admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:10:19 +00:00
parent 38b6174405
commit 068a1c5180
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
67 changed files with 4704 additions and 4704 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

140
2001/1xxx/CVE-2001-1111.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1111", "ID": "CVE-2001-1111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010912 EFTP Version 2.0.7.337 vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/213647" "lang": "eng",
}, "value": "EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file."
{ }
"name" : "eftp-plaintext-password(7116)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7116" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3332", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/3332" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "eftp-plaintext-password(7116)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7116"
},
{
"name": "20010912 EFTP Version 2.0.7.337 vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/213647"
},
{
"name": "3332",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3332"
}
]
}
}

140
2001/1xxx/CVE-2001-1344.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1344", "ID": "CVE-2001-1344",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010612 bug", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2001-06/0142.html" "lang": "eng",
}, "value": "WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot)."
{ }
"name" : "2860", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/2860" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "webstore-cgi-command-execution(6685)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6685" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20010612 bug",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-06/0142.html"
},
{
"name": "2860",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2860"
},
{
"name": "webstore-cgi-command-execution(6685)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6685"
}
]
}
}

180
2001/1xxx/CVE-2001-1374.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1374", "ID": "CVE-2001-1374",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187" "lang": "eng",
}, "value": "expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd."
{ }
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CLA-2001:409", "description": [
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "expect-insecure-library-search(6870)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6870" ]
}, },
{ "references": {
"name" : "3074", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/3074" "name": "3074",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/3074"
"name" : "RHSA-2002:148", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2002-148.html" "name": "MDKSA-2002:060",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060"
"name" : "MDKSA-2002:060", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:060" "name": "RHSA-2002:148",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2002-148.html"
} },
} {
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=22187"
},
{
"name": "expect-insecure-library-search(6870)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6870"
},
{
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=28224"
},
{
"name": "CLA-2001:409",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000409"
}
]
}
}

170
2006/2xxx/CVE-2006-2212.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2212", "ID": "CVE-2006-2212",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows remote attackers to execute arbitrary code via a long (1) USER or (2) PASS command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060504 [REWTERZ-20060504] - Sami FTP Server Remote Buffer Overflow Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/432944/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows remote attackers to execute arbitrary code via a long (1) USER or (2) PASS command."
{ }
"name" : "17835", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/17835" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "25670", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/25670" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1016031", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1016031" ]
}, },
{ "references": {
"name" : "842", "reference_data": [
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/842" "name": "842",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/842"
"name" : "sami-ftp-auth-bo(26254)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26254" "name": "25670",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/25670"
} },
} {
"name": "20060504 [REWTERZ-20060504] - Sami FTP Server Remote Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432944/100/0/threaded"
},
{
"name": "17835",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17835"
},
{
"name": "1016031",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016031"
},
{
"name": "sami-ftp-auth-bo(26254)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26254"
}
]
}
}

150
2006/2xxx/CVE-2006-2343.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2343", "ID": "CVE-2006-2343",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "17944", "description_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17944" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
{ }
"name" : "ADV-2006-1774", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/1774" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20067", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20067" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "manageengineopmanager-search-xss(26381)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26381" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20067",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20067"
},
{
"name": "17944",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17944"
},
{
"name": "ADV-2006-1774",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1774"
},
{
"name": "manageengineopmanager-search-xss(26381)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26381"
}
]
}
}

210
2006/2xxx/CVE-2006-2349.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2349", "ID": "CVE-2006-2349",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to upload or modify arbitrary files, and execute arbitrary code, via a direct request to (1) common/html_editor/image_browser.upload.html, (2) common/html_editor/image_browser.html, or (3) common/html_editor/html_editor.html. NOTE: this can also be used for cross-site scripting (XSS) attacks by uploading cascading style sheet (.CSS) files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060511 Several flaws in e-business designer (eBD)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/433807/100/0/threaded" "lang": "eng",
}, "value": "E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to upload or modify arbitrary files, and execute arbitrary code, via a direct request to (1) common/html_editor/image_browser.upload.html, (2) common/html_editor/image_browser.html, or (3) common/html_editor/html_editor.html. NOTE: this can also be used for cross-site scripting (XSS) attacks by uploading cascading style sheet (.CSS) files."
{ }
"name" : "20060616 Re: Several flaws in e-business designer (eBD)", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=115047779610633&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20060511 Several flaws in e-business designer (eBD)", "description": [
"refsource" : "FULLDISC", {
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045980.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[ebd-devel] 20060502 actualización de seguridad", ]
"refsource" : "MLIST", }
"url" : "http://lists.oasyssoft.com/ebd-devel/200605/msg00000.html" ]
}, },
{ "references": {
"name" : "17933", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17933" "name": "20060616 Re: Several flaws in e-business designer (eBD)",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=115047779610633&w=2"
"name" : "ADV-2006-1784", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1784" "name": "[ebd-devel] 20060502 actualizaci\u00f3n de seguridad",
}, "refsource": "MLIST",
{ "url": "http://lists.oasyssoft.com/ebd-devel/200605/msg00000.html"
"name" : "1016326", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016326" "name": "20071",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20071"
"name" : "20071", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20071" "name": "891",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/891"
"name" : "891", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/891" "name": "ebd-multiple-auth-bypass(26474)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26474"
"name" : "ebd-multiple-auth-bypass(26474)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26474" "name": "20060511 Several flaws in e-business designer (eBD)",
} "refsource": "FULLDISC",
] "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045980.html"
} },
} {
"name": "20060511 Several flaws in e-business designer (eBD)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433807/100/0/threaded"
},
{
"name": "17933",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17933"
},
{
"name": "ADV-2006-1784",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1784"
},
{
"name": "1016326",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016326"
}
]
}
}

34
2006/2xxx/CVE-2006-2600.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2006-2600", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2006-2600",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2588. Reason: This candidate is a duplicate of CVE-2006-2588. Notes: All CVE users should reference CVE-2006-2588 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2588. Reason: This candidate is a duplicate of CVE-2006-2588. Notes: All CVE users should reference CVE-2006-2588 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }
} }

140
2006/2xxx/CVE-2006-2721.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2721", "ID": "CVE-2006-2721",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. NOTE: this issue might be resultant from SQL injection."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060528 VARIOMAT(advanced cms tool)SQL injection/XSS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/435290/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in news.php in VARIOMAT allows remote attackers to inject arbitrary HTML or web script via the subcat parameter. NOTE: this issue might be resultant from SQL injection."
{ }
"name" : "999", ]
"refsource" : "SREASON", },
"url" : "http://securityreason.com/securityalert/999" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "variomat-news-xss(26877)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26877" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "variomat-news-xss(26877)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26877"
},
{
"name": "999",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/999"
},
{
"name": "20060528 VARIOMAT(advanced cms tool)SQL injection/XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435290/100/0/threaded"
}
]
}
}

180
2006/3xxx/CVE-2006-3827.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3827", "ID": "CVE-2006-3827",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060717 boastMachine <= 3.1 SQL Injection Exploit", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/440306/100/0/threaded" "lang": "eng",
}, "value": "SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter."
{ }
"name" : "http://www.acid-root.new.fr/advisories/boastmachine.txt", ]
"refsource" : "MISC", },
"url" : "http://www.acid-root.new.fr/advisories/boastmachine.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-2849", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2849" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1016515", ]
"refsource" : "SECTRACK", }
"url" : "http://securitytracker.com/id?1016515" ]
}, },
{ "references": {
"name" : "21066", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21066" "name": "21066",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21066"
"name" : "1252", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/1252" "name": "boastmachine-search-sql-injection(27769)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27769"
"name" : "boastmachine-search-sql-injection(27769)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27769" "name": "1016515",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1016515"
} },
} {
"name": "ADV-2006-2849",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2849"
},
{
"name": "20060717 boastMachine <= 3.1 SQL Injection Exploit",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440306/100/0/threaded"
},
{
"name": "http://www.acid-root.new.fr/advisories/boastmachine.txt",
"refsource": "MISC",
"url": "http://www.acid-root.new.fr/advisories/boastmachine.txt"
},
{
"name": "1252",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1252"
}
]
}
}

