/0375"
}, },
{ {
"name" : "SUSE-SA:2011:008", "name": "[linux-kernel] 20101201 Re: [PATCH v2] do_exit(): Make sure we run with get_fs() == USER_DS.",
"refsource" : "SUSE", "refsource": "MLIST",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html" "url": "https://lkml.org/lkml/2010/12/1/543"
}, },
{ {
"name" : "42745", "name": "http://googlechromereleases.blogspot.com/2011/01/chrome-os-beta-channel-update.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/42745" "url": "http://googlechromereleases.blogspot.com/2011/01/chrome-os-beta-channel-update.html"
}, },
{ {
"name" : "42778", "name": "ADV-2011-0012",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/42778" "url": "http://www.vupen.com/english/advisories/2011/0012"
}, },
{ {
"name" : "42801", "name": "SUSE-SA:2011:008",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/42801" "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html"
}, },
{ {
"name" : "42932", "name": "[oss-security] 20101202 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses",
"refsource" : "SECUNIA", "refsource": "MLIST",
"url" : "http://secunia.com/advisories/42932" "url": "http://openwall.com/lists/oss-security/2010/12/02/4"
}, },
{ {
"name" : "43056", "name": "MDVSA-2011:029",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/43056" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:029"
}, },
{ {
"name" : "43291", "name": "42745",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/43291" "url": "http://secunia.com/advisories/42745"
}, },
{ {
"name" : "ADV-2010-3321", "name": "[oss-security] 20101202 Re: CVE request: kernel: failure to revert address limit override in OOPS error path",
"refsource" : "VUPEN", "refsource": "MLIST",
"url" : "http://www.vupen.com/english/advisories/2010/3321" "url": "http://openwall.com/lists/oss-security/2010/12/02/7"
}, },
{ {
"name" : "ADV-2011-0012", "name": "[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses",
"refsource" : "VUPEN", "refsource": "MLIST",
"url" : "http://www.vupen.com/english/advisories/2011/0012" "url": "http://openwall.com/lists/oss-security/2010/12/08/5"
}, },
{ {
"name" : "ADV-2011-0124", "name": "43291",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2011/0124" "url": "http://secunia.com/advisories/43291"
}, },
{ {
"name" : "ADV-2011-0213", "name": "ADV-2011-0213",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0213" "url": "http://www.vupen.com/english/advisories/2011/0213"
}, },
{ {
"name" : "ADV-2011-0298", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=659567",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2011/0298" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=659567"
}, },
{ {
"name" : "ADV-2011-0375", "name": "[oss-security] 20101208 Re: kernel: Dangerous interaction between clear_child_tid, set_fs(), and kernel oopses",
"refsource" : "VUPEN", "refsource": "MLIST",
"url" : "http://www.vupen.com/english/advisories/2011/0375" "url": "http://openwall.com/lists/oss-security/2010/12/08/4"
} }
] ]
} }

74
2010/4xxx/CVE-2010-4356.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4356", "ID": "CVE-2010-4356",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter." "value": "SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "15627", "name": "15627",
"refsource" : "EXPLOIT-DB", "refsource": "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/15627" "url": "http://www.exploit-db.com/exploits/15627"
}, },
{ {
"name" : "http://packetstormsecurity.org/files/view/96148/site2nitebigtruck-sql.txt", "name": "42383",
"refsource" : "MISC", "refsource": "SECUNIA",
"url" : "http://packetstormsecurity.org/files/view/96148/site2nitebigtruck-sql.txt" "url": "http://secunia.com/advisories/42383"
}, },
{ {
"name" : "42383", "name": "http://packetstormsecurity.org/files/view/96148/site2nitebigtruck-sql.txt",
"refsource" : "SECUNIA", "refsource": "MISC",
"url" : "http://secunia.com/advisories/42383" "url": "http://packetstormsecurity.org/files/view/96148/site2nitebigtruck-sql.txt"
} }
] ]
} }

86
2010/4xxx/CVE-2010-4606.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2010-4606", "ID": "CVE-2010-4606",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Space Management client in the Hierarchical Storage Management (HSM) component in IBM Tivoli Storage Manager (TSM) 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows remote attackers to execute arbitrary commands via unknown vectors, related to a \"script execution vulnerability.\"" "value": "Unspecified vulnerability in the Space Management client in the Hierarchical Storage Management (HSM) component in IBM Tivoli Storage Manager (TSM) 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows remote attackers to execute arbitrary commands via unknown vectors, related to a \"script execution vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21454745", "name": "1024901",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21454745" "url": "http://securitytracker.com/id?1024901"
}, },
{ {
"name" : "IC69150", "name": "ADV-2010-3251",
"refsource" : "AIXAPAR", "refsource": "VUPEN",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IC69150" "url": "http://www.vupen.com/english/advisories/2010/3251"
}, },
{ {
"name" : "1024901", "name": "42639",
"refsource" : "SECTRACK", "refsource": "SECUNIA",
"url" : "http://securitytracker.com/id?1024901" "url": "http://secunia.com/advisories/42639"
}, },
{ {
"name" : "42639", "name": "IC69150",
"refsource" : "SECUNIA", "refsource": "AIXAPAR",
"url" : "http://secunia.com/advisories/42639" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC69150"
}, },
{ {
"name" : "ADV-2010-3251", "name": "http://www.ibm.com/support/docview.wss?uid=swg21454745",
"refsource" : "VUPEN", "refsource": "CONFIRM",
"url" : "http://www.vupen.com/english/advisories/2010/3251" "url": "http://www.ibm.com/support/docview.wss?uid=swg21454745"
} }
] ]
} }

