From 07b558060cc83660158231f98aabb7ae804eab3f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 00:34:48 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/2xxx/CVE-2006-2084.json | 160 ++++++++-------- 2006/2xxx/CVE-2006-2350.json | 34 ++-- 2006/2xxx/CVE-2006-2446.json | 230 +++++++++++------------ 2006/2xxx/CVE-2006-2835.json | 180 +++++++++--------- 2006/3xxx/CVE-2006-3173.json | 150 +++++++-------- 2006/3xxx/CVE-2006-3202.json | 140 +++++++------- 2006/3xxx/CVE-2006-3555.json | 180 +++++++++--------- 2006/3xxx/CVE-2006-3570.json | 160 ++++++++-------- 2006/3xxx/CVE-2006-3785.json | 140 +++++++------- 2006/6xxx/CVE-2006-6596.json | 160 ++++++++-------- 2006/6xxx/CVE-2006-6626.json | 130 ++++++------- 2006/6xxx/CVE-2006-6815.json | 140 +++++++------- 2006/7xxx/CVE-2006-7060.json | 140 +++++++------- 2011/0xxx/CVE-2011-0296.json | 34 ++-- 2011/0xxx/CVE-2011-0369.json | 34 ++-- 2011/0xxx/CVE-2011-0750.json | 34 ++-- 2011/1xxx/CVE-2011-1903.json | 140 +++++++------- 2011/2xxx/CVE-2011-2182.json | 170 ++++++++--------- 2011/3xxx/CVE-2011-3324.json | 260 +++++++++++++------------- 2011/3xxx/CVE-2011-3710.json | 140 +++++++------- 2011/4xxx/CVE-2011-4307.json | 140 +++++++------- 2011/4xxx/CVE-2011-4499.json | 130 ++++++------- 2011/4xxx/CVE-2011-4605.json | 290 ++++++++++++++--------------- 2013/1xxx/CVE-2013-1115.json | 120 ++++++------ 2013/1xxx/CVE-2013-1163.json | 120 ++++++------ 2013/5xxx/CVE-2013-5029.json | 180 +++++++++--------- 2013/5xxx/CVE-2013-5429.json | 150 +++++++-------- 2013/5xxx/CVE-2013-5742.json | 34 ++-- 2013/5xxx/CVE-2013-5866.json | 150 +++++++-------- 2013/5xxx/CVE-2013-5994.json | 150 +++++++-------- 2014/2xxx/CVE-2014-2215.json | 34 ++-- 2014/2xxx/CVE-2014-2344.json | 34 ++-- 2014/2xxx/CVE-2014-2551.json | 34 ++-- 2014/2xxx/CVE-2014-2764.json | 140 +++++++------- 2014/6xxx/CVE-2014-6172.json | 150 +++++++-------- 2014/6xxx/CVE-2014-6287.json | 160 ++++++++-------- 2014/6xxx/CVE-2014-6647.json | 140 +++++++------- 2014/6xxx/CVE-2014-6849.json | 34 ++-- 2014/7xxx/CVE-2014-7656.json | 140 +++++++------- 2017/0xxx/CVE-2017-0221.json | 130 ++++++------- 2017/0xxx/CVE-2017-0272.json | 140 +++++++------- 2017/1000xxx/CVE-2017-1000001.json | 122 ++++++------ 2017/1000xxx/CVE-2017-1000367.json | 272 +++++++++++++-------------- 2017/1xxx/CVE-2017-1318.json | 178 +++++++++--------- 2017/1xxx/CVE-2017-1352.json | 148 +++++++-------- 2017/1xxx/CVE-2017-1726.json | 34 ++-- 2017/1xxx/CVE-2017-1814.json | 34 ++-- 2017/1xxx/CVE-2017-1830.json | 34 ++-- 2017/4xxx/CVE-2017-4550.json | 34 ++-- 2017/4xxx/CVE-2017-4568.json | 34 ++-- 2017/4xxx/CVE-2017-4763.json | 34 ++-- 2017/5xxx/CVE-2017-5301.json | 34 ++-- 2017/5xxx/CVE-2017-5863.json | 34 ++-- 53 files changed, 3174 insertions(+), 3174 deletions(-) diff --git a/2006/2xxx/CVE-2006-2084.json b/2006/2xxx/CVE-2006-2084.json index 1761badb18d..77741793fc7 100644 --- a/2006/2xxx/CVE-2006-2084.json +++ b/2006/2xxx/CVE-2006-2084.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2084", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 Pro and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameters in (a) index.php, and the (3) mod parameter in (b) admin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060426 XXS Attack On FarsiNews", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/432109/100/0/threaded" - }, - { - "name" : "http://www.aria-security.net/advisory/farsinews/farsinews0420062.txt", - "refsource" : "MISC", - "url" : "http://www.aria-security.net/advisory/farsinews/farsinews0420062.txt" - }, - { - "name" : "17701", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17701" - }, - { - "name" : "812", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/812" - }, - { - "name" : "farsinews-index-admin-xss(26097)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26097" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in FarsiNews 2.5.3 Pro and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameters in (a) index.php, and the (3) mod parameter in (b) admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "812", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/812" + }, + { + "name": "http://www.aria-security.net/advisory/farsinews/farsinews0420062.txt", + "refsource": "MISC", + "url": "http://www.aria-security.net/advisory/farsinews/farsinews0420062.txt" + }, + { + "name": "farsinews-index-admin-xss(26097)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26097" + }, + { + "name": "17701", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17701" + }, + { + "name": "20060426 XXS Attack On FarsiNews", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/432109/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2350.json b/2006/2xxx/CVE-2006-2350.json index ae4f92c6547..e39dd61a4f8 100644 --- a/2006/2xxx/CVE-2006-2350.json +++ b/2006/2xxx/CVE-2006-2350.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2350", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2344. Reason: This candidate is a duplicate of CVE-2006-2344. Notes: All CVE users should reference CVE-2006-2344 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2006-2350", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2344. Reason: This candidate is a duplicate of CVE-2006-2344. Notes: All CVE users should reference CVE-2006-2344 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2446.json b/2006/2xxx/CVE-2006-2446.json index a779a5820b0..c41653c368f 100644 --- a/2006/2xxx/CVE-2006-2446.json +++ b/2006/2xxx/CVE-2006-2446.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2446", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests from the LTP test suite." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-2446", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm" - }, - { - "name" : "DSA-1183", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1183" - }, - { - "name" : "DSA-1184", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1184" - }, - { - "name" : "MDKSA-2007:025", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:025" - }, - { - "name" : "RHSA-2006:0575", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0575.html" - }, - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192779", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192779" - }, - { - "name" : "19475", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19475" - }, - { - "name" : "oval:org.mitre.oval:def:9117", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9117" - }, - { - "name" : "21465", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21465" - }, - { - "name" : "22082", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22082" - }, - { - "name" : "22093", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22093" - }, - { - "name" : "22417", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22417" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests from the LTP test suite." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2007:025", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:025" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192779", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192779" + }, + { + "name": "DSA-1183", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1183" + }, + { + "name": "22082", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22082" + }, + { + "name": "RHSA-2006:0575", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0575.html" + }, + { + "name": "oval:org.mitre.oval:def:9117", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9117" + }, + { + "name": "21465", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21465" + }, + { + "name": "19475", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19475" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm" + }, + { + "name": "22417", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22417" + }, + { + "name": "22093", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22093" + }, + { + "name": "DSA-1184", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1184" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2835.json b/2006/2xxx/CVE-2006-2835.json index 2a19209574f..32e3dd77117 100644 --- a/2006/2xxx/CVE-2006-2835.json +++ b/2006/2xxx/CVE-2006-2835.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2835", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in saphplesson 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) forumid parameter in add.php and (2) lessid parameter in show.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2835", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060527 Critical sql injection in saphplesson 2.0", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435202/100/0/threaded" - }, - { - "name" : "20060711 saphp \"add.php\" forumid Parameter SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/440120" - }, - { - "name" : "20070704 SQL Injection in SaphpLesson2.0 \"show.php\"", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/472798/100/0/threaded" - }, - { - "name" : "18934", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18934" - }, - { - "name" : "18117", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18117" - }, - { - "name" : "1047", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1047" - }, - { - "name" : "saphplesson-show-sql-injection(26757)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26757" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in saphplesson 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) forumid parameter in add.php and (2) lessid parameter in show.