140
2006/6xxx/CVE-2006-6015.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6015", "ID": "CVE-2006-6015",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20061114 Apple Safari \"match\" Buffer Overflow Vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/451542/100/0/threaded" "lang": "eng",
}, "value": "Buffer overflow in the JavaScript implementation in Safari on Apple Mac OS X 10.4 allows remote attackers to cause a denial of service (application crash) via a long argument to the exec method of a regular expression."
{ }
"name" : "20061114 Re: Apple Safari \"match\" Buffer Overflow Vulnerability", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/451823/100/0/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "21053", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21053" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "21053",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21053"
},
{
"name": "20061114 Re: Apple Safari \"match\" Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451823/100/0/threaded"
},
{
"name": "20061114 Apple Safari \"match\" Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451542/100/0/threaded"
}
]
}
}

240
2006/6xxx/CVE-2006-6121.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6121", "ID": "CVE-2006-6121",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://vuln.sg/acerlunchapp-en.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://vuln.sg/acerlunchapp-en.html" "lang": "eng",
}, "value": "Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method."
{ }
"name" : "ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip", ]
"refsource" : "MISC", },
"url" : "ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.f-secure.com/weblog/archives/archive-012007.html#00001073", "description": [
"refsource" : "MISC", {
"url" : "http://www.f-secure.com/weblog/archives/archive-012007.html#00001073" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://global.acer.com/support/patch20070101.htm", ]
"refsource" : "CONFIRM", }
"url" : "http://global.acer.com/support/patch20070101.htm" ]
}, },
{ "references": {
"name" : "HPSBST02214", "reference_data": [
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" "name": "23003",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23003"
"name" : "SSRT071422", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" "name": "HPSBST02214",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name" : "MS07-027", },
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027" "name": "ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip",
}, "refsource": "MISC",
{ "url": "ftp://ftp.support.acer-euro.com/utilities/LaunchAppFix/AcerLAppFix.zip"
"name" : "TA07-128A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" "name": "http://global.acer.com/support/patch20070101.htm",
}, "refsource": "CONFIRM",
{ "url": "http://global.acer.com/support/patch20070101.htm"
"name" : "VU#221700", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/221700" "name": "SSRT071422",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded"
"name" : "21207", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21207" "name": "ADV-2006-4602",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/4602"
"name" : "ADV-2006-4602", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4602" "name": "MS07-027",
}, "refsource": "MS",
{ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-027"
"name" : "23003", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23003" "name": "http://www.f-secure.com/weblog/archives/archive-012007.html#00001073",
}, "refsource": "MISC",
{ "url": "http://www.f-secure.com/weblog/archives/archive-012007.html#00001073"
"name" : "acer-lunchappaplunch-command-execution(30417)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30417" "name": "VU#221700",
} "refsource": "CERT-VN",
] "url": "http://www.kb.cert.org/vuls/id/221700"
} },
} {
"name": "TA07-128A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html"
},
{
"name": "21207",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21207"
},
{
"name": "acer-lunchappaplunch-command-execution(30417)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30417"
},
{
"name": "http://vuln.sg/acerlunchapp-en.html",
"refsource": "MISC",
"url": "http://vuln.sg/acerlunchapp-en.html"
}
]
}
}

250
2006/6xxx/CVE-2006-6171.json
View File

@ -1,127 +1,127 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6171", "ID": "CVE-2006-6171",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an error stemming from a vague initial disclosure. NOTE: ProFTPD developers dispute this issue, saying that the relevant memory location is overwritten by assignment before further use within the affected function, so this is not a vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820" "lang": "eng",
}, "value": "** DISPUTED ** ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an error stemming from a vague initial disclosure. NOTE: ProFTPD developers dispute this issue, saying that the relevant memory location is overwritten by assignment before further use within the affected function, so this is not a vulnerability."
{ }
"name" : "http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&sortby=date", ]
"refsource" : "MISC", },
"url" : "http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&sortby=date" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1218", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1218" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-1222", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2006/dsa-1222" ]
}, },
{ "references": {
"name" : "GLSA-200611-26", "reference_data": [
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml" "name": "DSA-1222",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1222"
"name" : "MDKSA-2006:217-1", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1" "name": "http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&sortby=date",
}, "refsource": "MISC",
{ "url": "http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&sortby=date"
"name" : "OpenPKG-SA-2006.035", },
"refsource" : "OPENPKG", {
"url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.035.html" "name": "DSA-1218",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1218"
"name" : "SSA:2006-335-02", },
"refsource" : "SLACKWARE", {
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491" "name": "23207",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23207"
"name" : "2006-0070", },
"refsource" : "TRUSTIX", {
"url" : "http://www.trustix.org/errata/2006/0070" "name": "SSA:2006-335-02",
}, "refsource": "SLACKWARE",
{ "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.502491"
"name" : "23174", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23174" "name": "23174",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23174"
"name" : "23179", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23179" "name": "MDKSA-2006:217-1",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1"
"name" : "23184", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23184" "name": "2006-0070",
}, "refsource": "TRUSTIX",
{ "url": "http://www.trustix.org/errata/2006/0070"
"name" : "23207", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23207" "name": "23329",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23329"
"name" : "23329", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23329" "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214820"
} },
} {
"name": "23184",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23184"
},
{
"name": "23179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23179"
},
{
"name": "GLSA-200611-26",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200611-26.xml"
},
{
"name": "OpenPKG-SA-2006.035",
"refsource": "OPENPKG",
"url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.035.html"
}
]
}
}

150
2006/6xxx/CVE-2006-6381.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6381", "ID": "CVE-2006-6381",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in getfile.asp in Ultimate HelpDesk allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2881", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2881" "lang": "eng",
}, "value": "Directory traversal vulnerability in getfile.asp in Ultimate HelpDesk allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
{ }
"name" : "ADV-2006-4819", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/4819" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "23225", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23225" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "ultimatehd-getfile-directory-traversal(30722)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30722" ]
} },
] "references": {
} "reference_data": [
} {
"name": "2881",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2881"
},
{
"name": "23225",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23225"
},
{
"name": "ADV-2006-4819",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4819"
},
{
"name": "ultimatehd-getfile-directory-traversal(30722)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30722"
}
]
}
}

160
2006/6xxx/CVE-2006-6841.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6841", "ID": "CVE-2006-6841",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624" "lang": "eng",
}, "value": "Certain forms in phpBB before 2.0.22 lack session checks, which has unknown impact and remote attack vectors."
{ }
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980", ]
"refsource" : "CONFIRM", },
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1488", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2008/dsa-1488" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "21806", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/21806" ]
}, },
{ "references": {
"name" : "28871", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/28871" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980",
} "refsource": "CONFIRM",
] "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=405980"
} },
} {
"name": "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624",
"refsource": "CONFIRM",
"url": "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624"
},
{
"name": "28871",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28871"
},
{
"name": "21806",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21806"
},
{
"name": "DSA-1488",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2008/dsa-1488"
}
]
}
}