158
2014/0xxx/CVE-2014-0061.json
View File

@ -1,141 +1,141 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0061", "ID": "CVE-2014-0061",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions." "value": "The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://wiki.postgresql.org/wiki/20140220securityrelease", "name": "RHSA-2014:0211",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://wiki.postgresql.org/wiki/20140220securityrelease" "url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html"
}, },
{ {
"name" : "http://www.postgresql.org/about/news/1506/", "name": "RHSA-2014:0221",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://www.postgresql.org/about/news/1506/" "url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html"
}, },
{ {
"name" : "http://support.apple.com/kb/HT6448", "name": "http://support.apple.com/kb/HT6448",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT6448" "url": "http://support.apple.com/kb/HT6448"
}, },
{ {
"name" : "https://support.apple.com/kb/HT6536", "name": "RHSA-2014:0469",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "https://support.apple.com/kb/HT6536" "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html"
}, },
{ {
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", "name": "APPLE-SA-2014-10-16-3",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" "url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "name": "http://wiki.postgresql.org/wiki/20140220securityrelease",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" "url": "http://wiki.postgresql.org/wiki/20140220securityrelease"
}, },
{ {
"name" : "APPLE-SA-2014-10-16-3", "name": "DSA-2864",
"refsource" : "APPLE", "refsource": "DEBIAN",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html" "url": "http://www.debian.org/security/2014/dsa-2864"
}, },
{ {
"name" : "DSA-2864", "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource" : "DEBIAN", "refsource": "CONFIRM",
"url" : "http://www.debian.org/security/2014/dsa-2864" "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
}, },
{ {
"name" : "DSA-2865", "name": "RHSA-2014:0249",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "http://www.debian.org/security/2014/dsa-2865" "url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html"
}, },
{ {
"name" : "RHSA-2014:0469", "name": "http://www.postgresql.org/about/news/1506/",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0469.html" "url": "http://www.postgresql.org/about/news/1506/"
}, },
{ {
"name" : "RHSA-2014:0211", "name": "USN-2120-1",
"refsource" : "REDHAT", "refsource": "UBUNTU",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0211.html" "url": "http://www.ubuntu.com/usn/USN-2120-1"
}, },
{ {
"name" : "RHSA-2014:0221", "name": "https://support.apple.com/kb/HT6536",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0221.html" "url": "https://support.apple.com/kb/HT6536"
}, },
{ {
"name" : "RHSA-2014:0249", "name": "DSA-2865",
"refsource" : "REDHAT", "refsource": "DEBIAN",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0249.html" "url": "http://www.debian.org/security/2014/dsa-2865"
}, },
{ {
"name" : "openSUSE-SU-2014:0345", "name": "openSUSE-SU-2014:0345",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html"
}, },
{ {
"name" : "openSUSE-SU-2014:0368", "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource" : "SUSE", "refsource": "CONFIRM",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
}, },
{ {
"name" : "USN-2120-1", "name": "openSUSE-SU-2014:0368",
"refsource" : "UBUNTU", "refsource": "SUSE",
"url" : "http://www.ubuntu.com/usn/USN-2120-1" "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html"
}, },
{ {
"name" : "61307", "name": "61307",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/61307" "url": "http://secunia.com/advisories/61307"
} }
] ]
} }

86
2014/0xxx/CVE-2014-0182.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-0182", "ID": "CVE-2014-0182",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image." "value": "Heap-based buffer overflow in the virtio_load function in hw/virtio/virtio.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted config length in a savevm image."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[Qemu-stable] 20140723 [ANNOUNCE] QEMU 1.7.2 Stable released", "name": "RHSA-2014:0743",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-0743.html"
}, },
{ {
"name" : "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=a890a2f9137ac3cf5b607649e66a6f3a5512d8dc", "name": "[Qemu-stable] 20140723 [ANNOUNCE] QEMU 1.7.2 Stable released",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=a890a2f9137ac3cf5b607649e66a6f3a5512d8dc" "url": "http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html"
}, },
{ {
"name" : "FEDORA-2014-6288", "name": "RHSA-2014:0744",
"refsource" : "FEDORA", "refsource": "REDHAT",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-0744.html"
}, },
{ {
"name" : "RHSA-2014:0743", "name": "FEDORA-2014-6288",
"refsource" : "REDHAT", "refsource": "FEDORA",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0743.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html"
}, },
{ {
"name" : "RHSA-2014:0744", "name": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=a890a2f9137ac3cf5b607649e66a6f3a5512d8dc",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0744.html" "url": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=a890a2f9137ac3cf5b607649e66a6f3a5512d8dc"
} }
] ]
} }

