From 068a1c5180443b06d0bef8b4dc24d6988a93e41b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 00:10:19 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2001/1xxx/CVE-2001-1111.json | 140 +++++------ 2001/1xxx/CVE-2001-1344.json | 140 +++++------ 2001/1xxx/CVE-2001-1374.json | 180 +++++++------- 2006/2xxx/CVE-2006-2212.json | 170 ++++++------- 2006/2xxx/CVE-2006-2343.json | 150 +++++------ 2006/2xxx/CVE-2006-2349.json | 210 ++++++++-------- 2006/2xxx/CVE-2006-2600.json | 34 +-- 2006/2xxx/CVE-2006-2721.json | 140 +++++------ 2006/3xxx/CVE-2006-3827.json | 180 +++++++------- 2006/6xxx/CVE-2006-6015.json | 140 +++++------ 2006/6xxx/CVE-2006-6121.json | 240 +++++++++--------- 2006/6xxx/CVE-2006-6171.json | 250 +++++++++---------- 2006/6xxx/CVE-2006-6381.json | 150 +++++------ 2006/6xxx/CVE-2006-6841.json | 160 ++++++------ 2006/7xxx/CVE-2006-7140.json | 150 +++++------ 2011/0xxx/CVE-2011-0251.json | 150 +++++------ 2011/0xxx/CVE-2011-0517.json | 210 ++++++++-------- 2011/0xxx/CVE-2011-0566.json | 190 +++++++------- 2011/0xxx/CVE-2011-0814.json | 440 ++++++++++++++++----------------- 2011/1xxx/CVE-2011-1283.json | 140 +++++------ 2011/2xxx/CVE-2011-2480.json | 34 +-- 2011/2xxx/CVE-2011-2751.json | 130 +++++----- 2011/3xxx/CVE-2011-3111.json | 190 +++++++------- 2011/3xxx/CVE-2011-3197.json | 170 ++++++------- 2011/3xxx/CVE-2011-3526.json | 140 +++++------ 2011/3xxx/CVE-2011-3548.json | 380 ++++++++++++++-------------- 2011/3xxx/CVE-2011-3578.json | 290 +++++++++++----------- 2011/3xxx/CVE-2011-3762.json | 150 +++++------ 2011/4xxx/CVE-2011-4294.json | 140 +++++------ 2011/4xxx/CVE-2011-4837.json | 120 ++++----- 2011/4xxx/CVE-2011-4857.json | 150 +++++------ 2013/1xxx/CVE-2013-1007.json | 190 +++++++------- 2013/1xxx/CVE-2013-1837.json | 34 +-- 2013/5xxx/CVE-2013-5237.json | 34 +-- 2013/5xxx/CVE-2013-5245.json | 34 +-- 2013/5xxx/CVE-2013-5319.json | 190 +++++++------- 2013/5xxx/CVE-2013-5337.json | 34 +-- 2013/5xxx/CVE-2013-5457.json | 210 ++++++++-------- 2013/5xxx/CVE-2013-5829.json | 370 +++++++++++++-------------- 2014/2xxx/CVE-2014-2096.json | 150 +++++------ 2014/2xxx/CVE-2014-2354.json | 120 ++++----- 2014/2xxx/CVE-2014-2382.json | 140 +++++------ 2014/2xxx/CVE-2014-2611.json | 170 ++++++------- 2014/2xxx/CVE-2014-2873.json | 120 ++++----- 2014/2xxx/CVE-2014-2939.json | 120 ++++----- 2014/6xxx/CVE-2014-6094.json | 34 +-- 2014/6xxx/CVE-2014-6220.json | 34 +-- 2014/6xxx/CVE-2014-6449.json | 130 +++++----- 2014/6xxx/CVE-2014-6682.json | 140 +++++------ 2014/6xxx/CVE-2014-6690.json | 140 +++++------ 2014/6xxx/CVE-2014-6815.json | 140 +++++------ 2014/7xxx/CVE-2014-7620.json | 140 +++++------ 2014/7xxx/CVE-2014-7857.json | 160 ++++++------ 2017/18xxx/CVE-2017-18115.json | 34 +-- 2017/18xxx/CVE-2017-18278.json | 34 +-- 2017/1xxx/CVE-2017-1226.json | 140 +++++------ 2017/1xxx/CVE-2017-1349.json | 176 ++++++------- 2017/1xxx/CVE-2017-1469.json | 154 ++++++------ 2017/1xxx/CVE-2017-1610.json | 34 +-- 2017/1xxx/CVE-2017-1639.json | 34 +-- 2017/1xxx/CVE-2017-1881.json | 34 +-- 2017/4xxx/CVE-2017-4044.json | 34 +-- 2017/4xxx/CVE-2017-4256.json | 34 +-- 2017/4xxx/CVE-2017-4378.json | 34 +-- 2017/4xxx/CVE-2017-4854.json | 34 +-- 2017/5xxx/CVE-2017-5014.json | 180 +++++++------- 2017/5xxx/CVE-2017-5602.json | 160 ++++++------ 67 files changed, 4704 insertions(+), 4704 deletions(-) diff --git a/2001/1xxx/CVE-2001-1111.json b/2001/1xxx/CVE-2001-1111.json index 860eaf82f50..f9b64bd5e76 100644 --- a/2001/1xxx/CVE-2001-1111.json +++ b/2001/1xxx/CVE-2001-1111.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1111", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1111", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010912 EFTP Version 2.0.7.337 vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/213647" - }, - { - "name" : "eftp-plaintext-password(7116)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7116" - }, - { - "name" : "3332", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3332" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "eftp-plaintext-password(7116)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7116" + }, + { + "name": "20010912 EFTP Version 2.0.7.337 vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/213647" + }, + { + "name": "3332", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3332" + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1344.json b/2001/1xxx/CVE-2001-1344.json index c8022f72807..7cbfc746894 100644 --- a/2001/1xxx/CVE-2001-1344.json +++ b/2001/1xxx/CVE-2001-1344.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1344", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1344", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010612 bug", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-06/0142.html" - }, - { - "name" : "2860", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2860" - }, - { - "name" : "webstore-cgi-command-execution(6685)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6685" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20010612 bug", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0142.html" + }, + { + "name": "2860", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2860" + }, + { + "name": "webstore-cgi-command-execution(6685)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6685" + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1374.json b/2001/1xxx/CVE-2001-1374.json index e293778b2c6..f7d7a5ee48b 100644 --- a/2001/1xxx/CVE-2001-1374.json +++ b/2001/1xxx/CVE-2001-1374.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1374", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1374", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187" - }, - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224" - }, - { - "name" : "CLA-2001:409", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409" - }, - { - "name" : "expect-insecure-library-search(6870)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6870" - }, - { - "name" : "3074", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3074" - }, - { - "name" : "RHSA-2002:148", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2002-148.html" - }, - { - "name" : "MDKSA-2002:060", - "refsource" : "MANDRAKE", - "url" : "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3074", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3074" + }, + { + "name": "MDKSA-2002:060", + "refsource": "MANDRAKE", + "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" + }, + { + "name": "RHSA-2002:148", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187" + }, + { + "name": "expect-insecure-library-search(6870)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6870" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224" + }, + { + "name": "CLA-2001:409", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2212.json b/2006/2xxx/CVE-2006-2212.json index 4d2ff8be491..9a39d157142 100644 --- a/2006/2xxx/CVE-2006-2212.json +++ b/2006/2xxx/CVE-2006-2212.