"-Synchronized-Data."

2008/1xxx/CVE-2008-1947.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2008-1947",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 through 5.5.26 and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add."
+                "value": "CVE-2008-1947 Tomcat host manager xss - name field"
             }
         ]
     },
@@ -44,278 +21,372 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+                        "cweId": "CWE-79"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Developer Suite V.3",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:5.5.23-0jpp_12rh",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:5.5.23-0jpp.7.el5_2.1",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Network Satellite Server v 5.0",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:5.0.30-0jpp_12rh",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Network Satellite Server v 5.1",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:5.0.30-0jpp_12rh",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "RHAPS Version 2 for RHEL 4",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:5.5.23-0jpp_4rh.9",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "20080602 [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability",
-                "refsource": "BUGTRAQ",
-                "url": "http://www.securityfocus.com/archive/1/492958/100/0/threaded"
+                "url": "http://secunia.com/advisories/37460",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/37460"
             },
             {
-                "name": "30500",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/30500"
+                "url": "http://tomcat.apache.org/security-5.html",
+                "refsource": "MISC",
+                "name": "http://tomcat.apache.org/security-5.html"
             },
             {
-                "name": "RHSA-2008:0862",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html"
+                "url": "http://tomcat.apache.org/security-6.html",
+                "refsource": "MISC",
+                "name": "http://tomcat.apache.org/security-6.html"
             },
             {
-                "name": "34013",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/34013"
+                "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
             },
             {
-                "name": "[tomcat-user] 20080602 [SECURITY] CVE-2008-1947: Tomcat host-manager XSS vulnerability",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=tomcat-user&m=121244319501278&w=2"
+                "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
+                "refsource": "MISC",
+                "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
             },
             {
-                "name": "oval:org.mitre.oval:def:6009",
-                "refsource": "OVAL",
-                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6009"
+                "url": "http://www.vupen.com/english/advisories/2009/3316",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2009/3316"
             },
             {
-                "name": "ADV-2008-2823",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2008/2823"
+                "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E",
+                "refsource": "MISC",
+                "name": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e%40%3Cdev.tomcat.apache.org%3E"
             },
             {
-                "name": "apache-tomcat-hostmanager-xss(42816)",
-                "refsource": "XF",
-                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42816"
+                "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E",
+                "refsource": "MISC",
+                "name": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa%40%3Cdev.tomcat.apache.org%3E"
             },
             {
-                "name": "37460",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/37460"
+                "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E",
+                "refsource": "MISC",
+                "name": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf%40%3Cdev.tomcat.apache.org%3E"
             },
             {
-                "name": "http://www.vmware.com/security/advisories/VMSA-2009-0002.html",
-                "refsource": "CONFIRM",
-                "url": "http://www.vmware.com/security/advisories/VMSA-2009-0002.html"
+                "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E",
+                "refsource": "MISC",
+                "name": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5%40%3Cdev.tomcat.apache.org%3E"
             },
             {
-                "name": "31681",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/31681"
+                "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html",
+                "refsource": "MISC",
+                "name": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
             },
             {
-                "name": "32120",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/32120"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
             },
             {
-                "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
-                "refsource": "CONFIRM",
-                "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html"
+                "url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=bugtraq&m=139344343412337&w=2"
             },
             {
-                "name": "ADV-2008-1725",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2008/1725"
+                "url": "http://secunia.com/advisories/32120",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/32120"
             },
             {
-                "name": "30592",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/30592"
+                "url": "http://secunia.com/advisories/32222",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/32222"
             },
             {
-                "name": "33999",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/33999"
+                "url": "http://secunia.com/advisories/32266",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/32266"
             },
             {
-                "name": "oval:org.mitre.oval:def:11534",
-                "refsource": "OVAL",
-                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11534"
+                "url": "http://secunia.com/advisories/57126",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/57126"
             },
             {
-                "name": "29502",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/29502"
+                "url": "http://support.apple.com/kb/HT3216",
+                "refsource": "MISC",
+                "name": "http://support.apple.com/kb/HT3216"
             },
             {
-                "name": "31865",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/31865"
+                "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm",
+                "refsource": "MISC",
+                "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm"
             },
             {
-                "name": "FEDORA-2008-8130",
-                "refsource": "FEDORA",
-                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:188",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:188"
             },
             {
-                "name": "31639",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/31639"
+                "url": "http://www.redhat.com/support/errata/RHSA-2008-0862.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2008-0862.html"
             },
             {
-                "name": "30967",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/30967"
+                "url": "http://www.securityfocus.com/bid/31681",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/31681"
             },
             {
-                "name": "MDVSA-2008:188",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:188"
+                "url": "http://www.vupen.com/english/advisories/2008/2780",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2008/2780"
             },
             {
-                "name": "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm",
-                "refsource": "CONFIRM",
-                "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-401.htm"
+                "url": "http://www.vupen.com/english/advisories/2008/2823",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2008/2823"
             },
             {
-                "name": "ADV-2009-0320",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2009/0320"
+                "url": "https://access.redhat.com/errata/RHSA-2008:0862",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2008:0862"
             },
             {
-                "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components",
-                "refsource": "BUGTRAQ",
-                "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded"
+                "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=bugtraq&m=123376588623823&w=2"
             },
             {
-                "name": "RHSA-2008:0864",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2008-0864.html"
+                "url": "http://secunia.com/advisories/31639",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/31639"
             },
             {
-                "name": "SUSE-SR:2009:004",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html"
+                "url": "http://secunia.com/advisories/31865",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/31865"
             },
             {
-                "name": "http://tomcat.apache.org/security-6.html",
-                "refsource": "CONFIRM",
-                "url": "http://tomcat.apache.org/security-6.html"
+                "url": "http://secunia.com/advisories/31891",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/31891"
             },
             {
-                "name": "57126",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/57126"
+                "url": "http://secunia.com/advisories/33797",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/33797"
             },
             {
-                "name": "32222",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/32222"
+                "url": "http://secunia.com/advisories/33999",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/33999"
             },
             {
-                "name": "31891",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/31891"
+                "url": "http://secunia.com/advisories/34013",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/34013"
             },
             {
-                "name": "33797",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/33797"
+                "url": "http://www.redhat.com/support/errata/RHSA-2008-0648.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2008-0648.html"
             },
             {
-                "name": "1020624",
-                "refsource": "SECTRACK",
-                "url": "http://www.securitytracker.com/id?1020624"
+                "url": "http://www.redhat.com/support/errata/RHSA-2008-0864.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2008-0864.html"
             },
             {
-                "name": "SUSE-SR:2008:014",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
+                "url": "http://www.vmware.com/security/advisories/VMSA-2009-0002.html",
+                "refsource": "MISC",
+                "name": "http://www.vmware.com/security/advisories/VMSA-2009-0002.html"
             },
             {
-                "name": "FEDORA-2008-7977",
-                "refsource": "FEDORA",
-                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html"
+                "url": "http://www.vupen.com/english/advisories/2009/0320",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2009/0320"
             },
             {
-                "name": "FEDORA-2008-8113",
-                "refsource": "FEDORA",
-                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html"
+                "url": "http://www.vupen.com/english/advisories/2009/0503",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2009/0503"
             },
             {
-                "name": "http://tomcat.apache.org/security-5.html",
-                "refsource": "CONFIRM",
-                "url": "http://tomcat.apache.org/security-5.html"
+                "url": "https://access.redhat.com/errata/RHSA-2008:0648",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2008:0648"
             },
             {
-                "name": "ADV-2008-2780",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2008/2780"
+                "url": "https://access.redhat.com/errata/RHSA-2008:0864",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2008:0864"
             },
             {
-                "name": "HPSBUX02401",
-                "refsource": "HP",
-                "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2"
+                "url": "https://access.redhat.com/errata/RHSA-2008:1007",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2008:1007"
             },
             {
-                "name": "HPSBST02955",
-                "refsource": "HP",
-                "url": "http://marc.info/?l=bugtraq&m=139344343412337&w=2"
+                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html",
+                "refsource": "MISC",
+                "name": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00712.html"
             },
             {
-                "name": "APPLE-SA-2008-10-09",
-                "refsource": "APPLE",
-                "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
+                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html",
+                "refsource": "MISC",
+                "name": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00859.html"
             },
             {
-                "name": "http://support.apple.com/kb/HT3216",
-                "refsource": "CONFIRM",
-                "url": "http://support.apple.com/kb/HT3216"
+                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html",
+                "refsource": "MISC",
+                "name": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00889.html"
             },
             {
-                "name": "ADV-2009-0503",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2009/0503"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html"
             },
             {
-                "name": "ADV-2009-3316",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2009/3316"
+                "url": "http://marc.info/?l=tomcat-user&m=121244319501278&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=tomcat-user&m=121244319501278&w=2"
             },
             {
-                "name": "SSRT090005",
-                "refsource": "HP",
-                "url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2"
+                "url": "http://secunia.com/advisories/30500",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/30500"
             },
             {
-                "name": "DSA-1593",
-                "refsource": "DEBIAN",
-                "url": "http://www.debian.org/security/2008/dsa-1593"
+                "url": "http://secunia.com/advisories/30592",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/30592"
             },
             {
-                "name": "32266",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/32266"
+                "url": "http://secunia.com/advisories/30967",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/30967"
             },
             {
-                "name": "RHSA-2008:0648",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2008-0648.html"
+                "url": "http://www.debian.org/security/2008/dsa-1593",
+                "refsource": "MISC",
+                "name": "http://www.debian.org/security/2008/dsa-1593"
             },
             {
-                "refsource": "MLIST",
-                "name": "[tomcat-dev] 20190319 svn commit: r1855831 [22/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
-                "url": "https://lists.apache.org/thread.html/06cfb634bc7bf37af7d8f760f118018746ad8efbd519c4b789ac9c2e@%3Cdev.tomcat.apache.org%3E"
+                "url": "http://www.securityfocus.com/archive/1/492958/100/0/threaded",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/archive/1/492958/100/0/threaded"
             },
             {
-                "refsource": "MLIST",
-                "name": "[tomcat-dev] 20190325 svn commit: r1856174 [20/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
-                "url": "https://lists.apache.org/thread.html/8dcaf7c3894d66cb717646ea1504ea6e300021c85bb4e677dc16b1aa@%3Cdev.tomcat.apache.org%3E"
+                "url": "http://www.securityfocus.com/bid/29502",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/29502"
             },
             {
-                "refsource": "MLIST",
-                "name": "[tomcat-dev] 20200203 svn commit: r1873527 [22/30] - /tomcat/site/trunk/docs/",
-                "url": "https://lists.apache.org/thread.html/r584a714f141eff7b1c358d4679288177bd4ca4558e9999d15867d4b5@%3Cdev.tomcat.apache.org%3E"
+                "url": "http://www.securitytracker.com/id?1020624",
+                "refsource": "MISC",
+                "name": "http://www.securitytracker.com/id?1020624"
             },
             {
-                "refsource": "MLIST",
-                "name": "[tomcat-dev] 20200213 svn commit: r1873980 [25/34] - /tomcat/site/trunk/docs/",
-                "url": "https://lists.apache.org/thread.html/r3aacc40356defc3f248aa504b1e48e819dd0471a0a83349080c6bcbf@%3Cdev.tomcat.apache.org%3E"
+                "url": "http://www.vupen.com/english/advisories/2008/1725",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2008/1725"
+            },
+            {
+                "url": "https://access.redhat.com/security/cve/CVE-2008-1947",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2008-1947"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=446393",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=446393"
+            },
+            {
+                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42816",
+                "refsource": "MISC",
+                "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42816"
+            },
+            {
+                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11534",
+                "refsource": "MISC",
+                "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11534"
+            },
+            {
+                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6009",
+                "refsource": "MISC",
+                "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6009"
             }
         ]
     }

2008/1xxx/CVE-2008-1951.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2008-1951",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability (sblim) libraries before 1-13a.el4_6.1 in Red Hat Enterprise Linux (RHEL) 4, and before 1-31.el5_2.1 in RHEL 5, allows local users to gain privileges via a malicious library in a certain subdirectory of /var/tmp, related to an incorrect RPATH setting, as demonstrated by a malicious libc.so library for tog-pegasus."