92
2014/0xxx/CVE-2014-0498.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2014-0498", "ID": "CVE-2014-0498",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors." "value": "Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://helpx.adobe.com/security/products/flash-player/apsb14-07.html", "name": "openSUSE-SU-2014:0278",
"refsource" : "CONFIRM", "refsource": "SUSE",
"url" : "http://helpx.adobe.com/security/products/flash-player/apsb14-07.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00015.html"
}, },
{ {
"name" : "GLSA-201405-04", "name": "GLSA-201405-04",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201405-04.xml" "url": "http://security.gentoo.org/glsa/glsa-201405-04.xml"
}, },
{ {
"name" : "RHSA-2014:0196", "name": "http://helpx.adobe.com/security/products/flash-player/apsb14-07.html",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0196.html" "url": "http://helpx.adobe.com/security/products/flash-player/apsb14-07.html"
}, },
{ {
"name" : "openSUSE-SU-2014:0277", "name": "RHSA-2014:0196",
"refsource" : "SUSE", "refsource": "REDHAT",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00014.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-0196.html"
}, },
{ {
"name" : "openSUSE-SU-2014:0278", "name": "SUSE-SU-2014:0290",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00015.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00017.html"
}, },
{ {
"name" : "SUSE-SU-2014:0290", "name": "openSUSE-SU-2014:0277",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00017.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00014.html"
} }
] ]
} }

62
2014/0xxx/CVE-2014-0769.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2014-0769", "ID": "CVE-2014-0769",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to (1) modify the configuration via a request to the debug service on port 4000 or (2) delete log entries via a request to the log service on port 4001." "value": "The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to (1) modify the configuration via a request to the debug service on port 4000 or (2) delete log entries via a request to the log service on port 4001."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-084-01", "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-084-01",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-084-01" "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-084-01"
} }
] ]
} }

80
2014/0xxx/CVE-2014-0961.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-0961", "ID": "CVE-2014-0961",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity Manager (ITIM) 5.0 before 5.0.0.15 and 5.1 before 5.1.0.15 and IBM Security Identity Manager (ISIM) 6.0 before 6.0.0.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences." "value": "Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity Manager (ITIM) 5.0 before 5.0.0.15 and 5.1 before 5.1.0.15 and IBM Security Identity Manager (ISIM) 6.0 before 6.0.0.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21674754", "name": "ibm-sim-cve20140961-csrf(92747)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21674754" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92747"
}, },
{ {
"name" : "67909", "name": "59080",
"refsource" : "BID", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/bid/67909" "url": "http://secunia.com/advisories/59080"
}, },
{ {
"name" : "59080", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674754",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/59080" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674754"
}, },
{ {
"name" : "ibm-sim-cve20140961-csrf(92747)", "name": "67909",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/92747" "url": "http://www.securityfocus.com/bid/67909"
} }
] ]
} }

74
2014/4xxx/CVE-2014-4062.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2014-4062", "ID": "CVE-2014-4062",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, and 3.5.1 does not properly implement the ASLR protection mechanism, which allows remote attackers to obtain sensitive address information via a crafted web site, aka \".NET ASLR Vulnerability.\"" "value": "Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, and 3.5.1 does not properly implement the ASLR protection mechanism, which allows remote attackers to obtain sensitive address information via a crafted web site, aka \".NET ASLR Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS14-046", "name": "1030721",
"refsource" : "MS", "refsource": "SECTRACK",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-046" "url": "http://www.securitytracker.com/id/1030721"
}, },
{ {
"name" : "69145", "name": "69145",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/69145" "url": "http://www.securityfocus.com/bid/69145"
}, },
{ {
"name" : "1030721", "name": "MS14-046",
"refsource" : "SECTRACK", "refsource": "MS",
"url" : "http://www.securitytracker.com/id/1030721" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-046"
} }
] ]
} }

92
2014/4xxx/CVE-2014-4232.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-4232", "ID": "CVE-2014-4232",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-2463." "value": "Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-2463."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
}, },
{ {
"name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "FULLDISC", "refsource": "BUGTRAQ",
"url" : "http://seclists.org/fulldisclosure/2014/Dec/23" "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
}, },
{ {
"name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
"refsource" : "CONFIRM", "refsource": "FULLDISC",
"url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
}, },
{ {
"name" : "68606", "name": "oracle-cpujul2014-cve20144232(94614)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/68606" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94614"
}, },
{ {
"name" : "oracle-cpujul2014-cve20144232(94614)", "name": "68606",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94614" "url": "http://www.securityfocus.com/bid/68606"
} }
] ]
} }

62
2014/4xxx/CVE-2014-4513.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4513", "ID": "CVE-2014-4513",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in server/offline.php in the ActiveHelper LiveHelp Live Chat plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) MESSAGE, (2) EMAIL, or (3) NAME parameter." "value": "Multiple cross-site scripting (XSS) vulnerabilities in server/offline.php in the ActiveHelper LiveHelp Live Chat plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) MESSAGE, (2) EMAIL, or (3) NAME parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://codevigilant.com/disclosure/wp-plugin-activehelper-livehelp-a3-cross-site-scripting-xss", "name": "http://codevigilant.com/disclosure/wp-plugin-activehelper-livehelp-a3-cross-site-scripting-xss",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://codevigilant.com/disclosure/wp-plugin-activehelper-livehelp-a3-cross-site-scripting-xss" "url": "http://codevigilant.com/disclosure/wp-plugin-activehelper-livehelp-a3-cross-site-scripting-xss"
} }
] ]
} }