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2212", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows remote attackers to execute arbitrary code via a long (1) USER or (2) PASS command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2212", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060504 [REWTERZ-20060504] - Sami FTP Server Remote Buffer Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/432944/100/0/threaded" - }, - { - "name" : "17835", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17835" - }, - { - "name" : "25670", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/25670" - }, - { - "name" : "1016031", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016031" - }, - { - "name" : "842", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/842" - }, - { - "name" : "sami-ftp-auth-bo(26254)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26254" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows remote attackers to execute arbitrary code via a long (1) USER or (2) PASS command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "842", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/842" + }, + { + "name": "25670", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/25670" + }, + { + "name": "20060504 [REWTERZ-20060504] - Sami FTP Server Remote Buffer Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/432944/100/0/threaded" + }, + { + "name": "17835", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17835" + }, + { + "name": "1016031", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016031" + }, + { + "name": "sami-ftp-auth-bo(26254)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26254" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2343.json b/2006/2xxx/CVE-2006-2343.json index bf7a9d4dfef..f68894a4bef 100644 --- a/2006/2xxx/CVE-2006-2343.json +++ b/2006/2xxx/CVE-2006-2343.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2343", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2343", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "17944", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17944" - }, - { - "name" : "ADV-2006-1774", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1774" - }, - { - "name" : "20067", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20067" - }, - { - "name" : "manageengineopmanager-search-xss(26381)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26381" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20067", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20067" + }, + { + "name": "17944", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17944" + }, + { + "name": "ADV-2006-1774", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1774" + }, + { + "name": "manageengineopmanager-search-xss(26381)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26381" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2349.json b/2006/2xxx/CVE-2006-2349.json index 25457987dd6..8b6b0ce90ec 100644 --- a/2006/2xxx/CVE-2006-2349.json +++ b/2006/2xxx/CVE-2006-2349.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2349", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to upload or modify arbitrary files, and execute arbitrary code, via a direct request to (1) common/html_editor/image_browser.upload.html, (2) common/html_editor/image_browser.html, or (3) common/html_editor/html_editor.html. NOTE: this can also be used for cross-site scripting (XSS) attacks by uploading cascading style sheet (.CSS) files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2349", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060511 Several flaws in e-business designer (eBD)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/433807/100/0/threaded" - }, - { - "name" : "20060616 Re: Several flaws in e-business designer (eBD)", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=115047779610633&w=2" - }, - { - "name" : "20060511 Several flaws in e-business designer (eBD)", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045980.html" - }, - { - "name" : "[ebd-devel] 20060502 actualizaciĆ³n de seguridad", - "refsource" : "MLIST", - "url" : "http://lists.oasyssoft.com/ebd-devel/200605/msg00000.html" - }, - { - "name" : "17933", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17933" - }, - { - "name" : "ADV-2006-1784", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1784" - }, - { - "name" : "1016326", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016326" - }, - { - "name" : "20071", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20071" - }, - { - "name" : "891", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/891" - }, - { - "name" : "ebd-multiple-auth-bypass(26474)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26474" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to upload or modify arbitrary files, and execute arbitrary code, via a direct request to (1) common/html_editor/image_browser.upload.html, (2) common/html_editor/image_browser.html, or (3) common/html_editor/html_editor.html. NOTE: this can also be used for cross-site scripting (XSS) attacks by uploading cascading style sheet (.CSS) files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060616 Re: Several flaws in e-business designer (eBD)", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=115047779610633&w=2" + }, + { + "name": "[ebd-devel] 20060502 actualizaci\u00f3n de seguridad", + "refsource": "MLIST", + "url": "http://lists.oasyssoft.com/ebd-devel/200605/msg00000.html" + }, + { + "name": "20071", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20071" + }, + { + "name": "891", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/891" + }, + { + "name": "ebd-multiple-auth-bypass(26474)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26474" + }, + { + "name": "20060511 Several flaws in e-business designer (eBD)", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045980.html" + }, + { + "name": "20060511 Several flaws in e-business designer (eBD)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/433807/100/0/threaded" + }, + { + "name": "17933", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17933" + }, + { + "name": "ADV-2006-1784", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1784" + }, + { + "name": "1016326", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016326" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2600.json b/2006/2xxx/CVE-2006-2600.json index aeeeb993006..14e93146d64 100644 --- a/2006/2xxx/CVE-2006-2600.json +++ b/2006/2xxx/CVE-2006-2600.