150
2006/7xxx/CVE-2006-7140.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7140", "ID": "CVE-2006-7140",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "102722", "description_data": [
"refsource" : "SUNALERT", {
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1" "lang": "eng",
}, "value": "The libike library, as used by in.iked, elfsign, and kcfd in Sun Solaris 9 and 10, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents libike from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339."
{ }
"name" : "ADV-2006-4744", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/4744" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:1648", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1648" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23104", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/23104" ]
} },
] "references": {
} "reference_data": [
} {
"name": "102722",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1"
},
{
"name": "ADV-2006-4744",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4744"
},
{
"name": "23104",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23104"
},
{
"name": "oval:org.mitre.oval:def:1648",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1648"
}
]
}
}

150
2011/0xxx/CVE-2011-0251.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-0251", "ID": "CVE-2011-0251",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT5002", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5002" "lang": "eng",
}, "value": "Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSZ atoms in a QuickTime movie file."
{ }
"name" : "APPLE-SA-2011-08-03-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "APPLE-SA-2011-10-12-3", "description": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:16143", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16143" ]
} },
] "references": {
} "reference_data": [
} {
"name": "oval:org.mitre.oval:def:16143",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16143"
},
{
"name": "APPLE-SA-2011-08-03-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
},
{
"name": "APPLE-SA-2011-10-12-3",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html"
},
{
"name": "http://support.apple.com/kb/HT5002",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5002"
}
]
}
}

210
2011/0xxx/CVE-2011-0517.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0517", "ID": "CVE-2011-0517",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "15992", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/15992" "lang": "eng",
}, "value": "Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823."
{ }
"name" : "http://aluigi.org/adv/winlog_1-adv.txt", ]
"refsource" : "MISC", },
"url" : "http://aluigi.org/adv/winlog_1-adv.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf", "description": [
"refsource" : "MISC", {
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#496040", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/496040" ]
}, },
{ "references": {
"name" : "45813", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/45813" "name": "8280",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/8280"
"name" : "70418", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/70418" "name": "http://aluigi.org/adv/winlog_1-adv.txt",
}, "refsource": "MISC",
{ "url": "http://aluigi.org/adv/winlog_1-adv.txt"
"name" : "42894", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/42894" "name": "ADV-2011-0126",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0126"
"name" : "8280", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8280" "name": "42894",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/42894"
"name" : "ADV-2011-0126", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0126" "name": "70418",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/70418"
"name" : "winlog-tcpip-bo(64716)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64716" "name": "VU#496040",
} "refsource": "CERT-VN",
] "url": "http://www.kb.cert.org/vuls/id/496040"
} },
} {
"name": "45813",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45813"
},
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-017-02.pdf"
},
{
"name": "15992",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/15992"
},
{
"name": "winlog-tcpip-bo(64716)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64716"
}
]
}
}

190
2011/0xxx/CVE-2011-0566.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2011-0566", "ID": "CVE-2011-0566",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-03.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-03.html" "lang": "eng",
}, "value": "Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603."
{ }
"name" : "RHSA-2011:0301", ]
"refsource" : "REDHAT", },
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0301.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "46198", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/46198" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:12630", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12630" ]
}, },
{ "references": {
"name" : "1025033", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1025033" "name": "ADV-2011-0492",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2011/0492"
"name" : "43470", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/43470" "name": "43470",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/43470"
"name" : "ADV-2011-0337", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0337" "name": "46198",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/46198"
"name" : "ADV-2011-0492", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2011/0492" "name": "RHSA-2011:0301",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2011-0301.html"
} },
} {
"name": "ADV-2011-0337",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0337"
},
{
"name": "1025033",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025033"
},
{
"name": "oval:org.mitre.oval:def:12630",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12630"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-03.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-03.html"
}
]
}
}

440
2011/0xxx/CVE-2011-0814.json
View File

@ -1,222 +1,222 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-0814", "ID": "CVE-2011-0814",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound, a different vulnerability than CVE-2011-0802."
{ }
"name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.avaya.com/css/P8/documents/100144512", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.avaya.com/css/P8/documents/100144512" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://support.avaya.com/css/P8/documents/100147041", ]
"refsource" : "CONFIRM", }
"url" : "http://support.avaya.com/css/P8/documents/100147041" ]
}, },
{ "references": {
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html" "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html"
"name" : "http://www.ibm.com/developerworks/java/jdk/alerts/", },
"refsource" : "CONFIRM", {
"url" : "http://www.ibm.com/developerworks/java/jdk/alerts/" "name": "SUSE-SU-2011:0863",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html"
"name" : "HPSBUX02697", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=132439520301822&w=2" "name": "HPSBMU02799",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
"name" : "SSRT100591", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=132439520301822&w=2" "name": "RHSA-2011:1087",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1087.html"
"name" : "HPSBMU02797", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "name": "TA11-201A",
}, "refsource": "CERT",
{ "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"
"name" : "HPSBUX02777", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=133728004526190&w=2" "name": "SUSE-SA:2011:036",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html"
"name" : "SSRT100854", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=133728004526190&w=2" "name": "48145",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/48145"
"name" : "SSRT100867", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "name": "RHSA-2011:1159",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1159.html"
"name" : "HPSBMU02799", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" "name": "http://support.avaya.com/css/P8/documents/100144512",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100144512"
"name" : "RHSA-2011:0860", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0860.html" "name": "SUSE-SA:2011:032",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html"
"name" : "RHSA-2011:0938", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0938.html" "name": "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html"
"name" : "RHSA-2011:1087", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1087.html" "name": "RHSA-2013:1455",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
"name" : "RHSA-2011:1159", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1159.html" "name": "44818",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44818"
"name" : "RHSA-2011:1265", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1265.html" "name": "SUSE-SU-2011:0966",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00025.html"
"name" : "RHSA-2013:1455", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" "name": "RHSA-2011:0938",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-0938.html"
"name" : "SUSE-SA:2011:032", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html" "name": "http://support.avaya.com/css/P8/documents/100147041",
}, "refsource": "CONFIRM",
{ "url": "http://support.avaya.com/css/P8/documents/100147041"
"name" : "SUSE-SA:2011:030", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html" "name": "44930",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/44930"
"name" : "SUSE-SA:2011:036", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html" "name": "SUSE-SA:2011:030",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html"
"name" : "SUSE-SU-2011:0807", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html" "name": "oval:org.mitre.oval:def:14930",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14930"
"name" : "SUSE-SU-2011:0863", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html" "name": "SSRT100591",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=132439520301822&w=2"
"name" : "SUSE-SU-2011:0966", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00025.html" "name": "SSRT100867",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
"name" : "openSUSE-SU-2011:0633", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html" "name": "49198",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49198"
"name" : "TA11-201A", },
"refsource" : "CERT", {
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-201A.html" "name": "SUSE-SU-2011:0807",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html"
"name" : "48145", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/48145" "name": "openSUSE-SU-2011:0633",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html"
"name" : "oval:org.mitre.oval:def:14174", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14174" "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"
"name" : "oval:org.mitre.oval:def:14930", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14930" "name": "HPSBUX02777",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=133728004526190&w=2"
"name" : "44818", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44818" "name": "oval:org.mitre.oval:def:14174",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14174"
"name" : "44930", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/44930" "name": "HPSBUX02697",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=132439520301822&w=2"
"name" : "49198", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49198" "name": "SSRT100854",
} "refsource": "HP",
] "url": "http://marc.info/?l=bugtraq&m=133728004526190&w=2"
} },
} {
"name": "RHSA-2011:1265",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
},
{
"name": "RHSA-2011:0860",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0860.html"
},
{
"name": "HPSBMU02797",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
]
}
}