62
2014/4xxx/CVE-2014-4692.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-4692", "ID": "CVE-2014-4692",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie." "value": "pfSense before 2.1.4, when HTTP is used, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc", "name": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc" "url": "https://pfsense.org/security/advisories/pfSense-SA-14_12.webgui.asc"
} }
] ]
} }

62
2014/9xxx/CVE-2014-9207.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2014-9207", "ID": "CVE-2014-9207",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Untrusted search path vulnerability in CmnView.exe in CIMON CmnView 2.14.0.1 and 3.x before UltimateAccess 3.02 allows local users to gain privileges via a Trojan horse DLL in the current working directory." "value": "Untrusted search path vulnerability in CmnView.exe in CIMON CmnView 2.14.0.1 and 3.x before UltimateAccess 3.02 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-01", "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-01",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-01" "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-01"
} }
] ]
} }

80
2014/9xxx/CVE-2014-9485.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9485", "ID": "CVE-2014-9485",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive." "value": "Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attackers to write to arbitrary files via a crafted entry in a ZIP archive."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20141231 cve request: miniunzip directory traversal", "name": "71846",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2014/12/31/11" "url": "http://www.securityfocus.com/bid/71846"
}, },
{ {
"name" : "[oss-security] 20150103 Re: cve request: miniunzip directory traversal", "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774321",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/03/16" "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774321"
}, },
{ {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774321", "name": "[oss-security] 20141231 cve request: miniunzip directory traversal",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774321" "url": "http://www.openwall.com/lists/oss-security/2014/12/31/11"
}, },
{ {
"name" : "71846", "name": "[oss-security] 20150103 Re: cve request: miniunzip directory traversal",
"refsource" : "BID", "refsource": "MLIST",
"url" : "http://www.securityfocus.com/bid/71846" "url": "http://www.openwall.com/lists/oss-security/2015/01/03/16"
} }
] ]
} }

104
2014/9xxx/CVE-2014-9599.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-9599", "ID": "CVE-2014-9599",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fm_filter parameter to blogs/admin.php." "value": "Cross-site scripting (XSS) vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fm_filter parameter to blogs/admin.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20150113 Reflecting XSS vulnerability in filemanager of CMS b2evolution v. 5.2.0", "name": "http://b2evolution.net/downloads/5-2-1-stable",
"refsource" : "FULLDISC", "refsource": "CONFIRM",
"url" : "http://seclists.org/fulldisclosure/2015/Jan/48" "url": "http://b2evolution.net/downloads/5-2-1-stable"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/129940/CMS-b2evolution-5.2.0-Cross-Site-Scripting.html", "name": "http://sroesemann.blogspot.de/2014/12/sroeadv-2014-09.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/129940/CMS-b2evolution-5.2.0-Cross-Site-Scripting.html" "url": "http://sroesemann.blogspot.de/2014/12/sroeadv-2014-09.html"
}, },
{ {
"name" : "http://sroesemann.blogspot.de/2014/12/sroeadv-2014-09.html", "name": "20150113 Reflecting XSS vulnerability in filemanager of CMS b2evolution v. 5.2.0",
"refsource" : "MISC", "refsource": "FULLDISC",
"url" : "http://sroesemann.blogspot.de/2014/12/sroeadv-2014-09.html" "url": "http://seclists.org/fulldisclosure/2015/Jan/48"
}, },
{ {
"name" : "http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2014-09.html", "name": "https://twitter.com/SecLists/status/554937224366546944",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2014-09.html" "url": "https://twitter.com/SecLists/status/554937224366546944"
}, },
{ {
"name" : "http://b2evolution.net/downloads/5-2-1-stable", "name": "http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2014-09.html",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "http://b2evolution.net/downloads/5-2-1-stable" "url": "http://sroesemann.blogspot.de/2015/01/report-for-advisory-sroeadv-2014-09.html"
}, },
{ {
"name" : "https://twitter.com/SecLists/status/554937224366546944", "name": "72052",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://twitter.com/SecLists/status/554937224366546944" "url": "http://www.securityfocus.com/bid/72052"
}, },
{ {
"name" : "72052", "name": "b2evolution-fmfilter-xss(99891)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/72052" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99891"
}, },
{ {
"name" : "b2evolution-fmfilter-xss(99891)", "name": "http://packetstormsecurity.com/files/129940/CMS-b2evolution-5.2.0-Cross-Site-Scripting.html",
"refsource" : "XF", "refsource": "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99891" "url": "http://packetstormsecurity.com/files/129940/CMS-b2evolution-5.2.0-Cross-Site-Scripting.html"
} }
] ]
} }