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2600", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2588. Reason: This candidate is a duplicate of CVE-2006-2588. Notes: All CVE users should reference CVE-2006-2588 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2006-2600", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2588. Reason: This candidate is a duplicate of CVE-2006-2588. Notes: All CVE users should reference CVE-2006-2588 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2721.json b/2006/2xxx/CVE-2006-2721.json index 62919a68127..e4a924c42f3 100644 --- a/2006/2xxx/CVE-2006-2721.json +++ b/2006/2xxx/CVE-2006-2721.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2721", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. NOTE: this issue might be resultant from SQL injection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2721", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060528 VARIOMAT(advanced cms tool)SQL injection/XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435290/100/0/threaded" - }, - { - "name" : "999", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/999" - }, - { - "name" : "variomat-news-xss(26877)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. NOTE: this issue might be resultant from SQL injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "variomat-news-xss(26877)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26877" + }, + { + "name": "999", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/999" + }, + { + "name": "20060528 VARIOMAT(advanced cms tool)SQL injection/XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435290/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3827.json b/2006/3xxx/CVE-2006-3827.json index dae427976f4..9aec58a276d 100644 --- a/2006/3xxx/CVE-2006-3827.json +++ b/2006/3xxx/CVE-2006-3827.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3827", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3827", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060717 boastMachine <= 3.1 SQL Injection Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/440306/100/0/threaded" - }, - { - "name" : "http://www.acid-root.new.fr/advisories/boastmachine.txt", - "refsource" : "MISC", - "url" : "http://www.acid-root.new.fr/advisories/boastmachine.txt" - }, - { - "name" : "ADV-2006-2849", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2849" - }, - { - "name" : "1016515", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016515" - }, - { - "name" : "21066", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21066" - }, - { - "name" : "1252", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1252" - }, - { - "name" : "boastmachine-search-sql-injection(27769)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27769" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21066", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21066" + }, + { + "name": "boastmachine-search-sql-injection(27769)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27769" + }, + { + "name": "1016515", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016515" + }, + { + "name": "ADV-2006-2849", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2849" + }, + { + "name": "20060717 boastMachine <= 3.1 SQL Injection Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/440306/100/0/threaded" + }, + { + "name": "http://www.acid-root.new.fr/advisories/boastmachine.txt", + "refsource": "MISC", + "url": "http://www.acid-root.new.fr/advisories/boastmachine.txt" + }, + { + "name": "1252", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1252" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6015.json b/2006/6xxx/CVE-2006-6015.json index 7c6b1ba2494..12094f14cfa 100644 --- a/2006/6xxx/CVE-2006-6015.json +++ b/2006/6xxx/CVE-2006-6015.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6015", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6015", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061114 Apple Safari \"match\" Buffer Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/451542/100/0/threaded" - }, - { - "name" : "20061114 Re: Apple Safari \"match\" Buffer Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/451823/100/0/threaded" - }, - { - "name" : "21053", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21053" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21053", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21053" + }, + { + "name": "20061114 Re: Apple Safari \"match\" Buffer Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/451823/100/0/threaded" + }, + { + "name": "20061114 Apple Safari \"match\" Buffer Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/451542/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6121.json b/2006/6xxx/CVE-2006-6121.json index 6267445e056..66dae3d52d3 100644 --- a/2006/6xxx/CVE-2006-6121.json +++ b/2006/6xxx/CVE-2006-6121.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6121", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6121", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://vuln.sg/acerlunchapp-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/acerlunchapp-en.html" - }, - { - "name" : "ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip", - "refsource" : "MISC", - "url" : "ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip" - }, - { - "name" : "http://www.f-secure.com/weblog/archives/archive-012007.html#00001073", - "refsource" : "MISC", - "url" : "http://www.f-secure.com/weblog/archives/archive-012007.html#00001073" - }, - { - "name" : "http://global.acer.com/support/patch20070101.htm", - "refsource" : "CONFIRM", - "url" : "http://global.acer.com/support/patch20070101.htm" - }, - { - "name" : "HPSBST02214", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "SSRT071422", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "MS07-027", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027" - }, - { - "name" : "TA07-128A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" - }, - { - "name" : "VU#221700", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/221700" - }, - { - "name" : "21207", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21207" - }, - { - "name" : "ADV-2006-4602", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4602" - }, - { - "name" : "23003", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23003" - }, - { - "name" : "acer-lunchappaplunch-command-execution(30417)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30417" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23003", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23003" + }, + { + "name": "HPSBST02214", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip", + "refsource": "MISC", + "url": "ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip" + }, + { + "name": "http://global.acer.com/support/patch20070101.htm", + "refsource": "CONFIRM", + "url": "http://global.acer.com/support/patch20070101.htm" + }, + { + "name": "SSRT071422", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "ADV-2006-4602", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4602" + }, + { + "name": "MS07-027", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027" + }, + { + "name": "http://www.f-secure.com/weblog/archives/archive-012007.html#00001073", + "refsource": "MISC", + "url": "http://www.f-secure.com/weblog/archives/archive-012007.html#00001073" + }, + { + "name": "VU#221700", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/221700" + }, + { + "name": "TA07-128A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" + }, + { + "name": "21207", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21207" + }, + { + "name": "acer-lunchappaplunch-command-execution(30417)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30417" + }, + { + "name": "http://vuln.sg/acerlunchapp-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/acerlunchapp-en.html" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6171.json b/2006/6xxx/CVE-2006-6171.json index 56195d6185f..cd855b021a6 100644 --- a/2006/6xxx/CVE-2006-6171.json +++ b/2006/6xxx/CVE-2006-6171.