140
2011/1xxx/CVE-2011-1283.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2011-1283", "ID": "CVE-2011-1283",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has a non-negative value before performing read and write operations, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka \"CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS11-056", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-056" "lang": "eng",
}, "value": "The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 does not ensure that an unspecified array index has a non-negative value before performing read and write operations, which allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that triggers an incorrect memory assignment for a user transaction, aka \"CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability.\""
{ }
"name" : "TA11-193A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-193A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:12362", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12362" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:12362",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12362"
},
{
"name": "TA11-193A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-193A.html"
},
{
"name": "MS11-056",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-056"
}
]
}
}

34
2011/2xxx/CVE-2011-2480.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2480", "ID": "CVE-2011-2480",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2011/2xxx/CVE-2011-2751.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2751", "ID": "CVE-2011-2751",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Parodia before 6.809 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#246310", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/246310" "lang": "eng",
}, "value": "SQL injection vulnerability in Parodia before 6.809 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
{ }
"name" : "45093", ]
"refsource" : "SECUNIA", },
"url" : "http://secunia.com/advisories/45093" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#246310",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/246310"
},
{
"name": "45093",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45093"
}
]
}
}

190
2011/3xxx/CVE-2011-3111.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3111", "ID": "CVE-2011-3111",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://code.google.com/p/chromium/issues/detail?id=126414", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://code.google.com/p/chromium/issues/detail?id=126414" "lang": "eng",
}, "value": "Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors."
{ }
"name" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html", ]
"refsource" : "CONFIRM", },
"url" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201205-04", "description": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201205-04.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "53679", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/53679" ]
}, },
{ "references": {
"name" : "oval:org.mitre.oval:def:15549", "reference_data": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15549" "name": "GLSA-201205-04",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201205-04.xml"
"name" : "1027098", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027098" "name": "53679",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/53679"
"name" : "49277", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49277" "name": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html",
}, "refsource": "CONFIRM",
{ "url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html"
"name" : "49306", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49306" "name": "1027098",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1027098"
} },
} {
"name": "49306",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49306"
},
{
"name": "49277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49277"
},
{
"name": "http://code.google.com/p/chromium/issues/detail?id=126414",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=126414"
},
{
"name": "oval:org.mitre.oval:def:15549",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15549"
}
]
}
}

170
2011/3xxx/CVE-2011-3197.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-3197", "ID": "CVE-2011-3197",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps_note parameter to dtcadmin/logPushlet.php vector."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20110813 Re: CVE request: multiple vulnerabilities in dtc", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/08/13/1" "lang": "eng",
}, "value": "SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps_note parameter to dtcadmin/logPushlet.php vector."
{ }
"name" : "[oss-security] 20110824 Re: Re: CVE request: multiple vulnerabilities in dtc", ]
"refsource" : "MLIST", },
"url" : "http://www.openwall.com/lists/oss-security/2011/08/24/10" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/changelog;hb=3eb6ef5cea6c571aae5e49e1930de778eca280c3", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/changelog;hb=3eb6ef5cea6c571aae5e49e1930de778eca280c3" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487", ]
"refsource" : "CONFIRM", }
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487" ]
}, },
{ "references": {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498" "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487"
"name" : "DSA-2365", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2011/dsa-2365" "name": "[oss-security] 20110813 Re: CVE request: multiple vulnerabilities in dtc",
} "refsource": "MLIST",
] "url": "http://www.openwall.com/lists/oss-security/2011/08/13/1"
} },
} {
"name": "[oss-security] 20110824 Re: Re: CVE request: multiple vulnerabilities in dtc",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/24/10"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498"
},
{
"name": "DSA-2365",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2365"
},
{
"name": "http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/changelog;hb=3eb6ef5cea6c571aae5e49e1930de778eca280c3",
"refsource": "CONFIRM",
"url": "http://git.gplhost.com/gitweb/?p=dtc.git;a=blob;f=debian/changelog;hb=3eb6ef5cea6c571aae5e49e1930de778eca280c3"
}
]
}
}

140
2011/3xxx/CVE-2011-3526.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-3526", "ID": "CVE-2011-3526",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Siebel Core - UIF Server component in Oracle Siebel CRM 8.0.0 and 8.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Siebel Core - UIF Server component in Oracle Siebel CRM 8.0.0 and 8.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to User Interface."
{ }
"name" : "50230", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/50230" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oscrm-acuifs-useri-unspecified(70800)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70800" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html"
},
{
"name": "50230",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50230"
},
{
"name": "oscrm-acuifs-useri-unspecified(70800)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70800"
}
]
}
}

380
2011/3xxx/CVE-2011-3548.json
View File

@ -1,192 +1,192 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-3548", "ID": "CVE-2011-3548",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT."
{ }
"name" : "http://www.ibm.com/developerworks/java/jdk/alerts/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/developerworks/java/jdk/alerts/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "GLSA-201406-32", "description": [
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "HPSBUX02730", ]
"refsource" : "HP", }
"url" : "http://marc.info/?l=bugtraq&m=132750579901589&w=2" ]
}, },
{ "references": {
"name" : "SSRT100710", "reference_data": [
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=132750579901589&w=2" "name": "GLSA-201406-32",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name" : "HPSBMU02797", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "name": "48692",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48692"
"name" : "HPSBUX02760", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=133365109612558&w=2" "name": "HPSBMU02799",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
"name" : "HPSBUX02777", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=133728004526190&w=2" "name": "SSRT100805",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=133365109612558&w=2"
"name" : "SSRT100805", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=133365109612558&w=2" "name": "48308",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/48308"
"name" : "SSRT100854", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=133728004526190&w=2" "name": "HPSBUX02730",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"
"name" : "SSRT100867", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254957702612&w=2" "name": "SUSE-SU-2012:0114",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
"name" : "HPSBMU02799", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" "name": "50211",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/50211"
"name" : "RHSA-2011:1384", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1384.html" "name": "RHSA-2013:1455",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
"name" : "RHSA-2011:1478", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1478.html" "name": "SSRT100710",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=132750579901589&w=2"
"name" : "RHSA-2012:0006", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2012-0006.html" "name": "RHSA-2011:1478",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1478.html"
"name" : "RHSA-2013:1455", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html" "name": "RHSA-2011:1384",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
"name" : "SUSE-SU-2012:0114", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html" "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
"name" : "SUSE-SU-2012:0122", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html" "name": "SSRT100867",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
"name" : "USN-1263-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1263-1" "name": "49198",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/49198"
"name" : "50211", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/50211" "name": "RHSA-2012:0006",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2012-0006.html"
"name" : "76495", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/76495" "name": "SUSE-SU-2012:0122",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html"
"name" : "oval:org.mitre.oval:def:14492", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14492" "name": "jre-awt-unspecified(70845)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70845"
"name" : "1026215", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1026215" "name": "76495",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/76495"
"name" : "49198", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/49198" "name": "HPSBUX02777",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=133728004526190&w=2"
"name" : "48692", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48692" "name": "HPSBUX02760",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=133365109612558&w=2"
"name" : "48308", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48308" "name": "SSRT100854",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=133728004526190&w=2"
"name" : "jre-awt-unspecified(70845)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70845" "name": "1026215",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1026215"
} },
} {
"name": "USN-1263-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1263-1"
},
{
"name": "oval:org.mitre.oval:def:14492",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14492"
},
{
"name": "HPSBMU02797",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
}
]
}
}