98
2014/9xxx/CVE-2014-9635.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2014-9635", "ID": "CVE-2014-9635",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Jenkins before 1.586 does not set the HttpOnly flag in a Set-Cookie header for session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to obtain potentially sensitive information via script access to cookies." "value": "Jenkins before 1.586 does not set the HttpOnly flag in a Set-Cookie header for session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to obtain potentially sensitive information via script access to cookies."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20150122 Re: ping on CVE Request for jenkins-tomcat: Secure and HttpOnly flags are not, set for cookies with Jenkins on Tomcat", "name": "[oss-security] 20150122 Re: ping on CVE Request for jenkins-tomcat: Secure and HttpOnly flags are not, set for cookies with Jenkins on Tomcat",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2015/01/22/3" "url": "http://www.openwall.com/lists/oss-security/2015/01/22/3"
}, },
{ {
"name" : "https://issues.jenkins-ci.org/browse/JENKINS-25019", "name": "https://issues.jenkins-ci.org/browse/JENKINS-25019",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://issues.jenkins-ci.org/browse/JENKINS-25019" "url": "https://issues.jenkins-ci.org/browse/JENKINS-25019"
}, },
{ {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769682", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185151",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769682" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185151"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1185151", "name": "https://jenkins.io/changelog-old/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1185151" "url": "https://jenkins.io/changelog-old/"
}, },
{ {
"name" : "https://github.com/jenkinsci/jenkins/commit/582128b9ac179a788d43c1478be8a5224dc19710", "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769682",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/jenkinsci/jenkins/commit/582128b9ac179a788d43c1478be8a5224dc19710" "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769682"
}, },
{ {
"name" : "https://jenkins.io/changelog-old/", "name": "https://github.com/jenkinsci/jenkins/commit/582128b9ac179a788d43c1478be8a5224dc19710",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://jenkins.io/changelog-old/" "url": "https://github.com/jenkinsci/jenkins/commit/582128b9ac179a788d43c1478be8a5224dc19710"
}, },
{ {
"name" : "72054", "name": "72054",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/72054" "url": "http://www.securityfocus.com/bid/72054"
} }
] ]
} }

86
2016/3xxx/CVE-2016-3204.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-3204", "ID": "CVE-2016-3204",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\"" "value": "The Microsoft (1) JScript 5.8 and 9 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS16-084", "name": "1036283",
"refsource" : "MS", "refsource": "SECTRACK",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084" "url": "http://www.securitytracker.com/id/1036283"
}, },
{ {
"name" : "MS16-086", "name": "91584",
"refsource" : "MS", "refsource": "BID",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-086" "url": "http://www.securityfocus.com/bid/91584"
}, },
{ {
"name" : "91584", "name": "1036282",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/91584" "url": "http://www.securitytracker.com/id/1036282"
}, },
{ {
"name" : "1036282", "name": "MS16-086",
"refsource" : "SECTRACK", "refsource": "MS",
"url" : "http://www.securitytracker.com/id/1036282" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-086"
}, },
{ {
"name" : "1036283", "name": "MS16-084",
"refsource" : "SECTRACK", "refsource": "MS",
"url" : "http://www.securitytracker.com/id/1036283" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084"
} }
] ]
} }

80
2016/3xxx/CVE-2016-3215.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-3215", "ID": "CVE-2016-3215",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka \"Windows PDF Information Disclosure Vulnerability,\" a different vulnerability than CVE-2016-3201." "value": "Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 1511, and Microsoft Edge allow remote attackers to obtain sensitive information from process memory via a crafted PDF document, aka \"Windows PDF Information Disclosure Vulnerability,\" a different vulnerability than CVE-2016-3201."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-370", "name": "MS16-080",
"refsource" : "MISC", "refsource": "MS",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-370" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-080"
}, },
{ {
"name" : "MS16-068", "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-370",
"refsource" : "MS", "refsource": "MISC",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068" "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-370"
}, },
{ {
"name" : "MS16-080", "name": "1036099",
"refsource" : "MS", "refsource": "SECTRACK",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-080" "url": "http://www.securitytracker.com/id/1036099"
}, },
{ {
"name" : "1036099", "name": "MS16-068",
"refsource" : "SECTRACK", "refsource": "MS",
"url" : "http://www.securitytracker.com/id/1036099" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-068"
} }
] ]
} }

80
2016/3xxx/CVE-2016-3555.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2016-3555", "ID": "CVE-2016-3555",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via vectors related to PGC / Excel Plugin." "value": "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via vectors related to PGC / Excel Plugin."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
}, },
{ {
"name" : "91787", "name": "1036402",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/91787" "url": "http://www.securitytracker.com/id/1036402"
}, },
{ {
"name" : "91997", "name": "91787",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/91997" "url": "http://www.securityfocus.com/bid/91787"
}, },
{ {
"name" : "1036402", "name": "91997",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1036402" "url": "http://www.securityfocus.com/bid/91997"
} }
] ]
} }

74
2016/3xxx/CVE-2016-3873.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-3873", "ID": "CVE-2016-3873",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 29518457." "value": "The NVIDIA kernel in Android before 2016-09-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 29518457."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://source.android.com/security/bulletin/2016-09-01.html", "name": "http://source.android.com/security/bulletin/2016-09-01.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://source.android.com/security/bulletin/2016-09-01.html" "url": "http://source.android.com/security/bulletin/2016-09-01.html"
}, },
{ {
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", "name": "1036763",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" "url": "http://www.securitytracker.com/id/1036763"
}, },
{ {
"name" : "1036763", "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1036763" "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561"
} }
] ]
} }