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6171", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an error stemming from a vague initial disclosure. NOTE: ProFTPD developers dispute this issue, saying that the relevant memory location is overwritten by assignment before further use within the affected function, so this is not a vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6171", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820" - }, - { - "name" : "http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&sortby=date", - "refsource" : "MISC", - "url" : "http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&sortby=date" - }, - { - "name" : "DSA-1218", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1218" - }, - { - "name" : "DSA-1222", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1222" - }, - { - "name" : "GLSA-200611-26", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml" - }, - { - "name" : "MDKSA-2006:217-1", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1" - }, - { - "name" : "OpenPKG-SA-2006.035", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.035.html" - }, - { - "name" : "SSA:2006-335-02", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491" - }, - { - "name" : "2006-0070", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2006/0070" - }, - { - "name" : "23174", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23174" - }, - { - "name" : "23179", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23179" - }, - { - "name" : "23184", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23184" - }, - { - "name" : "23207", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23207" - }, - { - "name" : "23329", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23329" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an error stemming from a vague initial disclosure. NOTE: ProFTPD developers dispute this issue, saying that the relevant memory location is overwritten by assignment before further use within the affected function, so this is not a vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-1222", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1222" + }, + { + "name": "http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&sortby=date", + "refsource": "MISC", + "url": "http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&sortby=date" + }, + { + "name": "DSA-1218", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1218" + }, + { + "name": "23207", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23207" + }, + { + "name": "SSA:2006-335-02", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491" + }, + { + "name": "23174", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23174" + }, + { + "name": "MDKSA-2006:217-1", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1" + }, + { + "name": "2006-0070", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2006/0070" + }, + { + "name": "23329", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23329" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820" + }, + { + "name": "23184", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23184" + }, + { + "name": "23179", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23179" + }, + { + "name": "GLSA-200611-26", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml" + }, + { + "name": "OpenPKG-SA-2006.035", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.035.html" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6381.json b/2006/6xxx/CVE-2006-6381.json index 58b1baec033..c1358953dfc 100644 --- a/2006/6xxx/CVE-2006-6381.json +++ b/2006/6xxx/CVE-2006-6381.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6381", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in getfile.asp in Ultimate HelpDesk allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6381", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2881", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2881" - }, - { - "name" : "ADV-2006-4819", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4819" - }, - { - "name" : "23225", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23225" - }, - { - "name" : "ultimatehd-getfile-directory-traversal(30722)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30722" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in getfile.asp in Ultimate HelpDesk allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2881", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2881" + }, + { + "name": "23225", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23225" + }, + { + "name": "ADV-2006-4819", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4819" + }, + { + "name": "ultimatehd-getfile-directory-traversal(30722)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30722" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6841.json b/2006/6xxx/CVE-2006-6841.json index fd321a717a5..d4097f34336 100644 --- a/2006/6xxx/CVE-2006-6841.json +++ b/2006/6xxx/CVE-2006-6841.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6841", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6841", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624", - "refsource" : "CONFIRM", - "url" : "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980" - }, - { - "name" : "DSA-1488", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1488" - }, - { - "name" : "21806", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21806" - }, - { - "name" : "28871", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28871" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980" + }, + { + "name": "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624", + "refsource": "CONFIRM", + "url": "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624" + }, + { + "name": "28871", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28871" + }, + { + "name": "21806", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21806" + }, + { + "name": "DSA-1488", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1488" + } + ] + } +} \ No newline at end of file diff --git a/2006/7xxx/CVE-2006-7140.json b/2006/7xxx/CVE-2006-7140.json index e50685b0766..6171a40ab82 100644 --- a/2006/7xxx/CVE-2006-7140.json +++ b/2006/7xxx/CVE-2006-7140.