290
2011/3xxx/CVE-2011-3578.json
View File

@ -1,147 +1,147 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3578", "ID": "CVE-2011-3578",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the action parameter, related to bug_actiongroup_page.php, a different vulnerability than CVE-2011-3357."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20110905 Multiple vulnerabilities in MantisBT", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/519547/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to inject arbitrary web script or HTML via the action parameter, related to bug_actiongroup_page.php, a different vulnerability than CVE-2011-3357."
{ }
"name" : "[debian-security-tracker] 20110908 Security Fix for mantis stable 1.1.8", ]
"refsource" : "MLIST", },
"url" : "http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[oss-security] 20110904 CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS)", "description": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/09/04/1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[oss-security] 20110904 Re: CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS)", ]
"refsource" : "MLIST", }
"url" : "http://www.openwall.com/lists/oss-security/2011/09/04/2" ]
}, },
{ "references": {
"name" : "[oss-security] 20110909 Re: CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS)", "reference_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/09/09/9" "name": "8392",
}, "refsource": "SREASON",
{ "url": "http://securityreason.com/securityalert/8392"
"name" : "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html", },
"refsource" : "MISC", {
"url" : "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html" "name": "https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f"
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297", },
"refsource" : "CONFIRM", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297" "name": "DSA-2308",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2011/dsa-2308"
"name" : "http://www.mantisbt.org/bugs/view.php?id=13281", },
"refsource" : "CONFIRM", {
"url" : "http://www.mantisbt.org/bugs/view.php?id=13281" "name": "[oss-security] 20110904 CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS)",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2011/09/04/1"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=735514", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=735514" "name": "GLSA-201211-01",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
"name" : "https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d" "name": "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html",
}, "refsource": "MISC",
{ "url": "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_mantisbt.html"
"name" : "https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f", },
"refsource" : "CONFIRM", {
"url" : "https://github.com/mantisbt/mantisbt/commit/6ede60d3db9e202044f135001589cce941ff6f0f" "name": "[oss-security] 20110904 Re: CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS)",
}, "refsource": "MLIST",
{ "url": "http://www.openwall.com/lists/oss-security/2011/09/04/2"
"name" : "DSA-2308", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2011/dsa-2308" "name": "45961",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/45961"
"name" : "FEDORA-2011-12369", },
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html" "name": "https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d",
}, "refsource": "CONFIRM",
{ "url": "https://github.com/mantisbt/mantisbt/commit/5b93161f3ece2f73410c296fed8522f6475d273d"
"name" : "GLSA-201211-01", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201211-01.xml" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297",
}, "refsource": "CONFIRM",
{ "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640297"
"name" : "49448", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/49448" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=735514",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=735514"
"name" : "45961", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/45961" "name": "49448",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/49448"
"name" : "51199", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/51199" "name": "http://www.mantisbt.org/bugs/view.php?id=13281",
}, "refsource": "CONFIRM",
{ "url": "http://www.mantisbt.org/bugs/view.php?id=13281"
"name" : "8392", },
"refsource" : "SREASON", {
"url" : "http://securityreason.com/securityalert/8392" "name": "51199",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/51199"
} },
} {
"name": "[oss-security] 20110909 Re: CVE requests: <mantisbt-1.2.8 multiple vulnerabilities (1xLFI+XSS, 2xXSS)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/09/09/9"
},
{
"name": "[debian-security-tracker] 20110908 Security Fix for mantis stable 1.1.8",
"refsource": "MLIST",
"url": "http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html"
},
{
"name": "FEDORA-2011-12369",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066061.html"
},
{
"name": "20110905 Multiple vulnerabilities in MantisBT",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/519547/100/0/threaded"
}
]
}
}

150
2011/3xxx/CVE-2011-3762.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3762", "ID": "CVE-2011-3762",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "OpenBlog 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6" "lang": "eng",
}, "value": "OpenBlog 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files."
{ }
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", ]
"refsource" : "MISC", },
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/OpenBlog-1.2.1", "description": [
"refsource" : "MISC", {
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/OpenBlog-1.2.1" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openblog-view-path-disclosure(70610)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70610" ]
} },
] "references": {
} "reference_data": [
} {
"name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"name": "openblog-view-path-disclosure(70610)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70610"
},
{
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/OpenBlog-1.2.1",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/OpenBlog-1.2.1"
},
{
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
}
]
}
}

140
2011/4xxx/CVE-2011-4294.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-4294", "ID": "CVE-2011-4294",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x before 2.0.4, and 2.1.x before 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow attackers to trick users into visiting arbitrary web sites via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20111113 Re: Fwd: DSA 2338-1 moodle security update", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2011/11/14/1" "lang": "eng",
}, "value": "The error-message functionality in Moodle 1.9.x before 1.9.13, 2.0.x before 2.0.4, and 2.1.x before 2.1.1 does not ensure that a continuation link refers to an http or https URL for the local Moodle instance, which might allow attackers to trick users into visiting arbitrary web sites via unspecified vectors."
{ }
"name" : "http://git.moodle.org/gw?p=moodle.git;a=commit;h=8f9f666c902cb30ef6f519353f38c45a29fdf4a6", ]
"refsource" : "CONFIRM", },
"url" : "http://git.moodle.org/gw?p=moodle.git;a=commit;h=8f9f666c902cb30ef6f519353f38c45a29fdf4a6" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://moodle.org/mod/forum/discuss.php?d=182737", "description": [
"refsource" : "CONFIRM", {
"url" : "http://moodle.org/mod/forum/discuss.php?d=182737" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20111113 Re: Fwd: DSA 2338-1 moodle security update",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/11/14/1"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=8f9f666c902cb30ef6f519353f38c45a29fdf4a6",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=8f9f666c902cb30ef6f519353f38c45a29fdf4a6"
},
{
"name": "http://moodle.org/mod/forum/discuss.php?d=182737",
"refsource": "CONFIRM",
"url": "http://moodle.org/mod/forum/discuss.php?d=182737"
}
]
}
}

120
2011/4xxx/CVE-2011-4837.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4837", "ID": "CVE-2011-4837",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitrary programs."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#796883", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/796883" "lang": "eng",
} "value": "Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitrary programs."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#796883",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/796883"
}
]
}
}

150
2011/4xxx/CVE-2011-4857.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4857", "ID": "CVE-2011-4857",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://forums.winamp.com/showthread.php?t=332010", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://forums.winamp.com/showthread.php?t=332010" "lang": "eng",
}, "value": "Heap-based buffer overflow in the in_mod.dll plugin in Winamp before 5.623 allows remote attackers to execute arbitrary code via crafted song message data in an Impulse Tracker (IT) file. NOTE: some of these details are obtained from third party information."
{ }
"name" : "oval:org.mitre.oval:def:15351", ]
"refsource" : "OVAL", },
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15351" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "46882", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/46882" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "winamp-it-bo(72054)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72054" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://forums.winamp.com/showthread.php?t=332010",
"refsource": "CONFIRM",
"url": "http://forums.winamp.com/showthread.php?t=332010"
},
{
"name": "oval:org.mitre.oval:def:15351",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15351"
},
{
"name": "winamp-it-bo(72054)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72054"
},
{
"name": "46882",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46882"
}
]
}
}

190
2013/1xxx/CVE-2013-1007.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-1007", "ID": "CVE-2013-1007",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT5766", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5766" "lang": "eng",
}, "value": "WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1."
{ }
"name" : "http://support.apple.com/kb/HT5785", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT5785" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT5934", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5934" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2013-05-16-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2013/May/msg00000.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2013-06-04-2", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html" "name": "http://support.apple.com/kb/HT5785",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5785"
"name" : "APPLE-SA-2013-09-18-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" "name": "54886",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/54886"
"name" : "oval:org.mitre.oval:def:17441", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17441" "name": "http://support.apple.com/kb/HT5934",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5934"
"name" : "54886", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/54886" "name": "APPLE-SA-2013-06-04-2",
} "refsource": "APPLE",
] "url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html"
} },
} {
"name": "oval:org.mitre.oval:def:17441",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17441"
},
{
"name": "http://support.apple.com/kb/HT5766",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5766"
},
{
"name": "APPLE-SA-2013-05-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/May/msg00000.html"
},
{
"name": "APPLE-SA-2013-09-18-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
}
]
}
}

34
2013/1xxx/CVE-2013-1837.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1837", "ID": "CVE-2013-1837",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2013/5xxx/CVE-2013-5237.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5237", "ID": "CVE-2013-5237",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2013/5xxx/CVE-2013-5245.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5245", "ID": "CVE-2013-5245",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

190
2013/5xxx/CVE-2013-5319.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5319", "ID": "CVE-2013-5319",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://cxsecurity.com/issue/WLB-2013080065", "description_data": [
"refsource" : "MISC", {
"url" : "http://cxsecurity.com/issue/WLB-2013080065" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in secure/admin/user/views/deleteuserconfirm.jsp in the Admin Panel in Atlassian JIRA before 6.0.5 allows remote attackers to inject arbitrary web script or HTML via the name parameter to secure/admin/user/DeleteUser!default.jspa."
{ }
"name" : "http://packetstormsecurity.com/files/122721", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/122721" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5151.php", "description": [
"refsource" : "MISC", {
"url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5151.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://jira.atlassian.com/browse/JRA/fixforversion/33790", ]
"refsource" : "CONFIRM", }
"url" : "https://jira.atlassian.com/browse/JRA/fixforversion/33790" ]
}, },
{ "references": {
"name" : "https://jira.atlassian.com/i#browse/JRA-34160", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://jira.atlassian.com/i#browse/JRA-34160" "name": "http://cxsecurity.com/issue/WLB-2013080065",
}, "refsource": "MISC",
{ "url": "http://cxsecurity.com/issue/WLB-2013080065"
"name" : "https://jira.atlassian.com/secure/ReleaseNote.jspa?projectId=10240&version=33790", },
"refsource" : "CONFIRM", {
"url" : "https://jira.atlassian.com/secure/ReleaseNote.jspa?projectId=10240&version=33790" "name": "54417",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/54417"
"name" : "61647", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/61647" "name": "http://packetstormsecurity.com/files/122721",
}, "refsource": "MISC",
{ "url": "http://packetstormsecurity.com/files/122721"
"name" : "54417", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/54417" "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5151.php",
} "refsource": "MISC",
] "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5151.php"
} },
} {
"name": "https://jira.atlassian.com/i#browse/JRA-34160",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/i#browse/JRA-34160"
},
{
"name": "https://jira.atlassian.com/secure/ReleaseNote.jspa?projectId=10240&version=33790",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/secure/ReleaseNote.jspa?projectId=10240&version=33790"
},
{
"name": "61647",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61647"
},
{
"name": "https://jira.atlassian.com/browse/JRA/fixforversion/33790",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/JRA/fixforversion/33790"
}
]
}
}

34
2013/5xxx/CVE-2013-5337.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2013-5337", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2013-5337",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none."
} }
] ]
} }
} }

210
2013/5xxx/CVE-2013-5457.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2013-5457", "ID": "CVE-2013-5457",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655202", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655202" "lang": "eng",
}, "value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013", "description": [
"refsource" : "CONFIRM", {
"url" : "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "IV51334", ]
"refsource" : "AIXAPAR", }
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51334" ]
}, },
{ "references": {
"name" : "RHSA-2013:1507", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1507.html" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
"name" : "RHSA-2013:1508", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1508.html" "name": "ibm-java-cve20135457-code-exec(88256)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88256"
"name" : "RHSA-2013:1793", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1793.html" "name": "RHSA-2013:1508",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
"name" : "SUSE-SU-2013:1677", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html" "name": "SUSE-SU-2013:1677",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
"name" : "56338", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56338" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
"name" : "ibm-java-cve20135457-code-exec(88256)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/88256" "name": "IV51334",
} "refsource": "AIXAPAR",
] "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51334"
} },
} {
"name": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
}
]
}
}

370
2013/5xxx/CVE-2013-5829.json
View File

@ -1,187 +1,187 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5829", "ID": "CVE-2013-5829",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5809."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" "lang": "eng",
}, "value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5809."
{ }
"name" : "http://support.apple.com/kb/HT5982", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT5982" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201", ]
"refsource" : "CONFIRM", }
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21655201" ]
}, },
{ "references": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1019115", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1019115" "name": "RHSA-2014:0414",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2014:0414"
"name" : "APPLE-SA-2013-10-15-1", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html" "name": "GLSA-201406-32",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name" : "GLSA-201406-32", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" "name": "RHSA-2013:1447",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
"name" : "HPSBUX02943", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=138674031212883&w=2" "name": "RHSA-2013:1440",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
"name" : "HPSBUX02944", },
"refsource" : "HP", {
"url" : "http://marc.info/?l=bugtraq&m=138674073720143&w=2" "name": "USN-2033-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2033-1"
"name" : "RHSA-2013:1440", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1440.html" "name": "oval:org.mitre.oval:def:19189",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19189"
"name" : "RHSA-2013:1447", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1447.html" "name": "USN-2089-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-2089-1"
"name" : "RHSA-2013:1451", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1451.html" "name": "RHSA-2013:1508",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
"name" : "RHSA-2013:1505", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1505.html" "name": "SUSE-SU-2013:1677",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
"name" : "RHSA-2013:1507", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1507.html" "name": "HPSBUX02944",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=138674073720143&w=2"
"name" : "RHSA-2013:1508", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1508.html" "name": "RHSA-2013:1505",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
"name" : "RHSA-2013:1509", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1509.html" "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
}, "refsource": "CONFIRM",
{ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
"name" : "RHSA-2013:1793", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1793.html" "name": "HPSBUX02943",
}, "refsource": "HP",
{ "url": "http://marc.info/?l=bugtraq&m=138674031212883&w=2"
"name" : "RHSA-2014:0414", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2014:0414" "name": "63137",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/63137"
"name" : "SUSE-SU-2013:1666", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html" "name": "openSUSE-SU-2013:1663",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
"name" : "SUSE-SU-2013:1677", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html" "name": "SUSE-SU-2013:1666",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
"name" : "openSUSE-SU-2013:1663", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html" "name": "RHSA-2013:1793",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
"name" : "USN-2033-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2033-1" "name": "RHSA-2013:1509",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
"name" : "USN-2089-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-2089-1" "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
"name" : "63137", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/63137" "name": "APPLE-SA-2013-10-15-1",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
"name" : "oval:org.mitre.oval:def:19189", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19189" "name": "RHSA-2013:1507",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
"name" : "56338", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/56338" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1019115",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019115"
} },
} {
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}

150
2014/2xxx/CVE-2014-2096.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2096", "ID": "CVE-2014-2096",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 allows local users to gain privileges via a Trojan horse bin/catfish.py under the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20140225 Re: CVE request for catfish program", "description_data": [
"refsource" : "MLIST", {
"url" : "http://openwall.com/lists/oss-security/2014/02/25/4" "lang": "eng",
}, "value": "Untrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 allows local users to gain privileges via a Trojan horse bin/catfish.py under the current working directory."
{ }
"name" : "[oss-security] 20140225 Re: CVE request for catfish program", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2014/02/25/2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739958", "description": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739958" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1069396", ]
"refsource" : "CONFIRM", }
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1069396" ]
} },
] "references": {
} "reference_data": [
} {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1069396",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1069396"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739958",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739958"
},
{
"name": "[oss-security] 20140225 Re: CVE request for catfish program",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/02/25/2"
},
{
"name": "[oss-security] 20140225 Re: CVE request for catfish program",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/02/25/4"
}
]
}
}

120
2014/2xxx/CVE-2014-2354.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2014-2354", "ID": "CVE-2014-2354",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-02", "description_data": [
"refsource" : "MISC", {
"url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-02" "lang": "eng",
} "value": "Cogent DataHub before 7.3.5 does not use a salt during password hashing, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-149-02"
}
]
}
}

140
2014/2xxx/CVE-2014-2382.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2382", "ID": "CVE-2014-2382",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service (crash) and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20141119 CVE-2014-2382 - Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2014/Nov/52" "lang": "eng",
}, "value": "The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise 8.10 and earlier allows local administrators to cause a denial of service (crash) and execute arbitrary code via a crafted IOCTL request that writes to arbitrary memory locations, related to the IofCallDriver function."
{ }
"name" : "http://packetstormsecurity.com/files/129172/Faronics-Deep-Freeze-Arbitrary-Code-Execution.html", ]
"refsource" : "MISC", },
"url" : "http://packetstormsecurity.com/files/129172/Faronics-Deep-Freeze-Arbitrary-Code-Execution.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2382/", "description": [
"refsource" : "MISC", {
"url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2382/" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/129172/Faronics-Deep-Freeze-Arbitrary-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/129172/Faronics-Deep-Freeze-Arbitrary-Code-Execution.html"
},
{
"name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2382/",
"refsource": "MISC",
"url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2382/"
},
{
"name": "20141119 CVE-2014-2382 - Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Nov/52"
}
]
}
}

170
2014/2xxx/CVE-2014-2611.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2014-2611", "ID": "CVE-2014-2611",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://zerodayinitiative.com/advisories/ZDI-14-210/", "description_data": [
"refsource" : "MISC", {
"url" : "http://zerodayinitiative.com/advisories/ZDI-14-210/" "lang": "eng",
}, "value": "Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120."
{ }
"name" : "HPSBMU03048", ]
"refsource" : "HP", },
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "SSRT101431", "description": [
"refsource" : "HP", {
"url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "68093", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/68093" ]
}, },
{ "references": {
"name" : "1030439", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1030439" "name": "59363",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/59363"
"name" : "59363", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/59363" "name": "http://zerodayinitiative.com/advisories/ZDI-14-210/",
} "refsource": "MISC",
] "url": "http://zerodayinitiative.com/advisories/ZDI-14-210/"
} },
} {
"name": "68093",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68093"
},
{
"name": "1030439",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030439"
},
{
"name": "SSRT101431",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295"
},
{
"name": "HPSBMU03048",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04341295"
}
]
}
}

120
2014/2xxx/CVE-2014-2873.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2873", "ID": "CVE-2014-2873",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not require authentication for access to log files, which allows remote attackers to obtain sensitive server information by using a predictable name in a request for a file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#437385", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/437385" "lang": "eng",
} "value": "PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not require authentication for access to log files, which allows remote attackers to obtain sensitive server information by using a predictable name in a request for a file."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#437385",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/437385"
}
]
}
}

120
2014/2xxx/CVE-2014-2939.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-2939", "ID": "CVE-2014-2939",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Alfresco Enterprise before 4.1.6.13 allow remote attackers to inject arbitrary web script or HTML via (1) an XHTML document, (2) a <% tag, or (3) the taskId parameter to share/page/task-edit."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "VU#537684", "description_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/537684" "lang": "eng",
} "value": "Multiple cross-site scripting (XSS) vulnerabilities in Alfresco Enterprise before 4.1.6.13 allow remote attackers to inject arbitrary web script or HTML via (1) an XHTML document, (2) a <% tag, or (3) the taskId parameter to share/page/task-edit."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#537684",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/537684"
}
]
}
}

34
2014/6xxx/CVE-2014-6094.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6094", "ID": "CVE-2014-6094",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2014/6xxx/CVE-2014-6220.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6220", "ID": "CVE-2014-6220",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2014/6xxx/CVE-2014-6449.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6449", "ID": "CVE-2014-6449",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R5, and 14.2 before 14.2R1 do not properly handle TCP packet reassembly, which allows remote attackers to cause a denial of service (buffer consumption) via a crafted sequence of packets \"destined to the device.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10696", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10696" "lang": "eng",
}, "value": "Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R7, 14.1 before 14.1R5, and 14.2 before 14.2R1 do not properly handle TCP packet reassembly, which allows remote attackers to cause a denial of service (buffer consumption) via a crafted sequence of packets \"destined to the device.\""
{ }
"name" : "1033853", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1033853" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033853",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033853"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10696",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10696"
}
]
}
}

140
2014/6xxx/CVE-2014-6682.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6682", "ID": "CVE-2014-6682",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The w88235ff7bdc2fb574f1789750ea99ed6 (aka com.w88235ff7bdc2fb574f1789750ea99ed6) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The w88235ff7bdc2fb574f1789750ea99ed6 (aka com.w88235ff7bdc2fb574f1789750ea99ed6) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#497401", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/497401" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#497401",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/497401"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/6xxx/CVE-2014-6690.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6690", "ID": "CVE-2014-6690",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The InstaMessage - Instagram Chat (aka com.futurebits.instamessage.free) application 1.6.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The InstaMessage - Instagram Chat (aka com.futurebits.instamessage.free) application 1.6.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#127537", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/127537" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name": "VU#127537",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/127537"
}
]
}
}

140
2014/6xxx/CVE-2014-6815.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6815", "ID": "CVE-2014-6815",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Vouch! (aka com.voucherry.voucherry) application 2.1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Vouch! (aka com.voucherry.voucherry) application 2.1.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#249681", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/249681" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#582497", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/582497" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#249681",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/249681"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

140
2014/7xxx/CVE-2014-7620.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-7620", "ID": "CVE-2014-7620",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Authors On Tour - Live! (aka com.appmakr.app122286) application 4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "description_data": [
"refsource" : "MISC", {
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "lang": "eng",
}, "value": "The Authors On Tour - Live! (aka com.appmakr.app122286) application 4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
{ }
"name" : "VU#582497", ]
"refsource" : "CERT-VN", },
"url" : "http://www.kb.cert.org/vuls/id/582497" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#669793", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/669793" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "VU#669793",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/669793"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

160
2014/7xxx/CVE-2014-7857.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-7857", "ID": "CVE-2014-7857",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-326 1.40b03, DNS-320B 1.02b01, DNS-345 1.03b06, DNS-325 1.05b03, and DNS-322L 2.00b07 allow remote attackers to bypass authentication and log in with administrator permissions by passing the cgi_set_wto command in the cmd parameter, and setting the spawned session's cookie to username=admin."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20150528 [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/535626/100/200/threaded" "lang": "eng",
}, "value": "D-Link DNS-320L firmware before 1.04b12, DNS-327L before 1.03b04 Build0119, DNR-326 1.40b03, DNS-320B 1.02b01, DNS-345 1.03b06, DNS-325 1.05b03, and DNS-322L 2.00b07 allow remote attackers to bypass authentication and log in with administrator permissions by passing the cgi_set_wto command in the cmd parameter, and setting the spawned session's cookie to username=admin."
{ }
"name" : "20150531 [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2015/May/125" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://packetstormsecurity.com/files/132075/D-Link-Bypass-Buffer-Overflow.html", "description": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/132075/D-Link-Bypass-Buffer-Overflow.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf", ]
"refsource" : "CONFIRM", }
"url" : "http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf" ]
}, },
{ "references": {
"name" : "74880", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/74880" "name": "http://packetstormsecurity.com/files/132075/D-Link-Bypass-Buffer-Overflow.html",
} "refsource": "MISC",
] "url": "http://packetstormsecurity.com/files/132075/D-Link-Bypass-Buffer-Overflow.html"
} },
} {
"name": "20150528 [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/535626/100/200/threaded"
},
{
"name": "20150531 [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/May/125"
},
{
"name": "http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf",
"refsource": "CONFIRM",
"url": "http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf"
},
{
"name": "74880",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74880"
}
]
}
}

34
2017/18xxx/CVE-2017-18115.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-18115", "ID": "CVE-2017-18115",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/18xxx/CVE-2017-18278.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-18278", "ID": "CVE-2017-18278",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2017/1xxx/CVE-2017-1226.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2017-1226", "ID": "CVE-2017-1226",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) generates an error message in error logs that includes sensitive information about its environment which could be used in further attacks against the system. IBM X-Force ID: 123905."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/123905", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/123905" "lang": "eng",
}, "value": "IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) generates an error message in error logs that includes sensitive information about its environment which could be used in further attacks against the system. IBM X-Force ID: 123905."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22009673", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22009673" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "101571", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/101571" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123905",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/123905"
},
{
"name": "101571",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101571"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22009673",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22009673"
}
]
}
}

176
2017/1xxx/CVE-2017-1349.json
View File

@ -1,90 +1,90 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2017-1349", "ID": "CVE-2017-1349",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Sterling B2B Integrator", "product_name": "Sterling B2B Integrator",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "5.2" "version_value": "5.2"
}, },
{ {
"version_value" : "5.2.1" "version_value": "5.2.1"
}, },
{ {
"version_value" : "5.2.2" "version_value": "5.2.2"
}, },
{ {
"version_value" : "5.2.3" "version_value": "5.2.3"
}, },
{ {
"version_value" : "5.2.4" "version_value": "5.2.4"
}, },
{ {
"version_value" : "5.2.5" "version_value": "5.2.5"
}, },
{ {
"version_value" : "5.2.6" "version_value": "5.2.6"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. IBM X-Force ID: 126525."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126525", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126525" "lang": "eng",
}, "value": "IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. IBM X-Force ID: 126525."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22004209", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22004209" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "99236", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/99236" "lang": "eng",
} "value": "Obtain Information"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126525",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126525"
},
{
"name": "99236",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99236"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22004209",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22004209"
}
]
}
}

154
2017/1xxx/CVE-2017-1469.json
View File

@ -1,79 +1,79 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@us.ibm.com", "ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-08-10T00:00:00", "DATE_PUBLIC": "2017-08-10T00:00:00",
"ID" : "CVE-2017-1469", "ID": "CVE-2017-1469",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "InfoSphere Information Server", "product_name": "InfoSphere Information Server",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.1" "version_value": "9.1"
}, },
{ {
"version_value" : "11.3" "version_value": "11.3"
}, },
{ {
"version_value" : "11.5" "version_value": "11.5"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "IBM" "vendor_name": "IBM"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-Force ID: 128468."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128468", "description_data": [
"refsource" : "MISC", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128468" "lang": "eng",
}, "value": "IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-Force ID: 128468."
{ }
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22006069", ]
"refsource" : "CONFIRM", },
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22006069" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "100309", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/100309" "lang": "eng",
} "value": "Gain Privileges"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22006069",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006069"
},
{
"name": "100309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100309"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128468",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128468"
}
]
}
}

34
2017/1xxx/CVE-2017-1610.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1610", "ID": "CVE-2017-1610",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/1xxx/CVE-2017-1639.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1639", "ID": "CVE-2017-1639",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/1xxx/CVE-2017-1881.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1881", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-1881",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4044.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4044", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4044",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4256.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4256", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4256",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4378.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4378", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4378",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/4xxx/CVE-2017-4854.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4854", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4854",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

180
2017/5xxx/CVE-2017-5014.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@google.com",
"ID" : "CVE-2017-5014", "ID": "CVE-2017-5014",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android", "product_name": "Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android" "version_value": "Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "heap buffer overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html" "lang": "eng",
}, "value": "Heap buffer overflow during image processing in Skia in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page."
{ }
"name" : "https://crbug.com/675332", ]
"refsource" : "CONFIRM", },
"url" : "https://crbug.com/675332" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3776", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3776" "lang": "eng",
}, "value": "heap buffer overflow"
{ }
"name" : "GLSA-201701-66", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201701-66" ]
}, },
{ "references": {
"name" : "RHSA-2017:0206", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0206.html" "name": "95792",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/95792"
"name" : "95792", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95792" "name": "https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html",
}, "refsource": "CONFIRM",
{ "url": "https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html"
"name" : "1037718", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037718" "name": "GLSA-201701-66",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201701-66"
} },
} {
"name": "RHSA-2017:0206",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0206.html"
},
{
"name": "https://crbug.com/675332",
"refsource": "CONFIRM",
"url": "https://crbug.com/675332"
},
{
"name": "1037718",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037718"
},
{
"name": "DSA-3776",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3776"
}
]
}
}

160
2017/5xxx/CVE-2017-5602.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5602", "ID": "CVE-2017-5602",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An incorrect implementation of \"XEP-0280: Message Carbons\" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for jappix 1.0.0 to 1.1.6."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://openwall.com/lists/oss-security/2017/02/09/29", "description_data": [
"refsource" : "MISC", {
"url" : "http://openwall.com/lists/oss-security/2017/02/09/29" "lang": "eng",
}, "value": "An incorrect implementation of \"XEP-0280: Message Carbons\" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for jappix 1.0.0 to 1.1.6."
{ }
"name" : "https://github.com/jappix/jappix/commit/ea6de7c65b80880bdf85df47c1a8a5d3d68491af", ]
"refsource" : "MISC", },
"url" : "https://github.com/jappix/jappix/commit/ea6de7c65b80880bdf85df47c1a8a5d3d68491af" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://rt-solutions.de/en/2017/02/CVE-2017-5589_xmpp_carbons/", "description": [
"refsource" : "MISC", {
"url" : "https://rt-solutions.de/en/2017/02/CVE-2017-5589_xmpp_carbons/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://rt-solutions.de/wp-content/uploads/2017/02/CVE-2017-5589_xmpp_carbons.pdf", ]
"refsource" : "MISC", }
"url" : "https://rt-solutions.de/wp-content/uploads/2017/02/CVE-2017-5589_xmpp_carbons.pdf" ]
}, },
{ "references": {
"name" : "96176", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/96176" "name": "96176",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/96176"
} },
} {
"name": "http://openwall.com/lists/oss-security/2017/02/09/29",
"refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2017/02/09/29"
},
{
"name": "https://github.com/jappix/jappix/commit/ea6de7c65b80880bdf85df47c1a8a5d3d68491af",
"refsource": "MISC",
"url": "https://github.com/jappix/jappix/commit/ea6de7c65b80880bdf85df47c1a8a5d3d68491af"
},
{
"name": "https://rt-solutions.de/en/2017/02/CVE-2017-5589_xmpp_carbons/",
"refsource": "MISC",
"url": "https://rt-solutions.de/en/2017/02/CVE-2017-5589_xmpp_carbons/"
},
{
"name": "https://rt-solutions.de/wp-content/uploads/2017/02/CVE-2017-5589_xmpp_carbons.pdf",
"refsource": "MISC",
"url": "https://rt-solutions.de/wp-content/uploads/2017/02/CVE-2017-5589_xmpp_carbons.pdf"
}
]
}
}