22
2016/6xxx/CVE-2016-6066.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6066", "ID": "CVE-2016-6066",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2016/6xxx/CVE-2016-6293.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6293", "ID": "CVE-2016-6293",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument." "value": "The uloc_acceptLanguageFromHTTP function in common/uloc.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ does not ensure that there is a '\\0' character at the end of a certain temporary array, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a call with a long httpAcceptLanguage argument."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160724 Re: Fwd: CVE for PHP 5.5.38 issues", "name": "http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://openwall.com/lists/oss-security/2016/07/24/2" "url": "http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4"
}, },
{ {
"name" : "http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4", "name": "https://bugs.php.net/72533",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://git.php.net/?p=php-src.git;a=commit;h=aa82e99ed8003c01f1ef4f0940e56b85c5b032d4" "url": "https://bugs.php.net/72533"
}, },
{ {
"name" : "https://bugs.php.net/72533", "name": "GLSA-201701-58",
"refsource" : "MISC", "refsource": "GENTOO",
"url" : "https://bugs.php.net/72533" "url": "https://security.gentoo.org/glsa/201701-58"
}, },
{ {
"name" : "GLSA-201701-58", "name": "[oss-security] 20160724 Re: Fwd: CVE for PHP 5.5.38 issues",
"refsource" : "GENTOO", "refsource": "MLIST",
"url" : "https://security.gentoo.org/glsa/201701-58" "url": "http://openwall.com/lists/oss-security/2016/07/24/2"
}, },
{ {
"name" : "92127", "name": "92127",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/92127" "url": "http://www.securityfocus.com/bid/92127"
} }
] ]
} }

86
2016/6xxx/CVE-2016-6914.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-6914", "ID": "CVE-2016-6914",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file." "value": "Ubiquiti UniFi Video before 3.8.0 for Windows uses weak permissions for the installation directory, which allows local users to gain SYSTEM privileges via a Trojan horse taskkill.exe file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "43390", "name": "102278",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/43390/" "url": "http://www.securityfocus.com/bid/102278"
}, },
{ {
"name" : "20171223 [CVE-2016-6914] Ubiquiti UniFi Video v3.7.3 (Windows) Local Privileges Escalation via Insecure Directory Permissions", "name": "20171223 [CVE-2016-6914] Ubiquiti UniFi Video v3.7.3 (Windows) Local Privileges Escalation via Insecure Directory Permissions",
"refsource" : "FULLDISC", "refsource": "FULLDISC",
"url" : "http://seclists.org/fulldisclosure/2017/Dec/83" "url": "http://seclists.org/fulldisclosure/2017/Dec/83"
}, },
{ {
"name" : "http://packetstormsecurity.com/files/145533/Ubiquiti-UniFi-Video-3.7.3-Windows-Local-Privilege-Escalation.html", "name": "https://hackerone.com/reports/140793",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://packetstormsecurity.com/files/145533/Ubiquiti-UniFi-Video-3.7.3-Windows-Local-Privilege-Escalation.html" "url": "https://hackerone.com/reports/140793"
}, },
{ {
"name" : "https://hackerone.com/reports/140793", "name": "43390",
"refsource" : "MISC", "refsource": "EXPLOIT-DB",
"url" : "https://hackerone.com/reports/140793" "url": "https://www.exploit-db.com/exploits/43390/"
}, },
{ {
"name" : "102278", "name": "http://packetstormsecurity.com/files/145533/Ubiquiti-UniFi-Video-3.7.3-Windows-Local-Privilege-Escalation.html",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/102278" "url": "http://packetstormsecurity.com/files/145533/Ubiquiti-UniFi-Video-3.7.3-Windows-Local-Privilege-Escalation.html"
} }
] ]
} }

68
2016/7xxx/CVE-2016-7160.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7160", "ID": "CVE-2016-7160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248." "value": "A vulnerability on Samsung Mobile M(6.0) devices exists because external access to SystemUI activities is not properly restricted, leading to a SystemUI crash and device restart, aka SVE-2016-6248."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://security.samsungmobile.com/smrupdate.html#SMR-SEP-2016", "name": "http://security.samsungmobile.com/smrupdate.html#SMR-SEP-2016",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://security.samsungmobile.com/smrupdate.html#SMR-SEP-2016" "url": "http://security.samsungmobile.com/smrupdate.html#SMR-SEP-2016"
}, },
{ {
"name" : "94120", "name": "94120",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/94120" "url": "http://www.securityfocus.com/bid/94120"
} }
] ]
} }