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-7140", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-7140", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "102722", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1" - }, - { - "name" : "ADV-2006-4744", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4744" - }, - { - "name" : "oval:org.mitre.oval:def:1648", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1648" - }, - { - "name" : "23104", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23104" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102722", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1" + }, + { + "name": "ADV-2006-4744", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4744" + }, + { + "name": "23104", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23104" + }, + { + "name": "oval:org.mitre.oval:def:1648", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1648" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0251.json b/2011/0xxx/CVE-2011-0251.json index d0ef4a4bef9..d1780c938fe 100644 --- a/2011/0xxx/CVE-2011-0251.json +++ b/2011/0xxx/CVE-2011-0251.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0251", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2011-0251", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT5002", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT5002" - }, - { - "name" : "APPLE-SA-2011-08-03-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html" - }, - { - "name" : "APPLE-SA-2011-10-12-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" - }, - { - "name" : "oval:org.mitre.oval:def:16143", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16143" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:16143", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16143" + }, + { + "name": "APPLE-SA-2011-08-03-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html" + }, + { + "name": "APPLE-SA-2011-10-12-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" + }, + { + "name": "http://support.apple.com/kb/HT5002", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT5002" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0517.json b/2011/0xxx/CVE-2011-0517.json index 4f86ac0c9eb..a9bdec3883e 100644 --- a/2011/0xxx/CVE-2011-0517.json +++ b/2011/0xxx/CVE-2011-0517.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0517", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0517", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "15992", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/15992" - }, - { - "name" : "http://aluigi.org/adv/winlog_1-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.org/adv/winlog_1-adv.txt" - }, - { - "name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf", - "refsource" : "MISC", - "url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf" - }, - { - "name" : "VU#496040", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/496040" - }, - { - "name" : "45813", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45813" - }, - { - "name" : "70418", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/70418" - }, - { - "name" : "42894", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42894" - }, - { - "name" : "8280", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8280" - }, - { - "name" : "ADV-2011-0126", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0126" - }, - { - "name" : "winlog-tcpip-bo(64716)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64716" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "8280", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8280" + }, + { + "name": "http://aluigi.org/adv/winlog_1-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.org/adv/winlog_1-adv.txt" + }, + { + "name": "ADV-2011-0126", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0126" + }, + { + "name": "42894", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42894" + }, + { + "name": "70418", + "refsource": "OSVDB", + "url": "http://osvdb.org/70418" + }, + { + "name": "VU#496040", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/496040" + }, + { + "name": "45813", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45813" + }, + { + "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf", + "refsource": "MISC", + "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf" + }, + { + "name": "15992", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/15992" + }, + { + "name": "winlog-tcpip-bo(64716)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64716" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0566.json b/2011/0xxx/CVE-2011-0566.json index 2d4f1230f07..57599468715 100644 --- a/2011/0xxx/CVE-2011-0566.json +++ b/2011/0xxx/CVE-2011-0566.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0566", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2011-0566", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb11-03.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb11-03.html" - }, - { - "name" : "RHSA-2011:0301", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0301.html" - }, - { - "name" : "46198", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46198" - }, - { - "name" : "oval:org.mitre.oval:def:12630", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12630" - }, - { - "name" : "1025033", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025033" - }, - { - "name" : "43470", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43470" - }, - { - "name" : "ADV-2011-0337", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0337" - }, - { - "name" : "ADV-2011-0492", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0492" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2011-0492", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0492" + }, + { + "name": "43470", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43470" + }, + { + "name": "46198", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46198" + }, + { + "name": "RHSA-2011:0301", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html" + }, + { + "name": "ADV-2011-0337", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0337" + }, + { + "name": "1025033", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025033" + }, + { + "name": "oval:org.mitre.oval:def:12630", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12630" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0814.json b/2011/0xxx/CVE-2011-0814.json index