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "saphplesson-show-sql-injection(26757)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26757" + }, + { + "name": "1047", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1047" + }, + { + "name": "20070704 SQL Injection in SaphpLesson2.0 \"show.php\"", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/472798/100/0/threaded" + }, + { + "name": "18117", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18117" + }, + { + "name": "18934", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18934" + }, + { + "name": "20060711 saphp \"add.php\" forumid Parameter SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/440120" + }, + { + "name": "20060527 Critical sql injection in saphplesson 2.0", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435202/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3173.json b/2006/3xxx/CVE-2006-3173.json index 7d088d46405..b6565a4ce1a 100644 --- a/2006/3xxx/CVE-2006-3173.json +++ b/2006/3xxx/CVE-2006-3173.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3173", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) path[cb] parameter to (a) libraries/comment/postComment.php and (b) modules/poll/poll.php, (2) rel parameter to (c) modules/archive/overview.inc.php, and the (3) actualModuleDir parameter to (d) modules/forum/showThread.inc.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3173", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071003 Content Builder 0.7.5 RFI Bug", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481435/100/0/threaded" - }, - { - "name" : "25914", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25914" - }, - { - "name" : "20557", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20557" - }, - { - "name" : "contentbuilder-multiple-file-include(27044)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27044" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) path[cb] parameter to (a) libraries/comment/postComment.php and (b) modules/poll/poll.php, (2) rel parameter to (c) modules/archive/overview.inc.php, and the (3) actualModuleDir parameter to (d) modules/forum/showThread.inc.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "contentbuilder-multiple-file-include(27044)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27044" + }, + { + "name": "25914", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25914" + }, + { + "name": "20071003 Content Builder 0.7.5 RFI Bug", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481435/100/0/threaded" + }, + { + "name": "20557", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20557" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3202.json b/2006/3xxx/CVE-2006-3202.json index 45adcb6520e..b812d88822e 100644 --- a/2006/3xxx/CVE-2006-3202.json +++ b/2006/3xxx/CVE-2006-3202.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3202", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3202", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "NetBSD-SA2006-016", - "refsource" : "NETBSD", - "url" : "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-016.txt.asc" - }, - { - "name" : "1016250", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016250" - }, - { - "name" : "netbsd-ipv6-dos(27139)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27139" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ip6_savecontrol function in NetBSD 2.0 through 3.0, under certain configurations, does not check to see if IPv4-mapped sockets are being used before processing IPv6 socket options, which allows local users to cause a denial of service (crash) by creating an IPv4-mapped IPv6 socket with the SO_TIMESTAMP socket option set, then sending an IPv4 packet through the socket." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1016250", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016250" + }, + { + "name": "netbsd-ipv6-dos(27139)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27139" + }, + { + "name": "NetBSD-SA2006-016", + "refsource": "NETBSD", + "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-016.txt.asc" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3555.json b/2006/3xxx/CVE-2006-3555.json index 0819752e1d5..d201cb817b3 100644 --- a/2006/3xxx/CVE-2006-3555.json +++ b/2006/3xxx/CVE-2006-3555.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3555", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PHP-Fusion before 6.01.3 allow remote attackers to inject arbitrary web script or HTML by using edit_profile.php to upload a (1) avatar or (2) forum image attachment that has a .gif or .jpg extension, and begins with a GIF header followed by JavaScript code, which is executed by Internet Explorer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3555", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060701 Php-Fusion (Xss) With Avatar Upload", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/438938/100/0/threaded" - }, - { - "name" : "http://php-fusion.co.uk/news.php", - "refsource" : "CONFIRM", - "url" : "http://php-fusion.co.uk/news.php" - }, - { - "name" : "18787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18787" - }, - { - "name" : "ADV-2006-2655", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2655" - }, - { - "name" : "20904", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20904" - }, - { - "name" : "1224", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1224" - }, - { - "name" : "phpfusion-avatar-xss(27537)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27537" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in submit.php in PHP-Fusion before 6.01.3 allow remote attackers to inject arbitrary web script or HTML by using edit_profile.php to upload a (1) avatar or (2) forum image attachment that has a .gif or .jpg extension, and begins with a GIF header followed by JavaScript code, which is executed by Internet Explorer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060701 Php-Fusion (Xss) With Avatar Upload", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/438938/100/0/threaded" + }, + { + "name": "18787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18787" + }, + { + "name": "ADV-2006-2655", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2655" + }, + { + "name": "1224", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1224" + }, + { + "name": "20904", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20904" + }, + { + "name": "phpfusion-avatar-xss(27537)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27537" + }, + { + "name": "http://php-fusion.co.uk/news.php", + "refsource": "CONFIRM", + "url": "http://php-fusion.co.uk/news.php" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3570.json b/2006/3xxx/CVE-2006-3570.json index 0b1c9fe47cf..c3542f41881 100644 --- a/2006/3xxx/CVE-2006-3570.json +++ b/2006/3xxx/CVE-2006-3570.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3570", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the webform module in Drupal 4.6 before July 8, 2006 and 4.7 before July 8, 2006 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3570", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/72846", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/72846" - }, - { - "name" : "18947", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18947" - }, - { - "name" : "ADV-2006-2764", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2764" - }, - { - "name" : "21021", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21021" - }, - { - "name" : "webform-unspecified-xss(27685)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27685" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the webform module in Drupal 4.6 before July 8, 2006 and 4.7 before July 8, 2006 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21021", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21021" + }, + { + "name": "18947", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18947" + }, + { + "name": "webform-unspecified-xss(27685)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27685" + }, + { + "name": "ADV-2006-2764", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2764" + }, + { + "name": "http://drupal.org/node/72846", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/72846" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3785.json b/2006/3xxx/CVE-2006-3785.json index be0dbce6acf..7ac6c778b5e 100644 --- a/2006/3xxx/CVE-2006-3785.json +++ b/2006/3xxx/CVE-2006-3785.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3785", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3785", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060718 PcAnywhere > 12 Local Privilege Escalation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/440448/100/0/threaded" - }, - { - "name" : "http://www.digitalbullets.org/?p=3", - "refsource" : "MISC", - "url" : "http://www.digitalbullets.org/?p=3" - }, - { - "name" : "1261", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1261" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060718 PcAnywhere > 12 Local Privilege Escalation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded" + }, + { + "name": "http://www.digitalbullets.org/?p=3", + "refsource": "MISC", + "url": "http://www.digitalbullets.org/?p=3" + }, + { + "name": "1261", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1261" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6596.json b/2006/6xxx/CVE-2006-6596.json index 46053cbc0c0..6728b04096c 100644 --- a/2006/6xxx/CVE-2006-6596.json +++ b/2006/6xxx/CVE-2006-6596.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6596", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via a session (HAW) file, which can be automatically opened using Internet Explorer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6596", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061214 HyperAccess - Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/454388/100/0/threaded" - }, - { - "name" : "21594", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21594" - }, - { - "name" : "ADV-2006-5013", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/5013" - }, - { - "name" : "23366", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23366" - }, - { - "name" : "2045", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2045" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HyperAccess 8.4 allows user-assisted remote attackers to execute arbitrary vbscript and commands via a session (HAW) file, which can be automatically opened using Internet Explorer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20061214 HyperAccess - Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/454388/100/0/threaded" + }, + { + "name": "21594", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21594" + }, + { + "name": "23366", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23366" + }, + { + "name": "2045", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2045" + }, + { + "name": "ADV-2006-5013", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/5013" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6626.json b/2006/6xxx/CVE-2006-6626.json index fddc21071cc..59f8d496c1e 100644 --- a/2006/6xxx/CVE-2006-6626.json +++ b/2006/6xxx/CVE-2006-6626.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6626", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. NOTE: It is unclear whether this candidate overlaps CVE-2006-4784 or CVE-2006-4941." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6626", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securityfocus.com/data/vulnerabilities/exploits/21596.html", - "refsource" : "MISC", - "url" : "http://www.securityfocus.com/data/vulnerabilities/exploits/21596.html" - }, - { - "name" : "21596", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21596" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. NOTE: It is unclear whether this candidate overlaps CVE-2006-4784 or CVE-2006-4941." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21596", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21596" + }, + { + "name": "http://www.securityfocus.com/data/vulnerabilities/exploits/21596.html", + "refsource": "MISC", + "url": "http://www.securityfocus.com/data/vulnerabilities/exploits/21596.html" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6815.json b/2006/6xxx/CVE-2006-6815.json index 7898cf3536d..f45d7dbc700 100644 --- a/2006/6xxx/CVE-2006-6815.json +++ b/2006/6xxx/CVE-2006-6815.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6815", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified parameters to (1) set_preferences.asp, (2) send_password_preferences.asp, and (3) SecureLoginManager/list.asp in the Local-Admin Panel." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6815", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061227 Secure Login Manager Multiple Input Validation Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455353/100/0/threaded" - }, - { - "name" : "1017448", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017448" - }, - { - "name" : "secureloginmanager-multiple-xss(31157)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31157" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in DMXReady Secure Login Manager 1.0 allow remote authenticated administrators to inject arbitrary web script or HTML via unspecified parameters to (1) set_preferences.asp, (2) send_password_preferences.asp, and (3) SecureLoginManager/list.asp in the Local-Admin Panel." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017448", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017448" + }, + { + "name": "secureloginmanager-multiple-xss(31157)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31157" + }, + { + "name": "20061227 Secure Login Manager Multiple Input Validation Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455353/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/7xxx/CVE-2006-7060.json b/2006/7xxx/CVE-2006-7060.json index 5a2984b83b6..462945e1944 100644 --- a/2006/7xxx/CVE-2006-7060.json +++ b/2006/7xxx/CVE-2006-7060.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-7060", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an invalid id parameter in a dologin action, which leaks the path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-7060", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060607 E-Dating System from scriptsez.net - XSS", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2006-06/0067.html" - }, - { - "name" : "20535", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20535" - }, - { - "name" : "2300", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2300" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cindex.php in Scriptsez.net E-Dating System allows remote attackers to obtain the full path via an invalid id parameter in a dologin action, which leaks the path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060607 E-Dating System from scriptsez.net - XSS", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2006-06/0067.html" + }, + { + "name": "2300", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2300" + }, + { + "name": "20535", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20535" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0296.json b/2011/0xxx/CVE-2011-0296.json index 7a7367abdd4..3b7dce2fb9f 100644 --- a/2011/0xxx/CVE-2011-0296.json +++ b/2011/0xxx/CVE-2011-0296.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0296", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0296", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0369.json b/2011/0xxx/CVE-2011-0369.json index e2961c5a425..d38c0a7c173 100644 --- a/2011/0xxx/CVE-2011-0369.json +++ b/2011/0xxx/CVE-2011-0369.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0369", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0369", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0750.json b/2011/0xxx/CVE-2011-0750.json index b67de169d26..d4319367d8c 100644 --- a/2011/0xxx/CVE-2011-0750.json +++ b/2011/0xxx/CVE-2011-0750.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0750", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0750", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1903.json b/2011/1xxx/CVE-2011-1903.json index 2950cce9115..c7e99727679 100644 --- a/2011/1xxx/CVE-2011-1903.json +++ b/2011/1xxx/CVE-2011-1903.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1903", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1903", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php", - "refsource" : "MISC", - "url" : "http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php" - }, - { - "name" : "https://support.proofpoint.com/article.cgi?article_id=338413", - "refsource" : "MISC", - "url" : "https://support.proofpoint.com/article.cgi?article_id=338413" - }, - { - "name" : "VU#790980", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/790980" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in an unspecified function in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.proofpoint.com/article.cgi?article_id=338413", + "refsource": "MISC", + "url": "https://support.proofpoint.com/article.cgi?article_id=338413" + }, + { + "name": "VU#790980", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/790980" + }, + { + "name": "http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php", + "refsource": "MISC", + "url": "http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2182.json b/2011/2xxx/CVE-2011-2182.json index 4e3e2c90edf..0cf9cc20261 100644 --- a/2011/2xxx/CVE-2011-2182.json +++ b/2011/2xxx/CVE-2011-2182.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2182", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel before 2.6.39.1 does not properly handle memory allocation for non-initial fragments, which might allow local users to conduct buffer overflow attacks, and gain privileges or obtain sensitive information, via a crafted LDM partition table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1017." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-2182", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110605 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/06/05/1" - }, - { - "name" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.1", - "refsource" : "CONFIRM", - "url" : "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.1" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cae13fe4cc3f24820ffb990c09110626837e85d4", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cae13fe4cc3f24820ffb990c09110626837e85d4" - }, - { - "name" : "https://github.com/torvalds/linux/commit/cae13fe4cc3f24820ffb990c09110626837e85d4", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/cae13fe4cc3f24820ffb990c09110626837e85d4" - }, - { - "name" : "HPSBGN02970", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=139447903326211&w=2" - }, - { - "name" : "52334", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/52334" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ldm_frag_add function in fs/partitions/ldm.c in the Linux kernel before 2.6.39.1 does not properly handle memory allocation for non-initial fragments, which might allow local users to conduct buffer overflow attacks, and gain privileges or obtain sensitive information, via a crafted LDM partition table. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1017." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "52334", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/52334" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cae13fe4cc3f24820ffb990c09110626837e85d4", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cae13fe4cc3f24820ffb990c09110626837e85d4" + }, + { + "name": "https://github.com/torvalds/linux/commit/cae13fe4cc3f24820ffb990c09110626837e85d4", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/cae13fe4cc3f24820ffb990c09110626837e85d4" + }, + { + "name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.1", + "refsource": "CONFIRM", + "url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.1" + }, + { + "name": "[oss-security] 20110605 Re: CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/06/05/1" + }, + { + "name": "HPSBGN02970", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3324.json b/2011/3xxx/CVE-2011-3324.json index 0f538b9f3ea..1c0a31b8fd3 100644 --- a/2011/3xxx/CVE-2011-3324.json +++ b/2011/3xxx/CVE-2011-3324.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3324", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2011-3324", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.cert.fi/en/reports/2011/vulnerability539178.html", - "refsource" : "MISC", - "url" : "https://www.cert.fi/en/reports/2011/vulnerability539178.html" - }, - { - "name" : "http://code.quagga.net/?p=quagga.git;a=commit;h=09395e2a0e93b2cf4258cb1de91887948796bb68", - "refsource" : "CONFIRM", - "url" : "http://code.quagga.net/?p=quagga.git;a=commit;h=09395e2a0e93b2cf4258cb1de91887948796bb68" - }, - { - "name" : "http://www.quagga.net/download/quagga-0.99.19.changelog.txt", - "refsource" : "CONFIRM", - "url" : "http://www.quagga.net/download/quagga-0.99.19.changelog.txt" - }, - { - "name" : "DSA-2316", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2316" - }, - { - "name" : "GLSA-201202-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201202-02.xml" - }, - { - "name" : "RHSA-2012:1258", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1258.html" - }, - { - "name" : "RHSA-2012:1259", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1259.html" - }, - { - "name" : "SUSE-SU-2011:1075", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.html" - }, - { - "name" : "openSUSE-SU-2011:1155", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.html" - }, - { - "name" : "SUSE-SU-2011:1171", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.html" - }, - { - "name" : "SUSE-SU-2011:1316", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html" - }, - { - "name" : "VU#668534", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/668534" - }, - { - "name" : "46139", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/46139" - }, - { - "name" : "46274", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/46274" - }, - { - "name" : "48106", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48106" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via trailing zero values in the Link State Advertisement (LSA) header list of an IPv6 Database Description message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.quagga.net/download/quagga-0.99.19.changelog.txt", + "refsource": "CONFIRM", + "url": "http://www.quagga.net/download/quagga-0.99.19.changelog.txt" + }, + { + "name": "VU#668534", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/668534" + }, + { + "name": "http://code.quagga.net/?p=quagga.git;a=commit;h=09395e2a0e93b2cf4258cb1de91887948796bb68", + "refsource": "CONFIRM", + "url": "http://code.quagga.net/?p=quagga.git;a=commit;h=09395e2a0e93b2cf4258cb1de91887948796bb68" + }, + { + "name": "DSA-2316", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2316" + }, + { + "name": "RHSA-2012:1259", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1259.html" + }, + { + "name": "https://www.cert.fi/en/reports/2011/vulnerability539178.html", + "refsource": "MISC", + "url": "https://www.cert.fi/en/reports/2011/vulnerability539178.html" + }, + { + "name": "46139", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/46139" + }, + { + "name": "SUSE-SU-2011:1075", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00027.html" + }, + { + "name": "openSUSE-SU-2011:1155", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00007.html" + }, + { + "name": "GLSA-201202-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201202-02.xml" + }, + { + "name": "RHSA-2012:1258", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1258.html" + }, + { + "name": "SUSE-SU-2011:1316", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00009.html" + }, + { + "name": "46274", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/46274" + }, + { + "name": "48106", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48106" + }, + { + "name": "SUSE-SU-2011:1171", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00010.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3710.json b/2011/3xxx/CVE-2011-3710.json index fa2c90abd2a..feb5509a989 100644 --- a/2011/3xxx/CVE-2011-3710.json +++ b/2011/3xxx/CVE-2011-3710.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3710", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "bbPress 1.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by bb-templates/kakumei/view.php and certain other files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3710", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6" - }, - { - "name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", - "refsource" : "MISC", - "url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" - }, - { - "name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/bbpress-1.0.2", - "refsource" : "MISC", - "url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/bbpress-1.0.2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "bbPress 1.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by bb-templates/kakumei/view.php and certain other files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/06/27/6" + }, + { + "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/bbpress-1.0.2", + "refsource": "MISC", + "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/bbpress-1.0.2" + }, + { + "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", + "refsource": "MISC", + "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4307.json b/2011/4xxx/CVE-2011-4307.json index 2f887abac45..6e7e8f9d9b9 100644 --- a/2011/4xxx/CVE-2011-4307.json +++ b/2011/4xxx/CVE-2011-4307.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4307", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in mod/wiki/lang/en/wiki.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the section parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-4307", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.moodle.org/gw?p=moodle.git;a=commit;h=41017112cff7f5bd7969c72d321320f3090e7c68", - "refsource" : "CONFIRM", - "url" : "http://git.moodle.org/gw?p=moodle.git;a=commit;h=41017112cff7f5bd7969c72d321320f3090e7c68" - }, - { - "name" : "http://moodle.org/mod/forum/discuss.php?d=188321", - "refsource" : "CONFIRM", - "url" : "http://moodle.org/mod/forum/discuss.php?d=188321" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=747444", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=747444" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in mod/wiki/lang/en/wiki.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the section parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=41017112cff7f5bd7969c72d321320f3090e7c68", + "refsource": "CONFIRM", + "url": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=41017112cff7f5bd7969c72d321320f3090e7c68" + }, + { + "name": "http://moodle.org/mod/forum/discuss.php?d=188321", + "refsource": "CONFIRM", + "url": "http://moodle.org/mod/forum/discuss.php?d=188321" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=747444", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=747444" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4499.json b/2011/4xxx/CVE-2011-4499.json index 616fe76f222..caa7b145d54 100644 --- a/2011/4xxx/CVE-2011-4499.json +++ b/2011/4xxx/CVE-2011-4499.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4499", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an \"external forwarding\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4499", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.upnp-hacks.org/devices.html", - "refsource" : "MISC", - "url" : "http://www.upnp-hacks.org/devices.html" - }, - { - "name" : "VU#357851", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/357851" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an \"external forwarding\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.upnp-hacks.org/devices.html", + "refsource": "MISC", + "url": "http://www.upnp-hacks.org/devices.html" + }, + { + "name": "VU#357851", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/357851" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4605.json b/2011/4xxx/CVE-2011-4605.json index 81e787a943f..a8e9642706c 100644 --- a/2011/4xxx/CVE-2011-4605.json +++ b/2011/4xxx/CVE-2011-4605.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4605", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly restrict write access, which allows remote attackers to add, delete, or modify items in a JNDI tree via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-4605", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=766469", - "refsource" : "MISC", - "url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=766469" - }, - { - "name" : "RHSA-2012:1022", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1022.html" - }, - { - "name" : "RHSA-2012:1023", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1023.html" - }, - { - "name" : "RHSA-2012:1024", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1024.html" - }, - { - "name" : "RHSA-2012:1025", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1025.html" - }, - { - "name" : "RHSA-2012:1026", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1026.html" - }, - { - "name" : "RHSA-2012:1027", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1027.html" - }, - { - "name" : "RHSA-2012:1028", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1028.html" - }, - { - "name" : "RHSA-2012:1109", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1109.html" - }, - { - "name" : "RHSA-2012:1125", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1125.html" - }, - { - "name" : "RHSA-2012:1232", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1232.html" - }, - { - "name" : "RHSA-2012:1295", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2012-1295.html" - }, - { - "name" : "54644", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/54644" - }, - { - "name" : "1027501", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027501" - }, - { - "name" : "49656", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49656" - }, - { - "name" : "49658", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49658" - }, - { - "name" : "50084", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50084" - }, - { - "name" : "50549", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/50549" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.CP05, Portal Platform 4.3 CP07 and 5.2.x before 5.2.2, and BRMS Platform before 5.3.0 do not properly restrict write access, which allows remote attackers to add, delete, or modify items in a JNDI tree via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1027501", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027501" + }, + { + "name": "49656", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49656" + }, + { + "name": "RHSA-2012:1028", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1028.html" + }, + { + "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=766469", + "refsource": "MISC", + "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=766469" + }, + { + "name": "49658", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49658" + }, + { + "name": "RHSA-2012:1109", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1109.html" + }, + { + "name": "RHSA-2012:1025", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1025.html" + }, + { + "name": "50084", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50084" + }, + { + "name": "RHSA-2012:1295", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1295.html" + }, + { + "name": "RHSA-2012:1027", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1027.html" + }, + { + "name": "54644", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/54644" + }, + { + "name": "RHSA-2012:1026", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1026.html" + }, + { + "name": "50549", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/50549" + }, + { + "name": "RHSA-2012:1024", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1024.html" + }, + { + "name": "RHSA-2012:1232", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1232.html" + }, + { + "name": "RHSA-2012:1022", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1022.html" + }, + { + "name": "RHSA-2012:1023", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1023.html" + }, + { + "name": "RHSA-2012:1125", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2012-1125.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1115.json b/2013/1xxx/CVE-2013-1115.json index 8124ef01842..6cc6dc3ef14 100644 --- a/2013/1xxx/CVE-2013-1115.json +++ b/2013/1xxx/CVE-2013-1115.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1115", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ARF file, aka Bug IDs CSCue74118, CSCub28371, CSCud23401, and CSCud31109." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2013-1115", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ARF file, aka Bug IDs CSCue74118, CSCub28371, CSCud23401, and CSCud31109." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1163.json b/2013/1xxx/CVE-2013-1163.json index fc454f64571..03756c878f0 100644 --- a/2013/1xxx/CVE-2013-1163.json +++ b/2013/1xxx/CVE-2013-1163.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1163", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCue14553 and CSCue38746." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2013-1163", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130401 Cisco Connected Grid Network Management System SQL Injection Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1163" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCue14553 and CSCue38746." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20130401 Cisco Connected Grid Network Management System SQL Injection Vulnerabilities", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1163" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5029.json b/2013/5xxx/CVE-2013-5029.json index a58f3210fc4..aad45eb2698 100644 --- a/2013/5xxx/CVE-2013-5029.json +++ b/2013/5xxx/CVE-2013-5029.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5029", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-5029", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/240b8332db53dedc27baeec5306dabad3bdece3b", - "refsource" : "MISC", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/240b8332db53dedc27baeec5306dabad3bdece3b" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/24d0eb55203b029f250c77d63f2900ffbe099e8b", - "refsource" : "MISC", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/24d0eb55203b029f250c77d63f2900ffbe099e8b" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/66fe475d4f51b1761719cb0cab360748800373f7", - "refsource" : "MISC", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/66fe475d4f51b1761719cb0cab360748800373f7" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/da4042fb6c4365dc8187765c3bf525043687c66f", - "refsource" : "MISC", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/da4042fb6c4365dc8187765c3bf525043687c66f" - }, - { - "name" : "http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php", - "refsource" : "CONFIRM", - "url" : "http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php" - }, - { - "name" : "openSUSE-SU-2013:1343", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00013.html" - }, - { - "name" : "54488", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/54488" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2013:1343", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00013.html" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/240b8332db53dedc27baeec5306dabad3bdece3b", + "refsource": "MISC", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/240b8332db53dedc27baeec5306dabad3bdece3b" + }, + { + "name": "54488", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/54488" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/24d0eb55203b029f250c77d63f2900ffbe099e8b", + "refsource": "MISC", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/24d0eb55203b029f250c77d63f2900ffbe099e8b" + }, + { + "name": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php", + "refsource": "CONFIRM", + "url": "http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/66fe475d4f51b1761719cb0cab360748800373f7", + "refsource": "MISC", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/66fe475d4f51b1761719cb0cab360748800373f7" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/da4042fb6c4365dc8187765c3bf525043687c66f", + "refsource": "MISC", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/da4042fb6c4365dc8187765c3bf525043687c66f" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5429.json b/2013/5xxx/CVE-2013-5429.json index 1c7f7dbe583..8bdf81f49db 100644 --- a/2013/5xxx/CVE-2013-5429.json +++ b/2013/5xxx/CVE-2013-5429.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5429", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.2 before FP9 does not prevent reuse of One Time Password (OTP) tokens, which makes it easier for remote authenticated users to complete transactions by leveraging access to an already-used token." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-5429", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21660509", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21660509" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21660510", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21660510" - }, - { - "name" : "IV52624", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV52624" - }, - { - "name" : "ibm-tivoli-cve20135429-sec-bypass(87561)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/87561" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.2 before FP9 does not prevent reuse of One Time Password (OTP) tokens, which makes it easier for remote authenticated users to complete transactions by leveraging access to an already-used token." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21660510", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660510" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21660509", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660509" + }, + { + "name": "IV52624", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV52624" + }, + { + "name": "ibm-tivoli-cve20135429-sec-bypass(87561)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87561" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5742.json b/2013/5xxx/CVE-2013-5742.json index edb2e4a90be..136d5f47de0 100644 --- a/2013/5xxx/CVE-2013-5742.json +++ b/2013/5xxx/CVE-2013-5742.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5742", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-5742", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5866.json b/2013/5xxx/CVE-2013-5866.json index c10b27cbd16..56a4cdd1138 100644 --- a/2013/5xxx/CVE-2013-5866.json +++ b/2013/5xxx/CVE-2013-5866.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5866", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2013-5866", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" - }, - { - "name" : "63070", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/63070" - }, - { - "name" : "98499", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/98499" - }, - { - "name" : "oracle-cpuoct2013-cve20135866(88011)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/88011" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Kernel." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "98499", + "refsource": "OSVDB", + "url": "http://osvdb.org/98499" + }, + { + "name": "63070", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/63070" + }, + { + "name": "oracle-cpuoct2013-cve20135866(88011)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88011" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5994.json b/2013/5xxx/CVE-2013-5994.json index c0f5bc69496..25bc5629baa 100644 --- a/2013/5xxx/CVE-2013-5994.json +++ b/2013/5xxx/CVE-2013-5994.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5994", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php in LOCKON EC-CUBE 2.11.2 through 2.13.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2013-5994", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://svn.ec-cube.net/open_trac/changeset/23278", - "refsource" : "CONFIRM", - "url" : "http://svn.ec-cube.net/open_trac/changeset/23278" - }, - { - "name" : "http://www.ec-cube.net/info/weakness/weakness.php?id=52", - "refsource" : "CONFIRM", - "url" : "http://www.ec-cube.net/info/weakness/weakness.php?id=52" - }, - { - "name" : "JVN#06870202", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN06870202/index.html" - }, - { - "name" : "JVNDB-2013-000098", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000098" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php in LOCKON EC-CUBE 2.11.2 through 2.13.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#06870202", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN06870202/index.html" + }, + { + "name": "http://svn.ec-cube.net/open_trac/changeset/23278", + "refsource": "CONFIRM", + "url": "http://svn.ec-cube.net/open_trac/changeset/23278" + }, + { + "name": "JVNDB-2013-000098", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000098" + }, + { + "name": "http://www.ec-cube.net/info/weakness/weakness.php?id=52", + "refsource": "CONFIRM", + "url": "http://www.ec-cube.net/info/weakness/weakness.php?id=52" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2215.json b/2014/2xxx/CVE-2014-2215.json index c131f38b24a..f31fe62ecde 100644 --- a/2014/2xxx/CVE-2014-2215.json +++ b/2014/2xxx/CVE-2014-2215.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2215", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-2215", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2344.json b/2014/2xxx/CVE-2014-2344.json index 037440d68ed..0bbcefcbd08 100644 --- a/2014/2xxx/CVE-2014-2344.json +++ b/2014/2xxx/CVE-2014-2344.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2344", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-2344", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2551.json b/2014/2xxx/CVE-2014-2551.json index d8b464011c7..332ba294501 100644 --- a/2014/2xxx/CVE-2014-2551.json +++ b/2014/2xxx/CVE-2014-2551.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2551", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-2551", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2764.json b/2014/2xxx/CVE-2014-2764.json index 832724a62f2..0103f3e75eb 100644 --- a/2014/2xxx/CVE-2014-2764.json +++ b/2014/2xxx/CVE-2014-2764.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2764", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1797, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2769, and CVE-2014-2771." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-2764", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-035", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" - }, - { - "name" : "67848", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67848" - }, - { - "name" : "1030370", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030370" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-1772, CVE-2014-1780, CVE-2014-1794, CVE-2014-1797, CVE-2014-1802, CVE-2014-2756, CVE-2014-2763, CVE-2014-2769, and CVE-2014-2771." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "67848", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67848" + }, + { + "name": "1030370", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030370" + }, + { + "name": "MS14-035", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-035" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6172.json b/2014/6xxx/CVE-2014-6172.json index cf918b8e587..d8edd2634d1 100644 --- a/2014/6xxx/CVE-2014-6172.json +++ b/2014/6xxx/CVE-2014-6172.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6172", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM API Management 3.0 before 3.0.4.0 IF1 allows remote attackers to obtain sensitive analytics information in an encrypted form via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-6172", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21694460", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21694460" - }, - { - "name" : "LI78291", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1LI78291" - }, - { - "name" : "1031613", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031613" - }, - { - "name" : "ibm-apim-cve20146172-sec-bypass(98417)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98417" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM API Management 3.0 before 3.0.4.0 IF1 allows remote attackers to obtain sensitive analytics information in an encrypted form via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031613", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031613" + }, + { + "name": "ibm-apim-cve20146172-sec-bypass(98417)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98417" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21694460", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21694460" + }, + { + "name": "LI78291", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LI78291" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6287.json b/2014/6xxx/CVE-2014-6287.json index 335bf8daf9e..d39e9d7714e 100644 --- a/2014/6xxx/CVE-2014-6287.json +++ b/2014/6xxx/CVE-2014-6287.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6287", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-6287", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39161", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39161/" - }, - { - "name" : "http://packetstormsecurity.com/files/128243/HttpFileServer-2.3.x-Remote-Command-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/128243/HttpFileServer-2.3.x-Remote-Command-Execution.html" - }, - { - "name" : "https://github.com/rapid7/metasploit-framework/pull/3793", - "refsource" : "MISC", - "url" : "https://github.com/rapid7/metasploit-framework/pull/3793" - }, - { - "name" : "http://packetstormsecurity.com/files/135122/Rejetto-HTTP-File-Server-2.3.x-Remote-Code-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135122/Rejetto-HTTP-File-Server-2.3.x-Remote-Code-Execution.html" - }, - { - "name" : "VU#251276", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/251276" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#251276", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/251276" + }, + { + "name": "39161", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39161/" + }, + { + "name": "http://packetstormsecurity.com/files/128243/HttpFileServer-2.3.x-Remote-Command-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/128243/HttpFileServer-2.3.x-Remote-Command-Execution.html" + }, + { + "name": "https://github.com/rapid7/metasploit-framework/pull/3793", + "refsource": "MISC", + "url": "https://github.com/rapid7/metasploit-framework/pull/3793" + }, + { + "name": "http://packetstormsecurity.com/files/135122/Rejetto-HTTP-File-Server-2.3.x-Remote-Code-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135122/Rejetto-HTTP-File-Server-2.3.x-Remote-Code-Execution.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6647.json b/2014/6xxx/CVE-2014-6647.json index e0aeac7c7b4..ebc7b19a43f 100644 --- a/2014/6xxx/CVE-2014-6647.json +++ b/2014/6xxx/CVE-2014-6647.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6647", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ElForro.com (aka com.tapatalk.elforrocom) application 2.4.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-6647", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#675161", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/675161" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ElForro.com (aka com.tapatalk.elforrocom) application 2.4.3.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#675161", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/675161" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6849.json b/2014/6xxx/CVE-2014-6849.json index ce8bd9d3e7f..59e8ae9d772 100644 --- a/2014/6xxx/CVE-2014-6849.json +++ b/2014/6xxx/CVE-2014-6849.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6849", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-6849", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7656.json b/2014/7xxx/CVE-2014-7656.json index 7db2907cd9a..342619c282e 100644 --- a/2014/7xxx/CVE-2014-7656.json +++ b/2014/7xxx/CVE-2014-7656.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7656", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Indian Management (aka com.magzter.indianmanagement) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-7656", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#866121", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/866121" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Indian Management (aka com.magzter.indianmanagement) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#866121", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/866121" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0221.json b/2017/0xxx/CVE-2017-0221.json index 21196793a5c..3a863f7ce55 100644 --- a/2017/0xxx/CVE-2017-0221.json +++ b/2017/0xxx/CVE-2017-0221.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2017-0221", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 Version 1607 for 32-bit Systems and Windows 10 Version 1607 for x64-based Systems." - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2017-0221", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems and Windows 10 Version 1607 for x64-based Systems." + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0221", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0221" - }, - { - "name" : "98147", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98147" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \"Microsoft Edge Memory Corruption Vulnerability.\" This CVE ID is unique from CVE-2017-0227 and CVE-2017-0240." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "98147", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98147" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0221", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0221" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0272.json b/2017/0xxx/CVE-2017-0272.json index d2bc646a9bf..4231425375a 100644 --- a/2017/0xxx/CVE-2017-0272.json +++ b/2017/0xxx/CVE-2017-0272.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2017-0272", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Server Message Block 1.0", - "version" : { - "version_data" : [ - { - "version_value" : "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016." - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka \"Windows SMB Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0277, CVE-2017-0278, and CVE-2017-0279." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2017-0272", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Server Message Block 1.0", + "version": { + "version_data": [ + { + "version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016." + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" - }, - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0272", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0272" - }, - { - "name" : "98260", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98260" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it handles certain requests, aka \"Windows SMB Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-0277, CVE-2017-0278, and CVE-2017-0279." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "98260", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98260" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0272", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0272" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02" + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000001.json b/2017/1000xxx/CVE-2017-1000001.json index 898d39a92d6..695ff517f69 100644 --- a/2017/1000xxx/CVE-2017-1000001.json +++ b/2017/1000xxx/CVE-2017-1000001.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "ID" : "CVE-2017-1000001", - "REQUESTER" : "puiterwijk@redhat.com", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "fedmsg", - "version" : { - "version_data" : [ - { - "version_value" : "0.18.1 and older" - } - ] - } - } - ] - }, - "vendor_name" : "Fedora Project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing SSL certification verification" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1000001", + "REQUESTER": "puiterwijk@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/fedora-infra/fedmsg/blob/0.18.2/CHANGELOG.rst", - "refsource" : "CONFIRM", - "url" : "https://github.com/fedora-infra/fedmsg/blob/0.18.2/CHANGELOG.rst" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/fedora-infra/fedmsg/blob/0.18.2/CHANGELOG.rst", + "refsource": "CONFIRM", + "url": "https://github.com/fedora-infra/fedmsg/blob/0.18.2/CHANGELOG.rst" + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000367.json b/2017/1000xxx/CVE-2017-1000367.json index 989111d1528..6a681e1c958 100644 --- a/2017/1000xxx/CVE-2017-1000367.json +++ b/2017/1000xxx/CVE-2017-1000367.json @@ -1,138 +1,138 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "ID" : "CVE-2017-1000367", - "REQUESTER" : "Todd.Miller@courtesan.com", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "sudo", - "version" : { - "version_data" : [ - { - "version_value" : "1.8.20" - } - ] - } - } - ] - }, - "vendor_name" : "sudo" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-20" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1000367", + "REQUESTER": "Todd.Miller@courtesan.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42183", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42183/" - }, - { - "name" : "20170602 Qualys Security Advisory - CVE-2017-1000367 in Sudo's get_process_ttyname() for Linux", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2017/Jun/3" - }, - { - "name" : "[oss-security] 20170530 Qualys Security Advisory - CVE-2017-1000367 in Sudo's get_process_ttyname() for Linux", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2017/05/30/16" - }, - { - "name" : "http://packetstormsecurity.com/files/142783/Sudo-get_process_ttyname-Race-Condition.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/142783/Sudo-get_process_ttyname-Race-Condition.html" - }, - { - "name" : "https://www.sudo.ws/alerts/linux_tty.html", - "refsource" : "CONFIRM", - "url" : "https://www.sudo.ws/alerts/linux_tty.html" - }, - { - "name" : "DSA-3867", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3867" - }, - { - "name" : "FEDORA-2017-54580efa82", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEXC4NNIG2QOZY6N2YUK246KI3D3UQO/" - }, - { - "name" : "GLSA-201705-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201705-15" - }, - { - "name" : "RHSA-2017:1381", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1381" - }, - { - "name" : "RHSA-2017:1382", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1382" - }, - { - "name" : "SUSE-SU-2017:1446", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00077.html" - }, - { - "name" : "SUSE-SU-2017:1450", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00078.html" - }, - { - "name" : "openSUSE-SU-2017:1455", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00079.html" - }, - { - "name" : "USN-3304-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3304-1" - }, - { - "name" : "98745", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98745" - }, - { - "name" : "1038582", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038582" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3304-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3304-1" + }, + { + "name": "GLSA-201705-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201705-15" + }, + { + "name": "98745", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98745" + }, + { + "name": "https://www.sudo.ws/alerts/linux_tty.html", + "refsource": "CONFIRM", + "url": "https://www.sudo.ws/alerts/linux_tty.html" + }, + { + "name": "20170602 Qualys Security Advisory - CVE-2017-1000367 in Sudo's get_process_ttyname() for Linux", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2017/Jun/3" + }, + { + "name": "FEDORA-2017-54580efa82", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXEXC4NNIG2QOZY6N2YUK246KI3D3UQO/" + }, + { + "name": "RHSA-2017:1382", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1382" + }, + { + "name": "http://packetstormsecurity.com/files/142783/Sudo-get_process_ttyname-Race-Condition.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/142783/Sudo-get_process_ttyname-Race-Condition.html" + }, + { + "name": "SUSE-SU-2017:1446", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00077.html" + }, + { + "name": "SUSE-SU-2017:1450", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00078.html" + }, + { + "name": "DSA-3867", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3867" + }, + { + "name": "openSUSE-SU-2017:1455", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00079.html" + }, + { + "name": "42183", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42183/" + }, + { + "name": "[oss-security] 20170530 Qualys Security Advisory - CVE-2017-1000367 in Sudo's get_process_ttyname() for Linux", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2017/05/30/16" + }, + { + "name": "RHSA-2017:1381", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1381" + }, + { + "name": "1038582", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038582" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1318.json b/2017/1xxx/CVE-2017-1318.json index 63f21fa49ff..a8435a34cec 100644 --- a/2017/1xxx/CVE-2017-1318.json +++ b/2017/1xxx/CVE-2017-1318.json @@ -1,91 +1,91 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-07-14T00:00:00", - "ID" : "CVE-2017-1318", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "MQ Appliance", - "version" : { - "version_data" : [ - { - "version_value" : "8.0" - }, - { - "version_value" : "8.0.0.3" - }, - { - "version_value" : "8.0.0.4" - }, - { - "version_value" : "8.0.0.5" - }, - { - "version_value" : "9.0.1" - }, - { - "version_value" : "9.0.2" - }, - { - "version_value" : "8.0.0.6" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution. IBM X-Force ID: 125730." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Privileges" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-07-14T00:00:00", + "ID": "CVE-2017-1318", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MQ Appliance", + "version": { + "version_data": [ + { + "version_value": "8.0" + }, + { + "version_value": "8.0.0.3" + }, + { + "version_value": "8.0.0.4" + }, + { + "version_value": "8.0.0.5" + }, + { + "version_value": "9.0.1" + }, + { + "version_value": "9.0.2" + }, + { + "version_value": "8.0.0.6" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/125730", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/125730" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22003815", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22003815" - }, - { - "name" : "99594", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99594" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute arbitrary commands on the system, caused by command execution. IBM X-Force ID: 125730." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22003815", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22003815" + }, + { + "name": "99594", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99594" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125730", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/125730" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1352.json b/2017/1xxx/CVE-2017-1352.json index bc4e15002c8..368b7115449 100644 --- a/2017/1xxx/CVE-2017-1352.json +++ b/2017/1xxx/CVE-2017-1352.json @@ -1,76 +1,76 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-09-06T00:00:00", - "ID" : "CVE-2017-1352", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Maximo Asset Management", - "version" : { - "version_data" : [ - { - "version_value" : "7.5" - }, - { - "version_value" : "7.6" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Privileges" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-09-06T00:00:00", + "ID": "CVE-2017-1352", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Maximo Asset Management", + "version": { + "version_data": [ + { + "version_value": "7.5" + }, + { + "version_value": "7.6" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126538", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126538" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22006650", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22006650" - }, - { - "name" : "100697", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100697" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into work orders that could be executed by another user that downloads the affected file. IBM X-Force ID: 126538." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22006650", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22006650" + }, + { + "name": "100697", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100697" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126538", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126538" + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1726.json b/2017/1xxx/CVE-2017-1726.json index ebef23a7d11..346f0c5144c 100644 --- a/2017/1xxx/CVE-2017-1726.json +++ b/2017/1xxx/CVE-2017-1726.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1726", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1726", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1814.json b/2017/1xxx/CVE-2017-1814.json index b0de9abc478..ab2067eb8d8 100644 --- a/2017/1xxx/CVE-2017-1814.json +++ b/2017/1xxx/CVE-2017-1814.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1814", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-1814", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1830.json b/2017/1xxx/CVE-2017-1830.json index ee89c722532..6f537d5989e 100644 --- a/2017/1xxx/CVE-2017-1830.json +++ b/2017/1xxx/CVE-2017-1830.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1830", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-1830", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4550.json b/2017/4xxx/CVE-2017-4550.json index f3f1de93052..9d2bf661f09 100644 --- a/2017/4xxx/CVE-2017-4550.json +++ b/2017/4xxx/CVE-2017-4550.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4550", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4550", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4568.json b/2017/4xxx/CVE-2017-4568.json index 2a1bcacae13..40d24637ce5 100644 --- a/2017/4xxx/CVE-2017-4568.json +++ b/2017/4xxx/CVE-2017-4568.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4568", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4568", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4763.json b/2017/4xxx/CVE-2017-4763.json index 2765695f878..c15c7da18cd 100644 --- a/2017/4xxx/CVE-2017-4763.json +++ b/2017/4xxx/CVE-2017-4763.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4763", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4763", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5301.json b/2017/5xxx/CVE-2017-5301.json index b7186566328..5436925e004 100644 --- a/2017/5xxx/CVE-2017-5301.json +++ b/2017/5xxx/CVE-2017-5301.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5301", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5301", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5863.json b/2017/5xxx/CVE-2017-5863.json index a0d0190e584..dc5b70b5160 100644 --- a/2017/5xxx/CVE-2017-5863.json +++ b/2017/5xxx/CVE-2017-5863.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-5863", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-5863", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file