74
2016/7xxx/CVE-2016-7221.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2016-7221", "ID": "CVE-2016-7221",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles DLL loading, which allows local users to gain privileges via unspecified vectors, aka \"Windows IME Elevation of Privilege Vulnerability.\"" "value": "Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles DLL loading, which allows local users to gain privileges via unspecified vectors, aka \"Windows IME Elevation of Privilege Vulnerability.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "MS16-130", "name": "MS16-130",
"refsource" : "MS", "refsource": "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-130" "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-130"
}, },
{ {
"name" : "94021", "name": "1037241",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/94021" "url": "http://www.securitytracker.com/id/1037241"
}, },
{ {
"name" : "1037241", "name": "94021",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1037241" "url": "http://www.securityfocus.com/bid/94021"
} }
] ]
} }

122
2016/7xxx/CVE-2016-7433.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7433", "ID": "CVE-2016-7433",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a \"root distance that did not include the peer dispersion.\"" "value": "NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a \"root distance that did not include the peer dispersion.\""
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://nwtime.org/ntp428p9_release/", "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://nwtime.org/ntp428p9_release/" "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us"
}, },
{ {
"name" : "http://support.ntp.org/bin/view/Main/NtpBug3067", "name": "RHSA-2017:0252",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://support.ntp.org/bin/view/Main/NtpBug3067" "url": "http://rhn.redhat.com/errata/RHSA-2017-0252.html"
}, },
{ {
"name" : "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities", "name": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities" "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"
}, },
{ {
"name" : "https://bto.bluecoat.com/security-advisory/sa139", "name": "http://nwtime.org/ntp428p9_release/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bto.bluecoat.com/security-advisory/sa139" "url": "http://nwtime.org/ntp428p9_release/"
}, },
{ {
"name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us", "name": "VU#633847",
"refsource" : "CONFIRM", "refsource": "CERT-VN",
"url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us" "url": "https://www.kb.cert.org/vuls/id/633847"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
}, },
{ {
"name" : "FreeBSD-SA-16:39", "name": "1037354",
"refsource" : "FREEBSD", "refsource": "SECTRACK",
"url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc" "url": "http://www.securitytracker.com/id/1037354"
}, },
{ {
"name" : "RHSA-2017:0252", "name": "https://bto.bluecoat.com/security-advisory/sa139",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0252.html" "url": "https://bto.bluecoat.com/security-advisory/sa139"
}, },
{ {
"name" : "VU#633847", "name": "94455",
"refsource" : "CERT-VN", "refsource": "BID",
"url" : "https://www.kb.cert.org/vuls/id/633847" "url": "http://www.securityfocus.com/bid/94455"
}, },
{ {
"name" : "94455", "name": "FreeBSD-SA-16:39",
"refsource" : "BID", "refsource": "FREEBSD",
"url" : "http://www.securityfocus.com/bid/94455" "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc"
}, },
{ {
"name" : "1037354", "name": "http://support.ntp.org/bin/view/Main/NtpBug3067",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037354" "url": "http://support.ntp.org/bin/view/Main/NtpBug3067"
} }
] ]
} }

80
2016/7xxx/CVE-2016-7499.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2016-7499", "ID": "CVE-2016-7499",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file." "value": "The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20160921 Re: libav: divide-by-zero in sbr_make_f_master (aacsbr.c)", "name": "93102",
"refsource" : "MLIST", "refsource": "BID",
"url" : "http://www.openwall.com/lists/oss-security/2016/09/21/9" "url": "http://www.securityfocus.com/bid/93102"
}, },
{ {
"name" : "https://blogs.gentoo.org/ago/2016/09/21/libav-divide-by-zero-in-sbr_make_f_master-aacsbr-c/", "name": "[oss-security] 20160921 Re: libav: divide-by-zero in sbr_make_f_master (aacsbr.c)",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "https://blogs.gentoo.org/ago/2016/09/21/libav-divide-by-zero-in-sbr_make_f_master-aacsbr-c/" "url": "http://www.openwall.com/lists/oss-security/2016/09/21/9"
}, },
{ {
"name" : "https://git.libav.org/?p=libav.git;a=blobdiff;f=libavcodec/aacsbr.c;h=7d156e525b40b197c38db17acf16730845b91e56;hp=dbfb1677813ce6c531e4362d0be7ccf9fdfdd28e;hb=a50a5ff29ec5a8243499769e2bb9b5509ce9fd52;hpb=f55e3ff5891daf3d538b4d9176371960200d68fa", "name": "https://git.libav.org/?p=libav.git;a=blobdiff;f=libavcodec/aacsbr.c;h=7d156e525b40b197c38db17acf16730845b91e56;hp=dbfb1677813ce6c531e4362d0be7ccf9fdfdd28e;hb=a50a5ff29ec5a8243499769e2bb9b5509ce9fd52;hpb=f55e3ff5891daf3d538b4d9176371960200d68fa",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://git.libav.org/?p=libav.git;a=blobdiff;f=libavcodec/aacsbr.c;h=7d156e525b40b197c38db17acf16730845b91e56;hp=dbfb1677813ce6c531e4362d0be7ccf9fdfdd28e;hb=a50a5ff29ec5a8243499769e2bb9b5509ce9fd52;hpb=f55e3ff5891daf3d538b4d9176371960200d68fa" "url": "https://git.libav.org/?p=libav.git;a=blobdiff;f=libavcodec/aacsbr.c;h=7d156e525b40b197c38db17acf16730845b91e56;hp=dbfb1677813ce6c531e4362d0be7ccf9fdfdd28e;hb=a50a5ff29ec5a8243499769e2bb9b5509ce9fd52;hpb=f55e3ff5891daf3d538b4d9176371960200d68fa"
}, },
{ {
"name" : "93102", "name": "https://blogs.gentoo.org/ago/2016/09/21/libav-divide-by-zero-in-sbr_make_f_master-aacsbr-c/",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/93102" "url": "https://blogs.gentoo.org/ago/2016/09/21/libav-divide-by-zero-in-sbr_make_f_master-aacsbr-c/"
} }
] ]
} }