fd505aad31e..1782ee7c427 100644 --- a/2011/0xxx/CVE-2011-0814.json +++ b/2011/0xxx/CVE-2011-0814.json @@ -1,222 +1,222 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0814", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2011-0814", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100144512", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100144512" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100147041", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100147041" - }, - { - "name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html" - }, - { - "name" : "http://www.ibm.com/developerworks/java/jdk/alerts/", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/developerworks/java/jdk/alerts/" - }, - { - "name" : "HPSBUX02697", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=132439520301822&w=2" - }, - { - "name" : "SSRT100591", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=132439520301822&w=2" - }, - { - "name" : "HPSBMU02797", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" - }, - { - "name" : "HPSBUX02777", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=133728004526190&w=2" - }, - { - "name" : "SSRT100854", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=133728004526190&w=2" - }, - { - "name" : "SSRT100867", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" - }, - { - "name" : "HPSBMU02799", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" - }, - { - "name" : "RHSA-2011:0860", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0860.html" - }, - { - "name" : "RHSA-2011:0938", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0938.html" - }, - { - "name" : "RHSA-2011:1087", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-1087.html" - }, - { - "name" : "RHSA-2011:1159", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-1159.html" - }, - { - "name" : "RHSA-2011:1265", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-1265.html" - }, - { - "name" : "RHSA-2013:1455", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" - }, - { - "name" : "SUSE-SA:2011:032", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html" - }, - { - "name" : "SUSE-SA:2011:030", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html" - }, - { - "name" : "SUSE-SA:2011:036", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html" - }, - { - "name" : "SUSE-SU-2011:0807", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html" - }, - { - "name" : "SUSE-SU-2011:0863", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html" - }, - { - "name" : "SUSE-SU-2011:0966", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00025.html" - }, - { - "name" : "openSUSE-SU-2011:0633", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html" - }, - { - "name" : "TA11-201A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA11-201A.html" - }, - { - "name" : "48145", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/48145" - }, - { - "name" : "oval:org.mitre.oval:def:14174", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14174" - }, - { - "name" : "oval:org.mitre.oval:def:14930", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14930" - }, - { - "name" : "44818", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44818" - }, - { - "name" : "44930", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44930" - }, - { - "name" : "49198", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49198" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html" + }, + { + "name": "SUSE-SU-2011:0863", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html" + }, + { + "name": "HPSBMU02799", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" + }, + { + "name": "RHSA-2011:1087", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-1087.html" + }, + { + "name": "TA11-201A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html" + }, + { + "name": "SUSE-SA:2011:036", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html" + }, + { + "name": "48145", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/48145" + }, + { + "name": "RHSA-2011:1159", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-1159.html" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100144512", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100144512" + }, + { + "name": "SUSE-SA:2011:032", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html" + }, + { + "name": "RHSA-2013:1455", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html" + }, + { + "name": "44818", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44818" + }, + { + "name": "SUSE-SU-2011:0966", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00025.html" + }, + { + "name": "RHSA-2011:0938", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0938.html" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100147041", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100147041" + }, + { + "name": "44930", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44930" + }, + { + "name": "SUSE-SA:2011:030", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html" + }, + { + "name": "oval:org.mitre.oval:def:14930", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14930" + }, + { + "name": "SSRT100591", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=132439520301822&w=2" + }, + { + "name": "SSRT100867", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2" + }, + { + "name": "49198", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49198" + }, + { + "name": "SUSE-SU-2011:0807", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html" + }, + { + "name": "openSUSE-SU-2011:0633", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html" + }, + { + "name": "HPSBUX02777", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=133728004526190&w=2" + }, + { + "name": "oval:org.mitre.oval:def:14174", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14174" + }, + { + "name": "HPSBUX02697", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=132439520301822&w=2" + }, + { + "name": "SSRT100854", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=133728004526190&w=2" + }, + { + "name": "RHSA-2011:1265", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html" + }, + { + "name": "RHSA-2011:0860", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0860.html" + }, + { + "name": "HPSBMU02797", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2" + }, + { + "name": "http://www.ibm.com/developerworks/java/jdk/alerts/", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/developerworks/java/jdk/alerts/" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1283.json b/2011/1xxx/CVE-2011-1283.json index bd47fb4589e..f9eeee37fe3 100644 --- a/2011/1xxx/CVE-2011-1283.json +++ b/2011/1xxx/CVE-2011-1283.