+                "value": "CVE-2008-1951 sblim: libraries built with insecure RPATH"
             }
         ]
     },
@@ -44,48 +21,119 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Untrusted Search Path",
+                        "cweId": "CWE-426"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Enterprise Linux 4",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:1-13a.el4_6.1",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:1-31.el5_2.1",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "30803",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/30803"
+                "url": "http://secunia.com/advisories/30803",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/30803"
             },
             {
-                "name": "oval:org.mitre.oval:def:9635",
-                "refsource": "OVAL",
-                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9635"
+                "url": "http://www.securityfocus.com/bid/29913",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/29913"
             },
             {
-                "name": "redhat-sblim-privilege-escalation(43315)",
-                "refsource": "XF",
-                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43315"
+                "url": "http://www.securitytracker.com/id?1020354",
+                "refsource": "MISC",
+                "name": "http://www.securitytracker.com/id?1020354"
             },
             {
-                "name": "RHSA-2008:0497",
-                "refsource": "REDHAT",
-                "url": "https://rhn.redhat.com/errata/RHSA-2008-0497.html"
+                "url": "https://access.redhat.com/errata/RHSA-2008:0497",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2008:0497"
             },
             {
-                "name": "1020354",
-                "refsource": "SECTRACK",
-                "url": "http://www.securitytracker.com/id?1020354"
+                "url": "https://access.redhat.com/security/cve/CVE-2008-1951",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2008-1951"
             },
             {
-                "name": "29913",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/29913"
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=447705",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=447705"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=447705",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=447705"
+                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43315",
+                "refsource": "MISC",
+                "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43315"
+            },
+            {
+                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9635",
+                "refsource": "MISC",
+                "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9635"
+            },
+            {
+                "url": "https://rhn.redhat.com/errata/RHSA-2008-0497.html",
+                "refsource": "MISC",
+                "name": "https://rhn.redhat.com/errata/RHSA-2008-0497.html"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "LOW",
+                "accessVector": "LOCAL",
+                "authentication": "NONE",
+                "availabilityImpact": "COMPLETE",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 7.2,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "COMPLETE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "COMPLETE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
+                "version": "2.0"
             }
         ]
     }

2008/2xxx/CVE-2008-2109.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2008-2109",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service (CPU consumption) via an ID3_FIELD_TYPE_STRINGLIST field that ends in '\\0', which triggers an infinite loop."
+                "value": "CVE-2008-2109 libid3tag: infinite loop in ID3_FIELD_TYPE_STRINGLIST parsing"
             }
         ]
     },
@@ -44,58 +21,93 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
+                        "cweId": "CWE-835"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a",
+                                            "version_affected": "="
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "MDVSA-2008:103",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:103"
+                "url": "http://bugs.gentoo.org/show_bug.cgi?id=210564",
+                "refsource": "MISC",
+                "name": "http://bugs.gentoo.org/show_bug.cgi?id=210564"
             },
             {
-                "name": "GLSA-200805-15",
-                "refsource": "GENTOO",
-                "url": "http://security.gentoo.org/glsa/glsa-200805-15.xml"
+                "url": "http://secunia.com/advisories/30173",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/30173"
             },
             {
-                "name": "FEDORA-2008-3757",
-                "refsource": "FEDORA",
-                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00159.html"
+                "url": "http://secunia.com/advisories/30182",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/30182"
             },
             {
-                "name": "30173",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/30173"
+                "url": "http://security.gentoo.org/glsa/glsa-200805-15.xml",
+                "refsource": "MISC",
+                "name": "http://security.gentoo.org/glsa/glsa-200805-15.xml"
             },
             {
-                "name": "30182",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/30182"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:103",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:103"
             },
             {
-                "name": "http://bugs.gentoo.org/show_bug.cgi?id=210564",
-                "refsource": "CONFIRM",
-                "url": "http://bugs.gentoo.org/show_bug.cgi?id=210564"
+                "url": "http://www.mars.org/mailman/public/mad-dev/2008-January/001366.html",
+                "refsource": "MISC",
+                "name": "http://www.mars.org/mailman/public/mad-dev/2008-January/001366.html"
             },
             {
-                "name": "29210",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/29210"
+                "url": "http://www.securityfocus.com/bid/29210",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/29210"
             },
             {
-                "name": "[mad-dev] 20080112 Initite loop bug in libid3tag-0.15.0b",
-                "refsource": "MLIST",
-                "url": "http://www.mars.org/mailman/public/mad-dev/2008-January/001366.html"
+                "url": "https://access.redhat.com/security/cve/CVE-2008-2109",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2008-2109"
             },
             {
-                "name": "libid3tag-field-dos(42271)",
-                "refsource": "XF",
-                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42271"
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=445812",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=445812"
+            },
+            {
+                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42271",
+                "refsource": "MISC",
+                "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42271"
+            },
+            {
+                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00159.html",
+                "refsource": "MISC",
+                "name": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00159.html"
             }
         ]
     }

2008/2xxx/CVE-2008-2376.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2008-2376",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE.  NOTE: this issue exists because of an incomplete fix for other closely related integer overflows."
+                "value": "CVE-2008-2376 ruby: integer overflows in rb_ary_fill() / Array#fill"
             }
         ]
     },
@@ -44,153 +21,231 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Integer Overflow or Wraparound",
+                        "cweId": "CWE-190"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Enterprise Linux 2.1",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:1.6.4-6.el2",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 3",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:1.6.8-12.el3",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 4",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:1.8.1-7.el4_6.1",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:1.8.5-5.el5_2.3",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "31090",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/31090"
+                "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html",
+                "refsource": "MISC",
+                "name": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
             },
             {
-                "name": "USN-651-1",
-                "refsource": "UBUNTU",
-                "url": "https://usn.ubuntu.com/651-1/"
+                "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html",
+                "refsource": "MISC",
+                "name": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
             },
             {
-                "name": "MDVSA-2008:141",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"
+                "url": "http://www.vupen.com/english/advisories/2008/2584",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2008/2584"
             },
             {
-                "name": "APPLE-SA-2008-09-15",
-                "refsource": "APPLE",
-                "url": "http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:141"
             },
             {
-                "name": "31006",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/31006"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"
             },
             {
-                "name": "FEDORA-2008-6033",
-                "refsource": "FEDORA",
-                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html"
+                "url": "http://secunia.com/advisories/30927",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/30927"
             },
             {
-                "name": "DSA-1618",
-                "refsource": "DEBIAN",
-                "url": "http://www.debian.org/security/2008/dsa-1618"
+                "url": "http://secunia.com/advisories/31006",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/31006"
             },
             {
-                "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218",
-                "refsource": "CONFIRM",
-                "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218"
+                "url": "http://secunia.com/advisories/31062",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/31062"
             },
             {
-                "name": "TA08-260A",
-                "refsource": "CERT",
-                "url": "http://www.us-cert.gov/cas/techalerts/TA08-260A.html"
+                "url": "http://secunia.com/advisories/31090",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/31090"
             },
             {
-                "name": "ADV-2008-2584",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2008/2584"
+                "url": "http://secunia.com/advisories/31181",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/31181"
             },
             {
-                "name": "31062",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/31062"
+                "url": "http://secunia.com/advisories/31256",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/31256"
             },
             {
-                "name": "https://issues.rpath.com/browse/RPL-2639",
-                "refsource": "CONFIRM",
-                "url": "https://issues.rpath.com/browse/RPL-2639"
+                "url": "http://secunia.com/advisories/32219",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/32219"
             },
             {
-                "name": "31256",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/31256"
+                "url": "http://secunia.com/advisories/33178",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/33178"
             },
             {
-                "name": "FEDORA-2008-6094",
-                "refsource": "FEDORA",
-                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html"
+                "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml",
+                "refsource": "MISC",
+                "name": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
             },
             {
-                "name": "32219",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/32219"
+                "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756",
+                "refsource": "MISC",
+                "name": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756"
             },
             {
-                "name": "[oss-security] 20080702 More ruby integer overflows (rb_ary_fill / Array#fill)",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2008/07/02/3"
+                "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0218",
+                "refsource": "MISC",
+                "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0218"
             },
             {
-                "name": "MDVSA-2008:140",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"
+                "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218",
+                "refsource": "MISC",
+                "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0218"
             },
             {
-                "name": "oval:org.mitre.oval:def:9863",
-                "refsource": "OVAL",
-                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863"
+                "url": "http://www.debian.org/security/2008/dsa-1612",
+                "refsource": "MISC",
+                "name": "http://www.debian.org/security/2008/dsa-1612"
             },
             {
-                "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0218",
-                "refsource": "CONFIRM",
-                "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0218"
+                "url": "http://www.debian.org/security/2008/dsa-1618",
+                "refsource": "MISC",
+                "name": "http://www.debian.org/security/2008/dsa-1618"
             },
             {
-                "name": "RHSA-2008:0561",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:140"
             },
             {
-                "name": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756",
-                "refsource": "CONFIRM",
-                "url": "http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=17756"
+                "url": "http://www.openwall.com/lists/oss-security/2008/07/02/3",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2008/07/02/3"
             },
             {
-                "name": "DSA-1612",
-                "refsource": "DEBIAN",
-                "url": "http://www.debian.org/security/2008/dsa-1612"
+                "url": "http://www.redhat.com/support/errata/RHSA-2008-0561.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2008-0561.html"
             },
             {
-                "name": "GLSA-200812-17",
-                "refsource": "GENTOO",
-                "url": "http://security.gentoo.org/glsa/glsa-200812-17.xml"
+                "url": "http://www.securityfocus.com/archive/1/494104/100/0/threaded",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/archive/1/494104/100/0/threaded"
             },
             {
-                "name": "33178",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/33178"
+                "url": "https://access.redhat.com/errata/RHSA-2008:0561",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2008:0561"
             },
             {
-                "name": "30927",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/30927"
+                "url": "https://access.redhat.com/errata/RHSA-2008:0562",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2008:0562"
             },
             {
-                "name": "20080708 rPSA-2008-0218-1 ruby",
-                "refsource": "BUGTRAQ",
-                "url": "http://www.securityfocus.com/archive/1/494104/100/0/threaded"
+                "url": "https://access.redhat.com/security/cve/CVE-2008-2376",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2008-2376"
             },
             {
-                "name": "MDVSA-2008:142",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:142"
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=453589",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=453589"
             },
             {
-                "name": "31181",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/31181"
+                "url": "https://issues.rpath.com/browse/RPL-2639",
+                "refsource": "MISC",
+                "name": "https://issues.rpath.com/browse/RPL-2639"
+            },
+            {
+                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863",
+                "refsource": "MISC",
+                "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9863"
+            },
+            {
+                "url": "https://usn.ubuntu.com/651-1/",
+                "refsource": "MISC",
+                "name": "https://usn.ubuntu.com/651-1/"
+            },
+            {
+                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html",
+                "refsource": "MISC",
+                "name": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00112.html"
+            },
+            {
+                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html",
+                "refsource": "MISC",
+                "name": "https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00161.html"
             }
         ]
     }

2009/2xxx/CVE-2009-2903.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2009-2903",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddp\"N\" device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams."
+                "value": "CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams"
             }
         ]
     },
@@ -44,88 +21,143 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Missing Release of Resource after Effective Lifetime",
+                        "cweId": "CWE-772"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a",
+                                            "version_affected": "="
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "[oss-security] 20090917 Re: CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2009/09/17/11"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html"
             },
             {
-                "name": "36379",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/36379"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html"
             },
             {
-                "name": "SUSE-SA:2009:061",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html"
             },
             {
-                "name": "USN-852-1",
-                "refsource": "UBUNTU",
-                "url": "http://www.ubuntu.com/usn/USN-852-1"
+                "url": "http://secunia.com/advisories/37909",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/37909"
             },
             {
-                "name": "36707",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/36707"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=522331",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=522331"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329"
             },
             {
-                "name": "MDVSA-2009:329",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:329"
+                "url": "http://secunia.com/advisories/37105",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/37105"
             },
             {
-                "name": "[oss-security] 20090914 CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2009/09/14/1"
+                "url": "http://www.ubuntu.com/usn/USN-852-1",
+                "refsource": "MISC",
+                "name": "http://www.ubuntu.com/usn/USN-852-1"
             },
             {
-                "name": "SUSE-SA:2010:012",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html"
+                "url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414",
+                "refsource": "MISC",
+                "name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git%3Ba=commit%3Bh=ffcfb8db540ff879c2a85bf7e404954281443414"
             },
             {
-                "name": "37909",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/37909"
+                "url": "http://secunia.com/advisories/36707",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/36707"
             },
             {
-                "name": "SUSE-SA:2009:064",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html"
+                "url": "http://www.openwall.com/lists/oss-security/2009/09/14/1",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2009/09/14/1"
             },
             {
-                "name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git;a=commit;h=ffcfb8db540ff879c2a85bf7e404954281443414",
-                "refsource": "CONFIRM",
-                "url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-next-2.6.git;a=commit;h=ffcfb8db540ff879c2a85bf7e404954281443414"
+                "url": "http://www.openwall.com/lists/oss-security/2009/09/14/2",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2009/09/14/2"
             },
             {
-                "name": "SUSE-SA:2010:013",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html"
+                "url": "http://www.openwall.com/lists/oss-security/2009/09/17/11",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2009/09/17/11"
             },
             {
-                "name": "37105",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/37105"
+                "url": "http://www.securityfocus.com/bid/36379",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/36379"
             },
             {
-                "name": "[oss-security] 20090914 Re: CVE-2009-2903 kernel: appletalk: denial of service when handling IP tunnelled over DDP datagrams",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2009/09/14/2"
+                "url": "https://access.redhat.com/security/cve/CVE-2009-2903",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2009-2903"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=522331",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=522331"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "LOW",
+                "accessVector": "ADJACENT_NETWORK",
+                "authentication": "NONE",
+                "availabilityImpact": "COMPLETE",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 8.3,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "COMPLETE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "COMPLETE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
+                "version": "2.0"
             }
         ]
     }

2009/2xxx/CVE-2009-2906.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2009-2906",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet."
+                "value": "CVE-2009-2906 samba: infinite loop flaw in smbd on unexpected oplock break notification reply"
             }
         ]
     },
@@ -44,148 +21,256 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
+                        "cweId": "CWE-835"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Enterprise Linux 3",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:3.0.9-1.3E.16",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 4",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:3.0.33-0.18.el4_8",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:3.0.33-3.15.el5_4",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Supplementary for Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:3.3.8-0.46.el5",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "http://samba.org/samba/security/CVE-2009-2906.html",
-                "refsource": "CONFIRM",
-                "url": "http://samba.org/samba/security/CVE-2009-2906.html"
+                "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html",
+                "refsource": "MISC",
+                "name": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
             },
             {
-                "name": "http://news.samba.org/releases/3.4.2/",
-                "refsource": "CONFIRM",
-                "url": "http://news.samba.org/releases/3.4.2/"
+                "url": "http://support.apple.com/kb/HT4077",
+                "refsource": "MISC",
+                "name": "http://support.apple.com/kb/HT4077"
             },
             {
-                "name": "20091112 rPSA-2009-0145-1 samba samba-client samba-server samba-swat",
-                "refsource": "BUGTRAQ",
-                "url": "http://www.securityfocus.com/archive/1/507856/100/0/threaded"
+                "url": "http://secunia.com/advisories/36918",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/36918"
             },
             {
-                "name": "oval:org.mitre.oval:def:9944",
-                "refsource": "OVAL",
-                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9944"
+                "url": "http://www.ubuntu.com/usn/USN-839-1",
+                "refsource": "MISC",
+                "name": "http://www.ubuntu.com/usn/USN-839-1"
             },
             {
-                "name": "FEDORA-2009-10172",
-                "refsource": "FEDORA",
-                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00098.html"
+                "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0145",
+                "refsource": "MISC",
+                "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0145"
             },
             {
-                "name": "APPLE-SA-2010-03-29-1",
-                "refsource": "APPLE",
-                "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
+                "url": "http://www.securityfocus.com/archive/1/507856/100/0/threaded",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/archive/1/507856/100/0/threaded"
             },
             {
-                "name": "http://news.samba.org/releases/3.2.15/",
-                "refsource": "CONFIRM",
-                "url": "http://news.samba.org/releases/3.2.15/"
+                "url": "https://access.redhat.com/errata/RHSA-2009:1529",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2009:1529"
             },
             {
-                "name": "1021111",
-                "refsource": "SUNALERT",
-                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021111.1-1"
+                "url": "https://access.redhat.com/errata/RHSA-2009:1585",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2009:1585"
             },
             {
-                "name": "58519",
-                "refsource": "OSVDB",
-                "url": "http://osvdb.org/58519"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html"
             },
             {
-                "name": "ADV-2009-2810",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2009/2810"
+                "url": "http://news.samba.org/releases/3.0.37/",
+                "refsource": "MISC",
+                "name": "http://news.samba.org/releases/3.0.37/"
             },
             {
-                "name": "SSA:2009-276-01",
-                "refsource": "SLACKWARE",
-                "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439"
+                "url": "http://news.samba.org/releases/3.2.15/",
+                "refsource": "MISC",
+                "name": "http://news.samba.org/releases/3.2.15/"
             },
             {
-                "name": "37428",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/37428"
+                "url": "http://news.samba.org/releases/3.3.8/",
+                "refsource": "MISC",
+                "name": "http://news.samba.org/releases/3.3.8/"
             },
             {
-                "name": "36937",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/36937"
+                "url": "http://news.samba.org/releases/3.4.2/",
+                "refsource": "MISC",
+                "name": "http://news.samba.org/releases/3.4.2/"
             },
             {
-                "name": "USN-839-1",
-                "refsource": "UBUNTU",
-                "url": "http://www.ubuntu.com/usn/USN-839-1"
+                "url": "http://osvdb.org/58519",
+                "refsource": "MISC",
+                "name": "http://osvdb.org/58519"
             },
             {
-                "name": "samba-smb-dos(53575)",
-                "refsource": "XF",
-                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53575"
+                "url": "http://samba.org/samba/security/CVE-2009-2906.html",
+                "refsource": "MISC",
+                "name": "http://samba.org/samba/security/CVE-2009-2906.html"
             },
             {
-                "name": "http://support.apple.com/kb/HT4077",
-                "refsource": "CONFIRM",
-                "url": "http://support.apple.com/kb/HT4077"
+                "url": "http://secunia.com/advisories/36893",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/36893"
             },
             {
-                "name": "36573",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/36573"
+                "url": "http://secunia.com/advisories/36937",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/36937"
             },
             {
-                "name": "http://news.samba.org/releases/3.0.37/",
-                "refsource": "CONFIRM",
-                "url": "http://news.samba.org/releases/3.0.37/"
+                "url": "http://secunia.com/advisories/36953",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/36953"
             },
             {
-                "name": "oval:org.mitre.oval:def:7090",
-                "refsource": "OVAL",
-                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7090"
+                "url": "http://secunia.com/advisories/37428",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/37428"
             },
             {
-                "name": "36918",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/36918"
+                "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439",
+                "refsource": "MISC",
+                "name": "http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.561439"
             },
             {
-                "name": "1022976",
-                "refsource": "SECTRACK",
-                "url": "http://www.securitytracker.com/id?1022976"
+                "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021111.1-1",
+                "refsource": "MISC",
+                "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021111.1-1"
             },
             {
-                "name": "36893",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/36893"
+                "url": "http://www.securityfocus.com/bid/36573",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/36573"
             },
             {
-                "name": "http://news.samba.org/releases/3.3.8/",
-                "refsource": "CONFIRM",
-                "url": "http://news.samba.org/releases/3.3.8/"
+                "url": "http://www.securitytracker.com/id?1022976",
+                "refsource": "MISC",
+                "name": "http://www.securitytracker.com/id?1022976"
             },
             {
-                "name": "36953",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/36953"
+                "url": "http://www.vupen.com/english/advisories/2009/2810",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2009/2810"
             },
             {
-                "name": "http://wiki.rpath.com/Advisories:rPSA-2009-0145",
-                "refsource": "CONFIRM",
-                "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0145"
+                "url": "https://access.redhat.com/errata/RHSA-2009:1528",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2009:1528"
             },
             {
-                "name": "SUSE-SR:2009:017",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html"
+                "url": "https://access.redhat.com/security/cve/CVE-2009-2906",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2009-2906"
             },
             {
-                "name": "FEDORA-2009-10180",
-                "refsource": "FEDORA",
-                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00095.html"
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526645",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=526645"
+            },
+            {
+                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53575",
+                "refsource": "MISC",
+                "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53575"
+            },
+            {
+                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7090",
+                "refsource": "MISC",
+                "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7090"
+            },
+            {
+                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9944",
+                "refsource": "MISC",
+                "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9944"
+            },
+            {
+                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00095.html",
+                "refsource": "MISC",
+                "name": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00095.html"
+            },
+            {
+                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00098.html",
+                "refsource": "MISC",
+                "name": "https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00098.html"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "MEDIUM",
+                "accessVector": "ADJACENT_NETWORK",
+                "authentication": "SINGLE",
+                "availabilityImpact": "PARTIAL",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 2.3,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "NONE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "NONE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2067.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2067",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file."
+                "value": "CVE-2010-2067 libtiff: SubjectDistance EXIF tag reading stack based buffer overflow"
             }
         ]
     },
@@ -44,83 +21,138 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Stack-based Buffer Overflow",
+                        "cweId": "CWE-121"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a",
+                                            "version_affected": "="
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "40241",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40241"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
             },
             {
-                "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2212",
-                "refsource": "CONFIRM",
-                "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2212"
+                "url": "http://secunia.com/advisories/50726",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/50726"
             },
             {
-                "name": "[oss-security] 20100623 CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127731610612908&w=2"
+                "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml",
+                "refsource": "MISC",
+                "name": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
             },
             {
-                "name": "ADV-2010-1638",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1638"
+                "url": "http://marc.info/?l=oss-security&m=127731610612908&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127731610612908&w=2"
             },
             {
-                "name": "SSA:2010-180-02",
-                "refsource": "SLACKWARE",
-                "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.596424"
+                "url": "http://secunia.com/advisories/40381",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40381"
             },
             {
-                "name": "65676",
-                "refsource": "OSVDB",
-                "url": "http://osvdb.org/65676"
+                "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.596424",
+                "refsource": "MISC",
+                "name": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.596424"
             },
             {
-                "name": "USN-954-1",
-                "refsource": "UBUNTU",
-                "url": "http://www.ubuntu.com/usn/USN-954-1"
+                "url": "http://www.ubuntu.com/usn/USN-954-1",
+                "refsource": "MISC",
+                "name": "http://www.ubuntu.com/usn/USN-954-1"
             },
             {
-                "name": "http://www.remotesensing.org/libtiff/v3.9.4.html",
-                "refsource": "CONFIRM",
-                "url": "http://www.remotesensing.org/libtiff/v3.9.4.html"
+                "url": "http://www.vupen.com/english/advisories/2010/1638",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1638"
             },
             {
-                "name": "GLSA-201209-02",
-                "refsource": "GENTOO",
-                "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
+                "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2212",
+                "refsource": "MISC",
+                "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2212"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=599576",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=599576"
+                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=874",
+                "refsource": "MISC",
+                "name": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=874"
             },
             {
-                "name": "20100621 Multiple Vendor LibTIFF 3.9.2 Stack Buffer Overflow Vulnerability",
-                "refsource": "IDEFENSE",
-                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=874"
+                "url": "http://osvdb.org/65676",
+                "refsource": "MISC",
+                "name": "http://osvdb.org/65676"
             },
             {
-                "name": "SUSE-SR:2010:014",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"
+                "url": "http://secunia.com/advisories/40241",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40241"
             },
             {
-                "name": "40381",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40381"
+                "url": "http://www.remotesensing.org/libtiff/v3.9.4.html",
+                "refsource": "MISC",
+                "name": "http://www.remotesensing.org/libtiff/v3.9.4.html"
             },
             {
-                "name": "50726",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/50726"
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2067",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2067"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=599576",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=599576"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "LOW",
+                "accessVector": "NETWORK",
+                "authentication": "NONE",
+                "availabilityImpact": "PARTIAL",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 7.5,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "PARTIAL",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "PARTIAL",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2221.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2221",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU."