98
2016/7xxx/CVE-2016-7586.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2016-7586", "ID": "CVE-2016-7586",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to obtain sensitive information via a crafted web site." "value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. iCloud before 6.1 is affected. iTunes before 12.5.4 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to obtain sensitive information via a crafted web site."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://support.apple.com/HT207421", "name": "https://support.apple.com/HT207427",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT207421" "url": "https://support.apple.com/HT207427"
}, },
{ {
"name" : "https://support.apple.com/HT207422", "name": "94907",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://support.apple.com/HT207422" "url": "http://www.securityfocus.com/bid/94907"
}, },
{ {
"name" : "https://support.apple.com/HT207424", "name": "https://support.apple.com/HT207421",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.apple.com/HT207424" "url": "https://support.apple.com/HT207421"
}, },
{ {
"name" : "https://support.apple.com/HT207427", "name": "1037459",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "https://support.apple.com/HT207427" "url": "http://www.securitytracker.com/id/1037459"
}, },
{ {
"name" : "GLSA-201706-15", "name": "https://support.apple.com/HT207422",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "https://security.gentoo.org/glsa/201706-15" "url": "https://support.apple.com/HT207422"
}, },
{ {
"name" : "94907", "name": "GLSA-201706-15",
"refsource" : "BID", "refsource": "GENTOO",
"url" : "http://www.securityfocus.com/bid/94907" "url": "https://security.gentoo.org/glsa/201706-15"
}, },
{ {
"name" : "1037459", "name": "https://support.apple.com/HT207424",
"refsource" : "SECTRACK", "refsource": "CONFIRM",
"url" : "http://www.securitytracker.com/id/1037459" "url": "https://support.apple.com/HT207424"
} }
] ]
} }

62
2016/8xxx/CVE-2016-8008.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"ID" : "CVE-2016-8008", "ID": "CVE-2016-8008",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Security Scan Plus (SSP)", "product_name": "Security Scan Plus (SSP)",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.11.376" "version_value": "3.11.376"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel" "vendor_name": "Intel"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system." "value": "Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus (SSP) 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Privilege escalation vulnerability" "value": "Privilege escalation vulnerability"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102593", "name": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102593",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102593" "url": "https://service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102593"
} }
] ]
} }

68
2016/8xxx/CVE-2016-8101.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"ID" : "CVE-2016-8101", "ID": "CVE-2016-8101",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The updater subsystem in Intel SSD Toolbox before 3.3.7 allows local users to gain privileges via unspecified vectors." "value": "The updater subsystem in Intel SSD Toolbox before 3.3.7 allows local users to gain privileges via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00061&languageid=en-fr", "name": "93482",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00061&languageid=en-fr" "url": "http://www.securityfocus.com/bid/93482"
}, },
{ {
"name" : "93482", "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00061&languageid=en-fr",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/93482" "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00061&languageid=en-fr"
} }
] ]
} }

68
2016/8xxx/CVE-2016-8104.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@intel.com", "ASSIGNER": "secure@intel.com",
"ID" : "CVE-2016-8104", "ID": "CVE-2016-8104",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Intel PROSet/Wireless Software and Drivers", "product_name": "Intel PROSet/Wireless Software and Drivers",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Before version 19.20.3" "version_value": "Before version 19.20.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Intel" "vendor_name": "Intel"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service." "value": "Buffer overflow in Intel PROSet/Wireless Software and Drivers in versions before 19.20.3 allows a local user to crash iframewrk.exe causing a potential denial of service."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Denial of Service" "value": "Denial of Service"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00065&languageid=en-fr", "name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00065&languageid=en-fr",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00065&languageid=en-fr" "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00065&languageid=en-fr"
}, },
{ {
"name" : "95017", "name": "95017",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/95017" "url": "http://www.securityfocus.com/bid/95017"
} }
] ]
} }

68
2016/8xxx/CVE-2016-8396.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2016-8396", "ID": "CVE-2016-8396",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An information disclosure vulnerability in the MediaTek video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-31249105." "value": "An information disclosure vulnerability in the MediaTek video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: N/A. Android ID: A-31249105."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Information disclosure" "value": "Information disclosure"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2016-12-01.html", "name": "https://source.android.com/security/bulletin/2016-12-01.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2016-12-01.html" "url": "https://source.android.com/security/bulletin/2016-12-01.html"
}, },
{ {
"name" : "94712", "name": "94712",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/94712" "url": "http://www.securityfocus.com/bid/94712"
} }
] ]
} }