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1283", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has a non-negative value before performing read and write operations, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka \"CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2011-1283", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS11-056", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-056" - }, - { - "name" : "TA11-193A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA11-193A.html" - }, - { - "name" : "oval:org.mitre.oval:def:12362", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12362" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has a non-negative value before performing read and write operations, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka \"CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:12362", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12362" + }, + { + "name": "TA11-193A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA11-193A.html" + }, + { + "name": "MS11-056", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-056" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2480.json b/2011/2xxx/CVE-2011-2480.json index 8b32deef669..f936c90faee 100644 --- a/2011/2xxx/CVE-2011-2480.json +++ b/2011/2xxx/CVE-2011-2480.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2480", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-2480", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2751.json b/2011/2xxx/CVE-2011-2751.json index b8bd996314f..90b6f6f8173 100644 --- a/2011/2xxx/CVE-2011-2751.json +++ b/2011/2xxx/CVE-2011-2751.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2751", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Parodia before 6.809 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-2751", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#246310", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/246310" - }, - { - "name" : "45093", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/45093" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Parodia before 6.809 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#246310", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/246310" + }, + { + "name": "45093", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/45093" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3111.json b/2011/3xxx/CVE-2011-3111.json index a85a98940d2..baf5a4017e2 100644 --- a/2011/3xxx/CVE-2011-3111.json +++ b/2011/3xxx/CVE-2011-3111.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3111", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3111", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=126414", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=126414" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html" - }, - { - "name" : "GLSA-201205-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201205-04.xml" - }, - { - "name" : "53679", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/53679" - }, - { - "name" : "oval:org.mitre.oval:def:15549", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15549" - }, - { - "name" : "1027098", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027098" - }, - { - "name" : "49277", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49277" - }, - { - "name" : "49306", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49306" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201205-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201205-04.xml" + }, + { + "name": "53679", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/53679" + }, + { + "name": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html" + }, + { + "name": "1027098", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027098" + }, + { + "name": "49306", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49306" + }, + { + "name": "49277", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49277" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=126414", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=126414" + }, + { + "name": "oval:org.mitre.oval:def:15549", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15549" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3197.json b/2011/3xxx/CVE-2011-3197.json index cb95b9a56bc..9a322ad5990 100644 --- a/2011/3xxx/CVE-2011-3197.json +++ b/2011/3xxx/CVE-2011-3197.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3197", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps_note parameter to dtcadmin/logPushlet.php vector." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-3197", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110813 Re: CVE request: multiple vulnerabilities in dtc", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/08/13/1" - }, - { - "name" : "[oss-security] 20110824 Re: Re: CVE request: multiple vulnerabilities in dtc", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/08/24/10" - }, - { - "name" : "http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/changelog;hb=3eb6ef5cea6c571aae5e49e1930de778eca280c3", - "refsource" : "CONFIRM", - "url" : "http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/changelog;hb=3eb6ef5cea6c571aae5e49e1930de778eca280c3" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498" - }, - { - "name" : "DSA-2365", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2365" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps_note parameter to dtcadmin/logPushlet.php vector." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487" + }, + { + "name": "[oss-security] 20110813 Re: CVE request: multiple vulnerabilities in dtc", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/08/13/1" + }, + { + "name": "[oss-security] 20110824 Re: Re: CVE request: multiple vulnerabilities in dtc", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/08/24/10" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498" + }, + { + "name": "DSA-2365", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2365" + }, + { + "name": "http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/changelog;hb=3eb6ef5cea6c571aae5e49e1930de778eca280c3", + "refsource": "CONFIRM", + "url": "http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/changelog;hb=3eb6ef5cea6c571aae5e49e1930de778eca280c3" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3526.json b/2011/3xxx/CVE-2011-3526.json index 101a72dfbc7..7f5d95a7c54 100644 --- a/2011/3xxx/CVE-2011-3526.json +++ b/2011/3xxx/CVE-2011-3526.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3526", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Siebel Core - UIF Server component in Oracle Siebel CRM 8.0.0 and 8.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2011-3526", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html" - }, - { - "name" : "50230", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/50230" - }, - { - "name" : "oscrm-acuifs-useri-unspecified(70800)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70800" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Siebel Core - UIF Server component in Oracle Siebel CRM 8.0.0 and 8.