+                "value": "CVE-2010-2221 scsi-target-utils: stack buffer overflow vulnerability"
             }
         ]
     },
@@ -44,113 +21,173 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Stack-based Buffer Overflow",
+                        "cweId": "CWE-121"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:0.0-6.20091205snap.el5_5.3",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "http://scst.svn.sourceforge.net/viewvc/scst?view=revision&revision=1793",
-                "refsource": "CONFIRM",
-                "url": "http://scst.svn.sourceforge.net/viewvc/scst?view=revision&revision=1793"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
             },
             {
-                "name": "20100702 TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow",
-                "refsource": "BUGTRAQ",
-                "url": "http://archives.neohapsis.com/archives/bugtraq/2010-07/0022.html"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:131",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:131"
             },
             {
-                "name": "ADV-2010-1760",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1760"
+                "url": "http://www.vupen.com/english/advisories/2010/1786",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1786"
             },
             {
-                "name": "20100702 TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow",
-                "refsource": "FULLDISC",
-                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0058.html"
+                "url": "http://archives.neohapsis.com/archives/bugtraq/2010-07/0022.html",
+                "refsource": "MISC",
+                "name": "http://archives.neohapsis.com/archives/bugtraq/2010-07/0022.html"
             },
             {
-                "name": "65992",
-                "refsource": "OSVDB",
-                "url": "http://www.osvdb.org/65992"
+                "url": "http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0058.html",
+                "refsource": "MISC",
+                "name": "http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0058.html"
             },
             {
-                "name": "MDVSA-2010:131",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:131"
+                "url": "http://lists.wpkg.org/pipermail/stgt/2010-July/003858.html",
+                "refsource": "MISC",
+                "name": "http://lists.wpkg.org/pipermail/stgt/2010-July/003858.html"
             },
             {
-                "name": "65990",
-                "refsource": "OSVDB",
-                "url": "http://www.osvdb.org/65990"
+                "url": "http://scst.svn.sourceforge.net/viewvc/scst/trunk/iscsi-scst/usr/isns.c?r1=1793&r2=1792&pathrev=1793",
+                "refsource": "MISC",
+                "name": "http://scst.svn.sourceforge.net/viewvc/scst/trunk/iscsi-scst/usr/isns.c?r1=1793&r2=1792&pathrev=1793"
             },
             {
-                "name": "41327",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/41327"
+                "url": "http://scst.svn.sourceforge.net/viewvc/scst?view=revision&revision=1793",
+                "refsource": "MISC",
+                "name": "http://scst.svn.sourceforge.net/viewvc/scst?view=revision&revision=1793"
             },
             {
-                "name": "RHSA-2010:0518",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2010-0518.html"
+                "url": "http://secunia.com/advisories/40485",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40485"
             },
             {
-                "name": "65991",
-                "refsource": "OSVDB",
-                "url": "http://www.osvdb.org/65991"
+                "url": "http://secunia.com/advisories/40494",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40494"
             },
             {
-                "name": "[iscsitarget-devel] 20100701 [patch] fix iSNS bounds checking",
-                "refsource": "MLIST",
-                "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E2BB8074E5500C42984D980D4BD78EF904075006%40MFG-NYC-EXCH2.mfg.prv&forum_name=iscsitarget-devel"
+                "url": "http://secunia.com/advisories/40495",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40495"
             },
             {
-                "name": "40485",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40485"
+                "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=E2BB8074E5500C42984D980D4BD78EF904075006%40MFG-NYC-EXCH2.mfg.prv&forum_name=iscsitarget-devel",
+                "refsource": "MISC",
+                "name": "http://sourceforge.net/mailarchive/forum.php?thread_name=E2BB8074E5500C42984D980D4BD78EF904075006%40MFG-NYC-EXCH2.mfg.prv&forum_name=iscsitarget-devel"
             },
             {
-                "name": "[stgt] 20100701 1.0.6 released",
-                "refsource": "MLIST",
-                "url": "http://lists.wpkg.org/pipermail/stgt/2010-July/003858.html"
+                "url": "http://www.osvdb.org/65990",
+                "refsource": "MISC",
+                "name": "http://www.osvdb.org/65990"
             },
             {
-                "name": "SUSE-SR:2010:017",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
+                "url": "http://www.osvdb.org/65991",
+                "refsource": "MISC",
+                "name": "http://www.osvdb.org/65991"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=593877",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=593877"
+                "url": "http://www.osvdb.org/65992",
+                "refsource": "MISC",
+                "name": "http://www.osvdb.org/65992"
             },
             {
-                "name": "40494",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40494"
+                "url": "http://www.redhat.com/support/errata/RHSA-2010-0518.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2010-0518.html"
             },
             {
-                "name": "http://scst.svn.sourceforge.net/viewvc/scst/trunk/iscsi-scst/usr/isns.c?r1=1793&r2=1792&pathrev=1793",
-                "refsource": "CONFIRM",
-                "url": "http://scst.svn.sourceforge.net/viewvc/scst/trunk/iscsi-scst/usr/isns.c?r1=1793&r2=1792&pathrev=1793"
+                "url": "http://www.securityfocus.com/bid/41327",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/41327"
             },
             {
-                "name": "ADV-2010-1786",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1786"
+                "url": "http://www.securitytracker.com/id?1024175",
+                "refsource": "MISC",
+                "name": "http://www.securitytracker.com/id?1024175"
             },
             {
-                "name": "1024175",
-                "refsource": "SECTRACK",
-                "url": "http://www.securitytracker.com/id?1024175"
+                "url": "http://www.vupen.com/english/advisories/2010/1760",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1760"
             },
             {
-                "name": "40495",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40495"
+                "url": "https://access.redhat.com/errata/RHSA-2010:0518",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0518"
+            },
+            {
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2221",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2221"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=593877",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=593877"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "MEDIUM",
+                "accessVector": "NETWORK",
+                "authentication": "NONE",
+                "availabilityImpact": "PARTIAL",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 6.8,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "PARTIAL",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "PARTIAL",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2233.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2233",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to \"downsampled OJPEG input.\""
+                "value": "CVE-2010-2233 libtiff: incorrect type extension for negative toskew values on 64bit platforms"
             }
         ]
     },
@@ -44,58 +21,113 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
+                        "cweId": "CWE-119"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a",
+                                            "version_affected": "="
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "[oss-security] 20100623 CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127731610612908&w=2"
-            },
-            {
-                "name": "1024150",
-                "refsource": "SECTRACK",
-                "url": "http://securitytracker.com/id?1024150"
-            },
-            {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=607198",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=607198"
-            },
-            {
-                "name": "GLSA-201209-02",
-                "refsource": "GENTOO",
-                "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
-            },
-            {
-                "name": "40422",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40422"
-            },
-            {
-                "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2207",
-                "refsource": "CONFIRM",
-                "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2207"
-            },
-            {
-                "name": "http://www.remotesensing.org/libtiff/v3.9.4.html",
+                "url": "http://secunia.com/advisories/50726",
                 "refsource": "MISC",
-                "url": "http://www.remotesensing.org/libtiff/v3.9.4.html"
+                "name": "http://secunia.com/advisories/50726"
             },
             {
-                "name": "50726",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/50726"
+                "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml",
+                "refsource": "MISC",
+                "name": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=583081",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=583081"
+                "url": "http://marc.info/?l=oss-security&m=127731610612908&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127731610612908&w=2"
+            },
+            {
+                "url": "http://www.remotesensing.org/libtiff/v3.9.4.html",
+                "refsource": "MISC",
+                "name": "http://www.remotesensing.org/libtiff/v3.9.4.html"
+            },
+            {
+                "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2207",
+                "refsource": "MISC",
+                "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2207"
+            },
+            {
+                "url": "http://secunia.com/advisories/40422",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40422"
+            },
+            {
+                "url": "http://securitytracker.com/id?1024150",
+                "refsource": "MISC",
+                "name": "http://securitytracker.com/id?1024150"
+            },
+            {
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2233",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2233"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=583081",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=583081"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=607198",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=607198"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "LOW",
+                "accessVector": "NETWORK",
+                "authentication": "NONE",
+                "availabilityImpact": "PARTIAL",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 7.5,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "PARTIAL",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "PARTIAL",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2235.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2235",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of the Cheetah template engine to execute Python statements contained in templates, which allows remote authenticated administrators to execute arbitrary code via a crafted kickstart template file, a different vulnerability than CVE-2008-6954."
+                "value": "CVE-2010-2235 RHN Satellite (cobbler): Code injection flaw (ACE as root) by processing of a specially-crafted kickstart template file"
             }
         ]
     },
@@ -44,28 +21,88 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')",
+                        "cweId": "CWE-96"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Network Satellite Server v 5.3",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:1.6.6-15.el5sat",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=607662",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=607662"
+                "url": "http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz",
+                "refsource": "MISC",
+                "name": "http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz"
             },
             {
-                "name": "RHSA-2010:0775",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2010-0775.html"
+                "url": "http://www.redhat.com/support/errata/RHSA-2010-0775.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2010-0775.html"
             },
             {
-                "name": "http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz",
-                "refsource": "CONFIRM",
-                "url": "http://people.fedoraproject.org/~shenson/cobbler/cobbler-2.0.8.tar.gz"
+                "url": "https://access.redhat.com/errata/RHSA-2010:0775",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0775"
+            },
+            {
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2235",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2235"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=607662",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=607662"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "HIGH",
+                "accessVector": "NETWORK",
+                "authentication": "SINGLE",
+                "availabilityImpact": "COMPLETE",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 7.1,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "COMPLETE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "COMPLETE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2240.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2240",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server."
+                "value": "CVE-2010-2240 kernel: mm: keep a guard page below a grow-down stack segment"
             }
         ]
     },
@@ -44,118 +21,274 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
+                        "cweId": "CWE-119"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "MRG for RHEL-5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.24.7-161.el5rt",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 3 Extended Lifecycle Support",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.4.21-66.EL",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 4",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.9-89.0.29.EL",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 4.7 Z Stream",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.9-78.0.32.EL",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.18-194.11.3.el5",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5.3.Z - Server Only",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.18-128.23.1.el5",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5.4.Z - Server Only",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.18-164.25.1.el5",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52",
-                "refsource": "CONFIRM",
-                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52"
-            },
-            {
-                "name": "MDVSA-2010:198",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
-            },
-            {
-                "name": "RHSA-2010:0670",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2010-0670.html"
-            },
-            {
-                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4",
-                "refsource": "CONFIRM",
-                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4"
-            },
-            {
-                "name": "oval:org.mitre.oval:def:13247",
-                "refsource": "OVAL",
-                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247"
-            },
-            {
-                "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=320b2b8de12698082609ebbc1a17165727f4c893",
-                "refsource": "CONFIRM",
-                "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=320b2b8de12698082609ebbc1a17165727f4c893"
-            },
-            {
-                "name": "RHSA-2010:0660",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2010-0660.html"
-            },
-            {
-                "name": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html",
-                "refsource": "CONFIRM",
-                "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html"
-            },
-            {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=606611",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=606611"
-            },
-            {
-                "name": "RHSA-2010:0661",
-                "refsource": "REDHAT",
-                "url": "https://rhn.redhat.com/errata/RHSA-2010-0661.html"
-            },
-            {
-                "name": "RHSA-2010:0882",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2010-0882.html"
-            },
-            {
-                "name": "MDVSA-2011:051",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051"
-            },
-            {
-                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2",
-                "refsource": "CONFIRM",
-                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2"
-            },
-            {
-                "name": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html",
-                "refsource": "CONFIRM",
-                "url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
-            },
-            {
-                "name": "DSA-2094",
-                "refsource": "DEBIAN",
-                "url": "http://www.debian.org/security/2010/dsa-2094"
-            },
-            {
-                "name": "http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf",
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051",
                 "refsource": "MISC",
-                "url": "http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf"
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051"
             },
             {
-                "name": "[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console",
-                "refsource": "MLIST",
-                "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html"
+                "url": "http://www.redhat.com/support/errata/RHSA-2010-0882.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2010-0882.html"
             },
             {
-                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19",
-                "refsource": "CONFIRM",
-                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19"
+                "url": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html",
+                "refsource": "MISC",
+                "name": "http://www.vmware.com/security/advisories/VMSA-2011-0009.html"
             },
             {
-                "name": "20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console",
-                "refsource": "BUGTRAQ",
-                "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded"
+                "url": "https://access.redhat.com/errata/RHSA-2010:0882",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0882"
             },
             {
-                "name": "MDVSA-2010:172",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:172"
+                "url": "https://access.redhat.com/errata/RHSA-2010:0631",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0631"
             },
             {
-                "name": "1024344",
-                "refsource": "SECTRACK",
-                "url": "http://securitytracker.com/id?1024344"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
+            },
+            {
+                "url": "http://www.debian.org/security/2010/dsa-2094",
+                "refsource": "MISC",
+                "name": "http://www.debian.org/security/2010/dsa-2094"
+            },
+            {
+                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2",
+                "refsource": "MISC",
+                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2"
+            },
+            {
+                "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893",
+                "refsource": "MISC",
+                "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893"
+            },
+            {
+                "url": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html",
+                "refsource": "MISC",
+                "name": "http://lists.vmware.com/pipermail/security-announce/2011/000133.html"
+            },
+            {
+                "url": "http://securitytracker.com/id?1024344",
+                "refsource": "MISC",
+                "name": "http://securitytracker.com/id?1024344"
+            },
+            {
+                "url": "http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf",
+                "refsource": "MISC",
+                "name": "http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf"
+            },
+            {
+                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52",
+                "refsource": "MISC",
+                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52"
+            },
+            {
+                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19",
+                "refsource": "MISC",
+                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19"
+            },
+            {
+                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4",
+                "refsource": "MISC",
+                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4"
+            },
+            {
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:172",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:172"
+            },
+            {
+                "url": "http://www.redhat.com/support/errata/RHSA-2010-0660.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2010-0660.html"
+            },
+            {
+                "url": "http://www.redhat.com/support/errata/RHSA-2010-0670.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2010-0670.html"
+            },
+            {
+                "url": "http://www.securityfocus.com/archive/1/517739/100/0/threaded",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/archive/1/517739/100/0/threaded"
+            },
+            {
+                "url": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html",
+                "refsource": "MISC",
+                "name": "http://www.vmware.com/security/advisories/VMSA-2011-0007.html"
+            },
+            {
+                "url": "https://access.redhat.com/errata/RHSA-2010:0660",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0660"
+            },
+            {
+                "url": "https://access.redhat.com/errata/RHSA-2010:0661",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0661"
+            },
+            {
+                "url": "https://access.redhat.com/errata/RHSA-2010:0670",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0670"
+            },
+            {
+                "url": "https://access.redhat.com/errata/RHSA-2010:0676",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0676"
+            },
+            {
+                "url": "https://access.redhat.com/errata/RHSA-2010:0677",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0677"
+            },
+            {
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2240",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2240"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=606611",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=606611"
+            },
+            {
+                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247",
+                "refsource": "MISC",
+                "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247"
+            },
+            {
+                "url": "https://rhn.redhat.com/errata/RHSA-2010-0661.html",
+                "refsource": "MISC",
+                "name": "https://rhn.redhat.com/errata/RHSA-2010-0661.html"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "LOW",
+                "accessVector": "LOCAL",
+                "authentication": "NONE",
+                "availabilityImpact": "COMPLETE",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 7.2,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "COMPLETE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "COMPLETE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2248.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2248",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite2 functions."
+                "value": "CVE-2010-2248 kernel: cifs: Fix a kernel BUG with remote OS/2 server"
             }
         ]
     },
@@ -44,98 +21,190 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Reachable Assertion",
+                        "cweId": "CWE-617"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "MRG for RHEL-5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.24.7-161.el5rt",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 4",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.9-89.0.28.EL",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.18-194.11.1.el5",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "RHSA-2010:0610",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2010-0610.html"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051"
             },
             {
-                "name": "USN-1000-1",
-                "refsource": "UBUNTU",
-                "url": "http://www.ubuntu.com/usn/USN-1000-1"
+                "url": "https://access.redhat.com/errata/RHSA-2010:0631",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0631"
             },
             {
-                "name": "[oss-security] 20100628 CVE request - kernel: cifs: Fix a kernel BUG with remote OS/2 server",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2010/06/28/1"
+                "url": "http://secunia.com/advisories/43315",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/43315"
             },
             {
-                "name": "RHSA-2010:0606",
-                "refsource": "REDHAT",
-                "url": "https://rhn.redhat.com/errata/RHSA-2010-0606.html"
+                "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
             },
             {
-                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.34/ChangeLog-2.6.34-rc4",
-                "refsource": "CONFIRM",
-                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.34/ChangeLog-2.6.34-rc4"
+                "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
+                "refsource": "MISC",
+                "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
             },
             {
-                "name": "MDVSA-2010:198",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:198"
             },
             {
-                "name": "42242",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/42242"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html"
             },
             {
-                "name": "SUSE-SA:2010:060",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html"
+                "url": "http://www.debian.org/security/2010/dsa-2094",
+                "refsource": "MISC",
+                "name": "http://www.debian.org/security/2010/dsa-2094"
             },
             {
-                "name": "[oss-security] 20100628 Re: CVE request - kernel: cifs: Fix a kernel BUG with remote OS/2 server",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2010/06/28/6"
+                "url": "http://www.redhat.com/support/errata/RHSA-2010-0610.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2010-0610.html"
             },
             {
-                "name": "MDVSA-2011:051",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:051"
+                "url": "http://www.ubuntu.com/usn/USN-1000-1",
+                "refsource": "MISC",
+                "name": "http://www.ubuntu.com/usn/USN-1000-1"
             },
             {
-                "name": "43315",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/43315"
+                "url": "https://access.redhat.com/errata/RHSA-2010:0610",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0610"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=608583",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608583"
+                "url": "https://access.redhat.com/errata/RHSA-2010:0606",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0606"
             },
             {
-                "name": "DSA-2094",
-                "refsource": "DEBIAN",
-                "url": "http://www.debian.org/security/2010/dsa-2094"
+                "url": "https://rhn.redhat.com/errata/RHSA-2010-0606.html",
+                "refsource": "MISC",
+                "name": "https://rhn.redhat.com/errata/RHSA-2010-0606.html"
             },
             {
-                "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6513a81e9325d712f1bfb9a1d7b750134e49ff18",
-                "refsource": "CONFIRM",
-                "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6513a81e9325d712f1bfb9a1d7b750134e49ff18"
+                "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6513a81e9325d712f1bfb9a1d7b750134e49ff18",
+                "refsource": "MISC",
+                "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6513a81e9325d712f1bfb9a1d7b750134e49ff18"
             },
             {
-                "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html",
-                "refsource": "CONFIRM",
-                "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
+                "url": "http://securitytracker.com/id?1024285",
+                "refsource": "MISC",
+                "name": "http://securitytracker.com/id?1024285"
             },
             {
-                "name": "1024285",
-                "refsource": "SECTRACK",
-                "url": "http://securitytracker.com/id?1024285"
+                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.34/ChangeLog-2.6.34-rc4",
+                "refsource": "MISC",
+                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/v2.6.34/ChangeLog-2.6.34-rc4"
             },
             {
-                "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
-                "refsource": "BUGTRAQ",
-                "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
+                "url": "http://www.openwall.com/lists/oss-security/2010/06/28/1",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2010/06/28/1"
+            },
+            {
+                "url": "http://www.openwall.com/lists/oss-security/2010/06/28/6",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2010/06/28/6"
+            },
+            {
+                "url": "http://www.securityfocus.com/bid/42242",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/42242"
+            },
+            {
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2248",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2248"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608583",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=608583"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "MEDIUM",
+                "accessVector": "NETWORK",
+                "authentication": "NONE",
+                "availabilityImpact": "COMPLETE",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 7.1,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "NONE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "NONE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2249.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2249",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks."
+                "value": "CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images"
             }
         ]
     },
@@ -44,213 +21,303 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Missing Release of Memory after Effective Lifetime",
+                        "cweId": "CWE-401"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Enterprise Linux 3",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "2:1.2.2-30",
+                                            "version_affected": "!"
+                                        },
+                                        {
+                                            "version_value": "0:1.0.13-21",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 4",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "2:1.2.7-3.el4_8.3",
+                                            "version_affected": "!"
+                                        },
+                                        {
+                                            "version_value": "0:1.0.16-3.el4_8.4",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "2:1.2.10-7.1.el5_5.3",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20",
-                "refsource": "CONFIRM",
-                "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
+                "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html",
+                "refsource": "MISC",
+                "name": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
             },
             {
-                "name": "MDVSA-2010:133",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
+                "url": "http://support.apple.com/kb/HT4435",
+                "refsource": "MISC",
+                "name": "http://support.apple.com/kb/HT4435"
             },
             {
-                "name": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html",
-                "refsource": "CONFIRM",
-                "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
             },
             {
-                "name": "41174",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/41174"
+                "url": "http://www.libpng.org/pub/png/libpng.html",
+                "refsource": "MISC",
+                "name": "http://www.libpng.org/pub/png/libpng.html"
             },
             {
-                "name": "ADV-2010-1877",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1877"
+                "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html",
+                "refsource": "MISC",
+                "name": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
             },
             {
-                "name": "ADV-2010-3045",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/3045"
+                "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html",
+                "refsource": "MISC",
+                "name": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
             },
             {
-                "name": "1024723",
-                "refsource": "SECTRACK",
-                "url": "http://www.securitytracker.com/id?1024723"
+                "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20",
+                "refsource": "MISC",
+                "name": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
             },
             {
-                "name": "http://support.apple.com/kb/HT4435",
-                "refsource": "CONFIRM",
-                "url": "http://support.apple.com/kb/HT4435"
+                "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html",
+                "refsource": "MISC",
+                "name": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
             },
             {
-                "name": "ADV-2010-1837",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1837"
+                "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html",
+                "refsource": "MISC",
+                "name": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
             },
             {
-                "name": "http://support.apple.com/kb/HT4457",
-                "refsource": "CONFIRM",
-                "url": "http://support.apple.com/kb/HT4457"
+                "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html",
+                "refsource": "MISC",
+                "name": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
             },
             {
-                "name": "ADV-2010-1755",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1755"
+                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html",
+                "refsource": "MISC",
+                "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
             },
             {
-                "name": "ADV-2010-3046",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/3046"
+                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html",
+                "refsource": "MISC",
+                "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
             },
             {
-                "name": "40472",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40472"
+                "url": "http://secunia.com/advisories/40302",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40302"
             },
             {
-                "name": "http://support.apple.com/kb/HT4566",
-                "refsource": "CONFIRM",
-                "url": "http://support.apple.com/kb/HT4566"
+                "url": "http://secunia.com/advisories/40336",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40336"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=608644",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
+                "url": "http://secunia.com/advisories/40472",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40472"
             },
             {
-                "name": "40302",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40302"
+                "url": "http://secunia.com/advisories/40547",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40547"
             },
             {
-                "name": "APPLE-SA-2010-11-10-1",
-                "refsource": "APPLE",
-                "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
+                "url": "http://secunia.com/advisories/41574",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/41574"
             },
             {
-                "name": "40336",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40336"
+                "url": "http://secunia.com/advisories/42314",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/42314"
             },
             {
-                "name": "libpng-scal-dos(59816)",
-                "refsource": "XF",
-                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
+                "url": "http://secunia.com/advisories/42317",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/42317"
             },
             {
-                "name": "41574",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/41574"
+                "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061",
+                "refsource": "MISC",
+                "name": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061"
             },
             {
-                "name": "USN-960-1",
-                "refsource": "UBUNTU",
-                "url": "http://www.ubuntu.com/usn/USN-960-1"
+                "url": "http://support.apple.com/kb/HT4456",
+                "refsource": "MISC",
+                "name": "http://support.apple.com/kb/HT4456"
             },
             {
-                "name": "http://www.libpng.org/pub/png/libpng.html",
-                "refsource": "CONFIRM",
-                "url": "http://www.libpng.org/pub/png/libpng.html"
+                "url": "http://support.apple.com/kb/HT4457",
+                "refsource": "MISC",
+                "name": "http://support.apple.com/kb/HT4457"
             },
             {
-                "name": "APPLE-SA-2011-03-02-1",
-                "refsource": "APPLE",
-                "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
+                "url": "http://support.apple.com/kb/HT4554",
+                "refsource": "MISC",
+                "name": "http://support.apple.com/kb/HT4554"
             },
             {
-                "name": "42317",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/42317"
+                "url": "http://support.apple.com/kb/HT4566",
+                "refsource": "MISC",
+                "name": "http://support.apple.com/kb/HT4566"
             },
             {
-                "name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
-                "refsource": "MLIST",
-                "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
+                "url": "http://www.debian.org/security/2010/dsa-2072",
+                "refsource": "MISC",
+                "name": "http://www.debian.org/security/2010/dsa-2072"
             },
             {
-                "name": "FEDORA-2010-10823",
-                "refsource": "FEDORA",
-                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
             },
             {
-                "name": "DSA-2072",
-                "refsource": "DEBIAN",
-                "url": "http://www.debian.org/security/2010/dsa-2072"
+                "url": "http://www.securityfocus.com/bid/41174",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/41174"
             },
             {
-                "name": "40547",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40547"
+                "url": "http://www.securitytracker.com/id?1024723",
+                "refsource": "MISC",
+                "name": "http://www.securitytracker.com/id?1024723"
             },
             {
-                "name": "42314",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/42314"
+                "url": "http://www.ubuntu.com/usn/USN-960-1",
+                "refsource": "MISC",
+                "name": "http://www.ubuntu.com/usn/USN-960-1"
             },
             {
-                "name": "ADV-2010-1637",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1637"
+                "url": "http://www.vupen.com/english/advisories/2010/1612",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1612"
             },
             {
-                "name": "http://support.apple.com/kb/HT4554",
-                "refsource": "CONFIRM",
-                "url": "http://support.apple.com/kb/HT4554"
+                "url": "http://www.vupen.com/english/advisories/2010/1637",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1637"
             },
             {
-                "name": "SUSE-SR:2010:017",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
+                "url": "http://www.vupen.com/english/advisories/2010/1755",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1755"
             },
             {
-                "name": "APPLE-SA-2011-03-09-2",
-                "refsource": "APPLE",
-                "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
+                "url": "http://www.vupen.com/english/advisories/2010/1837",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1837"
             },
             {
-                "name": "SSA:2010-180-01",
-                "refsource": "SLACKWARE",
-                "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061"
+                "url": "http://www.vupen.com/english/advisories/2010/1846",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1846"
             },
             {
-                "name": "FEDORA-2010-10833",
-                "refsource": "FEDORA",
-                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
+                "url": "http://www.vupen.com/english/advisories/2010/1877",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1877"
             },
             {
-                "name": "http://support.apple.com/kb/HT4456",
-                "refsource": "CONFIRM",
-                "url": "http://support.apple.com/kb/HT4456"
+                "url": "http://www.vupen.com/english/advisories/2010/2491",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/2491"
             },
             {
-                "name": "ADV-2010-2491",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/2491"
+                "url": "http://www.vupen.com/english/advisories/2010/3045",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/3045"
             },
             {
-                "name": "ADV-2010-1846",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1846"
+                "url": "http://www.vupen.com/english/advisories/2010/3046",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/3046"
             },
             {
-                "name": "APPLE-SA-2010-11-22-1",
-                "refsource": "APPLE",
-                "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
+                "url": "https://access.redhat.com/errata/RHSA-2010:0534",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0534"
             },
             {
-                "name": "ADV-2010-1612",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1612"
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2249",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2249"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
+            },
+            {
+                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816",
+                "refsource": "MISC",
+                "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "MEDIUM",
+                "accessVector": "NETWORK",
+                "authentication": "NONE",
+                "availabilityImpact": "PARTIAL",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 4.3,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "NONE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "NONE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2478.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2478",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspecified other impact via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value that triggers a buffer overflow, a different vulnerability than CVE-2010-3084."
+                "value": "CVE-2010-2478 kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL"
             }
         ]
     },
@@ -44,63 +21,118 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
+                        "cweId": "CWE-119"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a",
+                                            "version_affected": "="
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=608950",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608950"
+                "url": "http://www.ubuntu.com/usn/USN-1000-1",
+                "refsource": "MISC",
+                "name": "http://www.ubuntu.com/usn/USN-1000-1"
             },
             {
-                "name": "USN-1000-1",
-                "refsource": "UBUNTU",
-                "url": "http://www.ubuntu.com/usn/USN-1000-1"
+                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html",
+                "refsource": "MISC",
+                "name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html"
             },
             {
-                "name": "[oss-security] 20100629 kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2010/06/29/1"
+                "url": "http://article.gmane.org/gmane.linux.network/164869",
+                "refsource": "MISC",
+                "name": "http://article.gmane.org/gmane.linux.network/164869"
             },
             {
-                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33.7",
-                "refsource": "CONFIRM",
-                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33.7"
+                "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db048b69037e7fa6a7d9e95a1271a50dc08ae233",
+                "refsource": "MISC",
+                "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=db048b69037e7fa6a7d9e95a1271a50dc08ae233"
             },
             {
-                "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=db048b69037e7fa6a7d9e95a1271a50dc08ae233",
-                "refsource": "CONFIRM",
-                "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=db048b69037e7fa6a7d9e95a1271a50dc08ae233"
+                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33.7",
+                "refsource": "MISC",
+                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.33.7"
             },
             {
-                "name": "SUSE-SA:2010:040",
-                "refsource": "SUSE",
-                "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00004.html"
+                "url": "http://www.openwall.com/lists/oss-security/2010/06/29/1",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2010/06/29/1"
             },
             {
-                "name": "[netdev] 20100628 [PATCH net-2.6 1/2] ethtool: Fix potential kernel buffer overflow in ETHTOOL_GRXCLSRLALL",
-                "refsource": "MLIST",
-                "url": "http://article.gmane.org/gmane.linux.network/164869"
+                "url": "http://www.openwall.com/lists/oss-security/2010/06/29/3",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2010/06/29/3"
             },
             {
-                "name": "[oss-security] 20100629 Re: kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2010/06/29/3"
+                "url": "http://www.openwall.com/lists/oss-security/2010/06/30/17",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2010/06/30/17"
             },
             {
-                "name": "41223",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/41223"
+                "url": "http://www.securityfocus.com/bid/41223",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/41223"
             },
             {
-                "name": "[oss-security] 20100630 Re: kernel: ethtool: kernel buffer overflow in ETHTOOL_GRXCLSRLALL",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2010/06/30/17"
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2478",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2478"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608950",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=608950"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "LOW",
+                "accessVector": "LOCAL",
+                "authentication": "NONE",
+                "availabilityImpact": "COMPLETE",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 7.2,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "COMPLETE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "COMPLETE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2481.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2481",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file."
+                "value": "CVE-2010-2481 libtiff: TIFFExtractData out-of-bounds read crash"
             }
         ]
     },
@@ -44,73 +21,149 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Out-of-bounds Read",
+                        "cweId": "CWE-125"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Enterprise Linux 4",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:3.6.1-12.el4_8.5",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:3.8.2-7.el5_5.5",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "[oss-security] 20100624 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127736307002102&w=2"
+                "url": "http://secunia.com/advisories/50726",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/50726"
             },
             {
-                "name": "40527",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40527"
+                "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml",
+                "refsource": "MISC",
+                "name": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
             },
             {
-                "name": "[oss-security] 20100629 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127781315415896&w=2"
+                "url": "http://marc.info/?l=oss-security&m=127731610612908&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127731610612908&w=2"
             },
             {
-                "name": "[oss-security] 20100623 CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127731610612908&w=2"
+                "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2210",
+                "refsource": "MISC",
+                "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2210"
             },
             {
-                "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2210",
-                "refsource": "CONFIRM",
-                "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2210"
+                "url": "http://marc.info/?l=oss-security&m=127736307002102&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127736307002102&w=2"
             },
             {
-                "name": "ADV-2010-1761",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1761"
+                "url": "http://marc.info/?l=oss-security&m=127738540902757&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127738540902757&w=2"
             },
             {
-                "name": "GLSA-201209-02",
-                "refsource": "GENTOO",
-                "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
+                "url": "http://marc.info/?l=oss-security&m=127781315415896&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127781315415896&w=2"
             },
             {
-                "name": "RHSA-2010:0519",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2010-0519.html"
+                "url": "http://marc.info/?l=oss-security&m=127797353202873&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127797353202873&w=2"
             },
             {
-                "name": "[oss-security] 20100624 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127738540902757&w=2"
+                "url": "http://secunia.com/advisories/40527",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40527"
             },
             {
-                "name": "[oss-security] 20100701 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127797353202873&w=2"
+                "url": "http://www.openwall.com/lists/oss-security/2010/06/30/22",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2010/06/30/22"
             },
             {
-                "name": "[oss-security] 20100630 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2010/06/30/22"
+                "url": "http://www.redhat.com/support/errata/RHSA-2010-0519.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2010-0519.html"
             },
             {
-                "name": "50726",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/50726"
+                "url": "http://www.vupen.com/english/advisories/2010/1761",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1761"
+            },
+            {
+                "url": "https://access.redhat.com/errata/RHSA-2010:0519",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0519"
+            },
+            {
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2481",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2481"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=611895",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=611895"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "MEDIUM",
+                "accessVector": "NETWORK",
+                "authentication": "NONE",
+                "availabilityImpact": "PARTIAL",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 4.3,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "NONE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "NONE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2482.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2482",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443."
+                "value": "CVE-2010-2443 CVE-2010-2482 libtiff: OJPEGReadBufferFill NULL deref crash"
             }
         ]
     },
@@ -44,73 +21,128 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "NULL Pointer Dereference",
+                        "cweId": "CWE-476"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a",
+                                            "version_affected": "="
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "[oss-security] 20100624 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127736307002102&w=2"
+                "url": "http://secunia.com/advisories/50726",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/50726"
             },
             {
-                "name": "https://bugs.launchpad.net/bugs/597246",
-                "refsource": "CONFIRM",
-                "url": "https://bugs.launchpad.net/bugs/597246"
+                "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml",
+                "refsource": "MISC",
+                "name": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=608010",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608010"
+                "url": "http://www.debian.org/security/2012/dsa-2552",
+                "refsource": "MISC",
+                "name": "http://www.debian.org/security/2012/dsa-2552"
             },
             {
-                "name": "DSA-2552",
-                "refsource": "DEBIAN",
-                "url": "http://www.debian.org/security/2012/dsa-2552"
+                "url": "http://secunia.com/advisories/40422",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40422"
             },
             {
-                "name": "GLSA-201209-02",
-                "refsource": "GENTOO",
-                "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
+                "url": "http://marc.info/?l=oss-security&m=127736307002102&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127736307002102&w=2"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=603024",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=603024"
+                "url": "http://marc.info/?l=oss-security&m=127738540902757&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127738540902757&w=2"
             },
             {
-                "name": "40422",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40422"
+                "url": "http://marc.info/?l=oss-security&m=127797353202873&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127797353202873&w=2"
             },
             {
-                "name": "http://bugzilla.maptools.org/show_bug.cgi?id=1996",
-                "refsource": "CONFIRM",
-                "url": "http://bugzilla.maptools.org/show_bug.cgi?id=1996"
+                "url": "http://www.openwall.com/lists/oss-security/2010/06/30/22",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2010/06/30/22"
             },
             {
-                "name": "[oss-security] 20100624 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127738540902757&w=2"
+                "url": "http://bugzilla.maptools.org/show_bug.cgi?id=1996",
+                "refsource": "MISC",
+                "name": "http://bugzilla.maptools.org/show_bug.cgi?id=1996"
             },
             {
-                "name": "[oss-security] 20100701 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127797353202873&w=2"
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2482",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2482"
             },
             {
-                "name": "[oss-security] 20100630 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2010/06/30/22"
+                "url": "https://bugs.launchpad.net/bugs/597246",
+                "refsource": "MISC",
+                "name": "https://bugs.launchpad.net/bugs/597246"
             },
             {
-                "name": "50726",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/50726"
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=603024",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=603024"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608010",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=608010"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "MEDIUM",
+                "accessVector": "NETWORK",
+                "authentication": "NONE",
+                "availabilityImpact": "PARTIAL",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 4.3,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "NONE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "NONE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
+                "version": "2.0"
             }
         ]
     }

2010/2xxx/CVE-2010-2483.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2010-2483",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values."
+                "value": "CVE-2010-2483 libtiff: out-of-bounds read crash on images with invalid SamplesPerPixel values"
             }
         ]
     },
@@ -44,88 +21,164 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Out-of-bounds Read",
+                        "cweId": "CWE-125"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Enterprise Linux 4",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:3.6.1-12.el4_8.5",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:3.8.2-7.el5_5.5",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/591605",
-                "refsource": "CONFIRM",
-                "url": "https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/591605"
+                "url": "http://secunia.com/advisories/50726",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/50726"
             },
             {
-                "name": "[oss-security] 20100624 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127736307002102&w=2"
+                "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml",
+                "refsource": "MISC",
+                "name": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
             },
             {
-                "name": "40527",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40527"
+                "url": "http://marc.info/?l=oss-security&m=127731610612908&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127731610612908&w=2"
             },
             {
-                "name": "[oss-security] 20100629 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127781315415896&w=2"
+                "url": "http://secunia.com/advisories/40422",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40422"
             },
             {
-                "name": "[oss-security] 20100623 CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127731610612908&w=2"
+                "url": "http://marc.info/?l=oss-security&m=127736307002102&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127736307002102&w=2"
             },
             {
-                "name": "ADV-2010-1761",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2010/1761"
+                "url": "http://marc.info/?l=oss-security&m=127738540902757&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127738540902757&w=2"
             },
             {
-                "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2216",
-                "refsource": "CONFIRM",
-                "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2216"
+                "url": "http://marc.info/?l=oss-security&m=127781315415896&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127781315415896&w=2"
             },
             {
-                "name": "GLSA-201209-02",
-                "refsource": "GENTOO",
-                "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
+                "url": "http://marc.info/?l=oss-security&m=127797353202873&w=2",
+                "refsource": "MISC",
+                "name": "http://marc.info/?l=oss-security&m=127797353202873&w=2"
             },
             {
-                "name": "RHSA-2010:0519",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2010-0519.html"
+                "url": "http://secunia.com/advisories/40527",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/40527"
             },
             {
-                "name": "40422",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/40422"
+                "url": "http://www.openwall.com/lists/oss-security/2010/06/30/22",
+                "refsource": "MISC",
+                "name": "http://www.openwall.com/lists/oss-security/2010/06/30/22"
             },
             {
-                "name": "[oss-security] 20100624 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127738540902757&w=2"
+                "url": "http://www.redhat.com/support/errata/RHSA-2010-0519.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2010-0519.html"
             },
             {
-                "name": "[oss-security] 20100701 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://marc.info/?l=oss-security&m=127797353202873&w=2"
+                "url": "http://www.vupen.com/english/advisories/2010/1761",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2010/1761"
             },
             {
-                "name": "[oss-security] 20100630 Re: CVE requests: LibTIFF",
-                "refsource": "MLIST",
-                "url": "http://www.openwall.com/lists/oss-security/2010/06/30/22"
+                "url": "https://access.redhat.com/errata/RHSA-2010:0519",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2010:0519"
             },
             {
-                "name": "50726",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/50726"
+                "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2216",
+                "refsource": "MISC",
+                "name": "http://bugzilla.maptools.org/show_bug.cgi?id=2216"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=603081",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=603081"
+                "url": "https://access.redhat.com/security/cve/CVE-2010-2483",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2010-2483"
+            },
+            {
+                "url": "https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/591605",
+                "refsource": "MISC",
+                "name": "https://bugs.launchpad.net/ubuntu/+source/tiff/+bug/591605"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=603081",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=603081"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=611900",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=611900"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "MEDIUM",
+                "accessVector": "NETWORK",
+                "authentication": "NONE",
+                "availabilityImpact": "PARTIAL",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 4.3,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "NONE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "NONE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
+                "version": "2.0"
             }
         ]
     }

2011/1xxx/CVE-2011-1091.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2011-1091",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 through 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yahoo! servers to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG SMS message."
+                "value": "CVE-2011-1091 Pidgin: Multiple NULL pointer dereference flaws in Yahoo protocol plug-in"
             }
         ]
     },
@@ -44,113 +21,200 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "NULL Pointer Dereference",
+                        "cweId": "CWE-476"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Enterprise Linux 4",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.6-7.el4",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.6-5.el5_7.1",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 6",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.7.9-3.el6",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "ADV-2011-0661",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2011/0661"
+                "url": "http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c",
+                "refsource": "MISC",
+                "name": "http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c"
             },
             {
-                "name": "RHSA-2011:0616",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2011-0616.html"
+                "url": "http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7",
+                "refsource": "MISC",
+                "name": "http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7"
             },
             {
-                "name": "openSUSE-SU-2012:0066",
-                "refsource": "SUSE",
-                "url": "https://hermes.opensuse.org/messages/13195955"
+                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.html",
+                "refsource": "MISC",
+                "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.html"
             },
             {
-                "name": "http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c",
-                "refsource": "CONFIRM",
-                "url": "http://developer.pidgin.im/viewmtn/revision/diff/5cbe18129b6e7c660bc093f7e5e1414ceca17d04/with/a7c415abba1f5f01f79295337518837f73d99bb7/libpurple/protocols/yahoo/libymsg.c"
+                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.html",
+                "refsource": "MISC",
+                "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.html"
             },
             {
-                "name": "http://www.pidgin.im/news/security/?id=51",
-                "refsource": "CONFIRM",
-                "url": "http://www.pidgin.im/news/security/?id=51"
+                "url": "http://secunia.com/advisories/43695",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/43695"
             },
             {
-                "name": "46837",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/46837"
+                "url": "http://secunia.com/advisories/43721",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/43721"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=683031",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=683031"
+                "url": "http://secunia.com/advisories/46376",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/46376"
             },
             {
-                "name": "ADV-2011-0703",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2011/0703"
+                "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884",
+                "refsource": "MISC",
+                "name": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884"
             },
             {
-                "name": "FEDORA-2011-3150",
-                "refsource": "FEDORA",
-                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056309.html"
+                "url": "http://www.pidgin.im/news/security/?id=51",
+                "refsource": "MISC",
+                "name": "http://www.pidgin.im/news/security/?id=51"
             },
             {
-                "name": "43721",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/43721"
+                "url": "http://www.redhat.com/support/errata/RHSA-2011-0616.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2011-0616.html"
             },
             {
-                "name": "SSA:2011-070-02",
-                "refsource": "SLACKWARE",
-                "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.466884"
+                "url": "http://www.redhat.com/support/errata/RHSA-2011-1371.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2011-1371.html"
             },
             {
-                "name": "pidgin-yahoo-protocol-dos(66055)",
-                "refsource": "XF",
-                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66055"
+                "url": "http://www.securityfocus.com/bid/46837",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/46837"
             },
             {
-                "name": "46376",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/46376"
+                "url": "http://www.vupen.com/english/advisories/2011/0643",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2011/0643"
             },
             {
-                "name": "43695",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/43695"
+                "url": "http://www.vupen.com/english/advisories/2011/0661",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2011/0661"
             },
             {
-                "name": "RHSA-2011:1371",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2011-1371.html"
+                "url": "http://www.vupen.com/english/advisories/2011/0669",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2011/0669"
             },
             {
-                "name": "oval:org.mitre.oval:def:18402",
-                "refsource": "OVAL",
-                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402"
+                "url": "http://www.vupen.com/english/advisories/2011/0703",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2011/0703"
             },
             {
-                "name": "ADV-2011-0669",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2011/0669"
+                "url": "https://access.redhat.com/errata/RHSA-2011:0616",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2011:0616"
             },
             {
-                "name": "http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7",
-                "refsource": "CONFIRM",
-                "url": "http://developer.pidgin.im/viewmtn/revision/info/a7c415abba1f5f01f79295337518837f73d99bb7"
+                "url": "https://access.redhat.com/errata/RHSA-2011:1371",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2011:1371"
             },
             {
-                "name": "FEDORA-2011-3113",
-                "refsource": "FEDORA",
-                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055874.html"
+                "url": "https://access.redhat.com/security/cve/CVE-2011-1091",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2011-1091"
             },
             {
-                "name": "ADV-2011-0643",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2011/0643"
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=683031",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=683031"
+            },
+            {
+                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66055",
+                "refsource": "MISC",
+                "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66055"
+            },
+            {
+                "url": "https://hermes.opensuse.org/messages/13195955",
+                "refsource": "MISC",
+                "name": "https://hermes.opensuse.org/messages/13195955"
+            },
+            {
+                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402",
+                "refsource": "MISC",
+                "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18402"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "MEDIUM",
+                "accessVector": "NETWORK",
+                "authentication": "SINGLE",
+                "availabilityImpact": "PARTIAL",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 3.5,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "NONE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "NONE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
+                "version": "2.0"
             }
         ]
     }

2011/1xxx/CVE-2011-1093.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2011-1093",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "The dccp_rcv_state_process function in net/dccp/input.c in the Datagram Congestion Control Protocol (DCCP) implementation in the Linux kernel before 2.6.38 does not properly handle packets for a CLOSED endpoint, which allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending a DCCP-Close packet followed by a DCCP-Reset packet."
+                "value": "CVE-2011-1093 kernel: dccp: fix oops on Reset after close"
             }
         ]
     },
@@ -44,53 +21,151 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "NULL Pointer Dereference",
+                        "cweId": "CWE-476"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "MRG for RHEL-5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.33.9-rt31.64.el5rt",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 5",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.18-238.12.1.el5",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            },
+                            {
+                                "product_name": "Red Hat Enterprise Linux 6",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:2.6.32-71.29.1.el6",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=720dc34bbbe9493c7bd48b2243058b4e447a929d",
-                "refsource": "CONFIRM",
-                "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=720dc34bbbe9493c7bd48b2243058b4e447a929d"
+                "url": "https://access.redhat.com/errata/RHSA-2011:0498",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2011:0498"
             },
             {
-                "name": "46793",
-                "refsource": "BID",
-                "url": "http://www.securityfocus.com/bid/46793"
+                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38",
+                "refsource": "MISC",
+                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38"
             },
             {
-                "name": "RHSA-2011:0833",
-                "refsource": "REDHAT",
-                "url": "http://rhn.redhat.com/errata/RHSA-2011-0833.html"
+                "url": "https://access.redhat.com/errata/RHSA-2011:0500",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2011:0500"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=682954",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=682954"
+                "url": "http://downloads.avaya.com/css/P8/documents/100145416",
+                "refsource": "MISC",
+                "name": "http://downloads.avaya.com/css/P8/documents/100145416"
             },
             {
-                "name": "[oss-security] 20110308 CVE request: kernel: dccp: fix oops on Reset after close",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/08/4"
+                "url": "http://rhn.redhat.com/errata/RHSA-2011-0833.html",
+                "refsource": "MISC",
+                "name": "http://rhn.redhat.com/errata/RHSA-2011-0833.html"
             },
             {
-                "name": "[oss-security] 20110308 Re: CVE request: kernel: dccp: fix oops on Reset after close",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/08/19"
+                "url": "https://access.redhat.com/errata/RHSA-2011:0833",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2011:0833"
             },
             {
-                "name": "http://downloads.avaya.com/css/P8/documents/100145416",
-                "refsource": "CONFIRM",
-                "url": "http://downloads.avaya.com/css/P8/documents/100145416"
+                "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d",
+                "refsource": "MISC",
+                "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=720dc34bbbe9493c7bd48b2243058b4e447a929d"
             },
             {
-                "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38",
-                "refsource": "CONFIRM",
-                "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38"
+                "url": "http://openwall.com/lists/oss-security/2011/03/08/19",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/08/19"
+            },
+            {
+                "url": "http://openwall.com/lists/oss-security/2011/03/08/4",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/08/4"
+            },
+            {
+                "url": "http://www.securityfocus.com/bid/46793",
+                "refsource": "MISC",
+                "name": "http://www.securityfocus.com/bid/46793"
+            },
+            {
+                "url": "https://access.redhat.com/security/cve/CVE-2011-1093",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2011-1093"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=682954",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=682954"
+            }
+        ]
+    },
+    "work_around": [
+        {
+            "lang": "en",
+            "value": "For users that do not run applications that use DCCP, you can prevent the dccp\nmodule from being loaded by adding the following entry to the end of the\n/etc/modprobe.d/blacklist file:\n\nblacklist dccp\n\nThis way, the dccp module cannot be loaded accidentally, which may occur if an\napplication that requires DCCP is started. A reboot is not necessary for this\nchange to take effect but do make sure the module is not loaded in the first\nplace. You can verify that by running:\n\nlsmod | grep dccp\n\nYou may also consider removing the CAP_SYS_MODULE capability from the current\nglobal capability set to prevent kernel modules from being loaded or unloaded.\nThe CAP_SYS_MODULE has a capability number of 16 (see linux/capability.h). The\ndefault value has all the bits set. To remove this capability, you have to\nclear the 16th bit of the default 32-bit value, e.g. 0xffffff ^ (1 << 16):\n\necho 0xFFFEFFFF > /proc/sys/kernel/cap-bound"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "LOW",
+                "accessVector": "NETWORK",
+                "authentication": "NONE",
+                "availabilityImpact": "COMPLETE",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 7.8,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "NONE",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "NONE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
+                "version": "2.0"
             }
         ]
     }

2011/1xxx/CVE-2011-1098.json

@@ -1,40 +1,17 @@
 {
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
     "CVE_data_meta": {
-        "ASSIGNER": "secalert@redhat.com",
         "ID": "CVE-2011-1098",
+        "ASSIGNER": "secalert@redhat.com",
         "STATE": "PUBLIC"
     },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
-    "data_type": "CVE",
-    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place."
+                "value": "CVE-2011-1098 logrotate: TOCTOU race condition by creation of new files (between opening the file and moment, final permissions have been applied) [information disclosure]"
             }
         ]
     },
@@ -44,228 +21,288 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "n/a"
+                        "value": "Time-of-check Time-of-use (TOCTOU) Race Condition",
+                        "cweId": "CWE-367"
                     }
                 ]
             }
         ]
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Red Hat Enterprise Linux 6",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "0:3.7.8-12.el6_0.1",
+                                            "version_affected": "!"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
     "references": {
         "reference_data": [
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/19"
+                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html",
+                "refsource": "MISC",
+                "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html"
             },
             {
-                "name": "[oss-security] 20110304 CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/16"
+                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html",
+                "refsource": "MISC",
+                "name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/25"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/16",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/16"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/30"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/17",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/17"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/26"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/18",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/18"
             },
             {
-                "name": "[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/10/3"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/19",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/19"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/28"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/22",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/22"
             },
             {
-                "name": "[oss-security] 20110308 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/08/5"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/24",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/24"
             },
             {
-                "name": "43955",
-                "refsource": "SECUNIA",
-                "url": "http://secunia.com/advisories/43955"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/25",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/25"
             },
             {
-                "name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/07/5"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/26",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/26"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/31"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/27",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/27"
             },
             {
-                "name": "ADV-2011-0961",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2011/0961"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/28",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/28"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/17"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/29",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/29"
             },
             {
-                "name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/10/6"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/30",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/30"
             },
             {
-                "name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/06/3"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/31",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/31"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/29"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/32",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/32"
             },
             {
-                "name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/07/6"
+                "url": "http://openwall.com/lists/oss-security/2011/03/04/33",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/04/33"
             },
             {
-                "name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/05/6"
+                "url": "http://openwall.com/lists/oss-security/2011/03/05/4",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/05/4"
             },
             {
-                "name": "FEDORA-2011-3739",
-                "refsource": "FEDORA",
-                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057845.html"
+                "url": "http://openwall.com/lists/oss-security/2011/03/05/6",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/05/6"
             },
             {
-                "name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/05/4"
+                "url": "http://openwall.com/lists/oss-security/2011/03/05/8",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/05/8"
             },
             {
-                "name": "ADV-2011-0791",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2011/0791"
+                "url": "http://openwall.com/lists/oss-security/2011/03/06/3",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/06/3"
             },
             {
-                "name": "MDVSA-2011:065",
-                "refsource": "MANDRIVA",
-                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:065"
+                "url": "http://openwall.com/lists/oss-security/2011/03/06/4",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/06/4"
             },
             {
-                "name": "[oss-security] 20110307 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/07/11"
+                "url": "http://openwall.com/lists/oss-security/2011/03/06/5",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/06/5"
             },
             {
-                "name": "[oss-security] 20110323 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/23/11"
+                "url": "http://openwall.com/lists/oss-security/2011/03/06/6",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/06/6"
             },
             {
-                "name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/06/5"
+                "url": "http://openwall.com/lists/oss-security/2011/03/07/11",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/07/11"
             },
             {
-                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=680798",
-                "refsource": "CONFIRM",
-                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680798"
+                "url": "http://openwall.com/lists/oss-security/2011/03/07/5",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/07/5"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/18"
+                "url": "http://openwall.com/lists/oss-security/2011/03/07/6",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/07/6"
             },
             {
-                "name": "FEDORA-2011-3758",
-                "refsource": "FEDORA",
-                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056992.html"
+                "url": "http://openwall.com/lists/oss-security/2011/03/08/5",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/08/5"
             },
             {
-                "name": "[oss-security] 20110310 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/10/2"
+                "url": "http://openwall.com/lists/oss-security/2011/03/10/2",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/10/2"
             },
             {
-                "name": "RHSA-2011:0407",
-                "refsource": "REDHAT",
-                "url": "http://www.redhat.com/support/errata/RHSA-2011-0407.html"
+                "url": "http://openwall.com/lists/oss-security/2011/03/10/3",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/10/3"
             },
             {
-                "name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/11/3"
+                "url": "http://openwall.com/lists/oss-security/2011/03/10/6",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/10/6"
             },
             {
-                "name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/10/7"
+                "url": "http://openwall.com/lists/oss-security/2011/03/10/7",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/10/7"
             },
             {
-                "name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/05/8"
+                "url": "http://openwall.com/lists/oss-security/2011/03/11/3",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/11/3"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/22"
+                "url": "http://openwall.com/lists/oss-security/2011/03/11/5",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/11/5"
             },
             {
-                "name": "[oss-security] 20110311 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/11/5"
+                "url": "http://openwall.com/lists/oss-security/2011/03/14/26",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/14/26"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/27"
+                "url": "http://openwall.com/lists/oss-security/2011/03/23/11",
+                "refsource": "MISC",
+                "name": "http://openwall.com/lists/oss-security/2011/03/23/11"
             },
             {
-                "name": "ADV-2011-0872",
-                "refsource": "VUPEN",
-                "url": "http://www.vupen.com/english/advisories/2011/0872"
+                "url": "http://secunia.com/advisories/43955",
+                "refsource": "MISC",
+                "name": "http://secunia.com/advisories/43955"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/32"
+                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:065",
+                "refsource": "MISC",
+                "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:065"
             },
             {
-                "name": "[oss-security] 20110314 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/14/26"
+                "url": "http://www.redhat.com/support/errata/RHSA-2011-0407.html",
+                "refsource": "MISC",
+                "name": "http://www.redhat.com/support/errata/RHSA-2011-0407.html"
             },
             {
-                "name": "[oss-security] 20110304 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/24"
+                "url": "http://www.vupen.com/english/advisories/2011/0791",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2011/0791"
             },
             {
-                "name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/06/4"
+                "url": "http://www.vupen.com/english/advisories/2011/0872",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2011/0872"
             },
             {
-                "name": "[oss-security] 20110306 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/06/6"
+                "url": "http://www.vupen.com/english/advisories/2011/0961",
+                "refsource": "MISC",
+                "name": "http://www.vupen.com/english/advisories/2011/0961"
             },
             {
-                "name": "[oss-security] 20110305 Re: CVE Request -- logrotate -- nine issues",
-                "refsource": "MLIST",
-                "url": "http://openwall.com/lists/oss-security/2011/03/04/33"
+                "url": "https://access.redhat.com/errata/RHSA-2011:0407",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/errata/RHSA-2011:0407"
+            },
+            {
+                "url": "https://access.redhat.com/security/cve/CVE-2011-1098",
+                "refsource": "MISC",
+                "name": "https://access.redhat.com/security/cve/CVE-2011-1098"
+            },
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680798",
+                "refsource": "MISC",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=680798"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            {
+                "accessComplexity": "MEDIUM",
+                "accessVector": "LOCAL",
+                "authentication": "NONE",
+                "availabilityImpact": "NONE",
+                "availabilityRequirement": "NOT_DEFINED",
+                "baseScore": 1.9,
+                "collateralDamagePotential": "NOT_DEFINED",
+                "confidentialityImpact": "PARTIAL",
+                "confidentialityRequirement": "NOT_DEFINED",
+                "environmentalScore": 0,
+                "exploitability": "NOT_DEFINED",
+                "integrityImpact": "NONE",
+                "integrityRequirement": "NOT_DEFINED",
+                "remediationLevel": "NOT_DEFINED",
+                "reportConfidence": "NOT_DEFINED",
+                "targetDistribution": "NOT_DEFINED",
+                "temporalScore": 0,
+                "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
+                "version": "2.0"
             }
         ]
     }