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html" + }, + { + "name": "50230", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/50230" + }, + { + "name": "oscrm-acuifs-useri-unspecified(70800)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70800" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3548.json b/2011/3xxx/CVE-2011-3548.json index d81c6745f0b..91b810da763 100644 --- a/2011/3xxx/CVE-2011-3548.json +++ b/2011/3xxx/CVE-2011-3548.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3548", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2011-3548", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html" - }, - { - "name" : "http://www.ibm.com/developerworks/java/jdk/alerts/", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/developerworks/java/jdk/alerts/" - }, - { - "name" : "GLSA-201406-32", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" - }, - { - "name" : "HPSBUX02730", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=132750579901589&w=2" - }, - { - "name" : "SSRT100710", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=132750579901589&w=2" - }, - { - "name" : "HPSBMU02797", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" - }, - { - "name" : "HPSBUX02760", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=133365109612558&w=2" - }, - { - "name" : "HPSBUX02777", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=133728004526190&w=2" - }, - { - "name" : "SSRT100805", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=133365109612558&w=2" - }, - { - "name" : "SSRT100854", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=133728004526190&w=2" - }, - { - "name" : "SSRT100867", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" - }, - { - "name" : "HPSBMU02799", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" - }, - { - "name" : "RHSA-2011:1384", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-1384.html" - }, - { - "name" : "RHSA-2011:1478", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-1478.html" - }, - { - "name" : "RHSA-2012:0006", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2012-0006.html" - }, - { - "name" : "RHSA-2013:1455", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" - }, - { - "name" : "SUSE-SU-2012:0114", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html" - }, - { - "name" : "SUSE-SU-2012:0122", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html" - }, - { - "name" : "USN-1263-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1263-1" - }, - { - "name" : "50211", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/50211" - }, - { - "name" : "76495", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/76495" - }, - { - "name" : "oval:org.mitre.oval:def:14492", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14492" - }, - { - "name" : "1026215", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1026215" - }, - { - "name" : "49198", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49198" - }, - { - "name" : "48692", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48692" - }, - { - "name" : "48308", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48308" - }, - { - "name" : "jre-awt-unspecified(70845)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70845" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201406-32", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" + }, + { + "name": "48692", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48692" + }, + { + "name": "HPSBMU02799", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" + }, + { + "name": "SSRT100805", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=133365109612558&w=2" + }, + { + "name": "48308", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48308" + }, + { + "name": "HPSBUX02730", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2" + }, + { + "name": "SUSE-SU-2012:0114", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html" + }, + { + "name": "50211", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/50211" + }, + { + "name": "RHSA-2013:1455", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html" + }, + { + "name": "SSRT100710", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2" + }, + { + "name": "RHSA-2011:1478", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html" + }, + { + "name": "RHSA-2011:1384", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html" + }, + { + "name": "SSRT100867", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2" + }, + { + "name": "49198", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49198" + }, + { + "name": "RHSA-2012:0006", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html" + }, + { + "name": "SUSE-SU-2012:0122", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html" + }, + { + "name": "jre-awt-unspecified(70845)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70845" + }, + { + "name": "76495", + "refsource": "OSVDB", + "url": "http://osvdb.org/76495" + }, + { + "name": "HPSBUX02777", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=133728004526190&w=2" + }, + { + "name": "HPSBUX02760", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=133365109612558&w=2" + }, + { + "name": "SSRT100854", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=133728004526190&w=2" + }, + { + "name": "1026215", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1026215" + }, + { + "name": "USN-1263-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1263-1" + }, + { + "name": "oval:org.mitre.oval:def:14492", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14492" + }, + { + "name": "HPSBMU02797", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2" + }, + { + "name": "http://www.ibm.com/developerworks/java/jdk/alerts/", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/developerworks/java/jdk/alerts/" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3578.json b/2011/3xxx/CVE-2011-3578.json index aaa11cfc8b0..96f139f4549 100644 --- a/2011/3xxx/CVE-2011-3578.json +++ b/2011/3xxx/CVE-2011-3578.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3578", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the action parameter, related to bug_actiongroup_page.php, a different vulnerability than CVE-2011-3357." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3578", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110905 Multiple vulnerabilities in MantisBT", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/519547/100/0/threaded" - }, - { - "name" : "[debian-security-tracker] 20110908 Security Fix for mantis stable 1.1.8", - "refsource" : "MLIST", - "url" : "http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html" - }, - { - "name" : "[oss-security] 20110904 CVE requests: