admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:58:16 +00:00
parent 6833ba124c
commit 0cfdb82da2
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 3443 additions and 3443 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
2002/0xxx/CVE-2002-0231.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0231",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0231",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname."
"lang": "eng",
"value": "Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020203 Buffer overflow in mIRC allowing arbitary code to be executed.",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=101286747013955&w=2"
"name": "4027",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4027"
},
{
"name" : "20020204 Re: Buffer overflow in mIRC allowing arbitary code to be executed.",
"refsource" : "BUGTRAQ",
"url" : "http://online.securityfocus.com/archive/1/254105"
"name": "20020203 Buffer overflow in mIRC allowing arbitary code to be executed.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=101286747013955&w=2"
},
{
"name" : "http://www.uuuppz.com/research/adv-001-mirc.htm",
"refsource" : "MISC",
"url" : "http://www.uuuppz.com/research/adv-001-mirc.htm"
"name": "mirc-nickname-bo(8083)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8083.php"
},
{
"name" : "mirc-nickname-bo(8083)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/8083.php"
"name": "http://www.uuuppz.com/research/adv-001-mirc.htm",
"refsource": "MISC",
"url": "http://www.uuuppz.com/research/adv-001-mirc.htm"
},
{
"name" : "4027",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4027"
"name": "20020204 Re: Buffer overflow in mIRC allowing arbitary code to be executed.",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/254105"
}
]
}

74
2002/0xxx/CVE-2002-0582.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0582",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0582",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WorkforceROI Xpede 4.1 stores temporary expense claim reports in a world-readable and indexable /reports/temp directory, which allows remote attackers to read the reports by accessing the directory."
"lang": "eng",
"value": "WorkforceROI Xpede 4.1 stores temporary expense claim reports in a world-readable and indexable /reports/temp directory, which allows remote attackers to read the reports by accessing the directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020419 Xpede many vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-04/0273.html"
"name": "4554",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4554"
},
{
"name" : "4554",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4554"
"name": "20020419 Xpede many vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0273.html"
},
{
"name" : "xpede-expense-directory-permissions(8905)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/8905.php"
"name": "xpede-expense-directory-permissions(8905)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8905.php"
}
]
}

86
2002/0xxx/CVE-2002-0665.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0665",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0665",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL."
"lang": "eng",
"value": "Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020628 wp-02-0009: Macromedia JRun Admin Server Authentication Bypass",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=102529402127195&w=2"
"name": "http://www.macromedia.com/v1/handlers/index.cfm?ID=23164",
"refsource": "CONFIRM",
"url": "http://www.macromedia.com/v1/handlers/index.cfm?ID=23164"
},
{
"name" : "20020628 [VulnWatch] wp-02-0009: Macromedia JRun Admin Server Authentication Bypass",
"refsource" : "VULNWATCH",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0133.html"
"name": "20020628 [VulnWatch] wp-02-0009: Macromedia JRun Admin Server Authentication Bypass",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0133.html"
},
{
"name" : "http://www.macromedia.com/v1/handlers/index.cfm?ID=23164",
"refsource" : "CONFIRM",
"url" : "http://www.macromedia.com/v1/handlers/index.cfm?ID=23164"
"name": "5118",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5118"
},
{
"name" : "jrun-forwardslash-auth-bypass(9450)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/9450.php"
"name": "20020628 wp-02-0009: Macromedia JRun Admin Server Authentication Bypass",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=102529402127195&w=2"
},
{
"name" : "5118",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/5118"
"name": "jrun-forwardslash-auth-bypass(9450)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9450.php"
}
]
}

98
2002/0xxx/CVE-2002-0685.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0685",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0685",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail message."
"lang": "eng",
"value": "Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020710 EEYE: Remote PGP Outlook Encryption Plug-in Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=102634756815773&w=2"
"name": "4364",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4364"
},
{
"name" : "20020710 EEYE: Remote PGP Outlook Encryption Plug-in Vulnerability",
"refsource" : "NTBUGTRAQ",
"url" : "http://marc.info/?l=ntbugtraq&m=102639521518942&w=2"
"name": "pgp-outlook-heap-overflow(9525)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9525.php"
},
{
"name" : "http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.04/hotfix/ReadMe.txt",
"refsource" : "CONFIRM",
"url" : "http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.04/hotfix/ReadMe.txt"
"name": "VU#821139",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/821139"
},
{
"name" : "VU#821139",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/821139"
"name": "5202",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5202"
},
{
"name" : "5202",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/5202"
"name": "20020710 EEYE: Remote PGP Outlook Encryption Plug-in Vulnerability",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq&m=102639521518942&w=2"
},
{
"name" : "4364",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/4364"
"name": "20020710 EEYE: Remote PGP Outlook Encryption Plug-in Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=102634756815773&w=2"
},
{
"name" : "pgp-outlook-heap-overflow(9525)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/9525.php"
"name": "http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.04/hotfix/ReadMe.txt",
"refsource": "CONFIRM",
"url": "http://download.nai.com/products/licensed/pgp/desktop_security/windows/version_7.04/hotfix/ReadMe.txt"
}
]
}

86
2002/0xxx/CVE-2002-0946.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0946",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0946",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in SeaNox Devwex before 1.2002.0601 allows remote attackers to read arbitrary files via ..\\ (dot dot) sequences in an HTTP request."
"lang": "eng",
"value": "Directory traversal vulnerability in SeaNox Devwex before 1.2002.0601 allows remote attackers to read arbitrary files via ..\\ (dot dot) sequences in an HTTP request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020608 SeaNox Devwex - Denial of Service and Directory traversal",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-06/0056.html"
"name": "20020608 SeaNox Devwex - Denial of Service and Directory traversal",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-06/0056.html"
},
{
"name" : "http://www.seanox.de/projects.devwex.php",
"refsource" : "CONFIRM",
"url" : "http://www.seanox.de/projects.devwex.php"
"name": "5048",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5048"
},
{
"name" : "4978",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4978"
"name": "http://www.seanox.de/projects.devwex.php",
"refsource": "CONFIRM",
"url": "http://www.seanox.de/projects.devwex.php"
},
{
"name" : "devwex-dotdot-directory-traversal(9299)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/9299.php"
"name": "devwex-dotdot-directory-traversal(9299)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9299.php"
},
{
"name" : "5048",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/5048"
"name": "4978",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4978"
}
]
}

92
2002/1xxx/CVE-2002-1079.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1079",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1079",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\\ (dot-dot backslash) sequences in an HTTP GET request."
"lang": "eng",
"value": "Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\\ (dot-dot backslash) sequences in an HTTP GET request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020822 Abyss 1.0.3 directory traversal and administration bugs",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html"
"name": "http://www.aprelium.com/news/patch1033.html",
"refsource": "CONFIRM",
"url": "http://www.aprelium.com/news/patch1033.html"
},
{
"name" : "http://www.aprelium.com/news/patch1033.html",
"refsource" : "CONFIRM",
"url" : "http://www.aprelium.com/news/patch1033.html"
"name": "20020822 Abyss 1.0.3 directory traversal and administration bugs",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html"
},
{
"name" : "abyss-get-directory-traversal(9941)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/9941.php"
"name": "abyss-http-directory-traversal(9940)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9940.php"
},
{
"name" : "abyss-http-directory-traversal(9940)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/9940.php"
"name": "3285",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3285"
},
{
"name" : "5547",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/5547"
"name": "abyss-get-directory-traversal(9941)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9941.php"
},
{
"name" : "3285",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/3285"
"name": "5547",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5547"
}
]
}

62
2002/1xxx/CVE-2002-1475.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1475",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1475",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to \"take over packets destined for another host\" and cause a denial of service."
"lang": "eng",
"value": "Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to \"take over packets destined for another host\" and cause a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "SSRT-547",
"refsource" : "COMPAQ",
"url" : "http://archives.neohapsis.com/archives/tru64/2002-q3/0017.html"
"name": "SSRT-547",
"refsource": "COMPAQ",
"url": "http://archives.neohapsis.com/archives/tru64/2002-q3/0017.html"
}
]
}

22
2002/2xxx/CVE-2002-2136.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-2136",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2002-2136",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1590. Reason: This candidate is a duplicate of CVE-2002-1590. Notes: All CVE users should reference CVE-2002-1590 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1590. Reason: This candidate is a duplicate of CVE-2002-1590. Notes: All CVE users should reference CVE-2002-1590 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

80
2002/2xxx/CVE-2002-2274.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-2274",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2274",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "akfingerd 0.5 allows local users to read arbitrary files as the akfingerd user (nobody) via a symlink attack on the .plan file."
"lang": "eng",
"value": "akfingerd 0.5 allows local users to read arbitrary files as the akfingerd user (nobody) via a symlink attack on the .plan file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20021205 Multiple vulnerabilities in akfingerd",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-12/0049.html"
"name": "6325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6325"
},
{
"name" : "http://synflood.at/akfingerd",
"refsource" : "CONFIRM",
"url" : "http://synflood.at/akfingerd"
"name": "20021205 Multiple vulnerabilities in akfingerd",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-12/0049.html"
},
{
"name" : "6325",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/6325"
"name": "http://synflood.at/akfingerd",
"refsource": "CONFIRM",
"url": "http://synflood.at/akfingerd"
},
{
"name" : "akfingerd-read-files(10796)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/10796"
"name": "akfingerd-read-files(10796)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10796"
}
]
}

86
2003/0xxx/CVE-2003-0550.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0550",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0550",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology."
"lang": "eng",
"value": "The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "RHSA-2003:238",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2003-238.html"
"name": "RHSA-2003:238",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-238.html"
},
{
"name" : "DSA-358",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2004/dsa-358"
"name": "DSA-423",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-423"
},
{
"name" : "DSA-423",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2004/dsa-423"
"name": "RHSA-2003:239",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-239.html"
},
{
"name" : "RHSA-2003:239",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2003-239.html"
"name": "oval:org.mitre.oval:def:380",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A380"
},
{
"name" : "oval:org.mitre.oval:def:380",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A380"
"name": "DSA-358",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-358"
}
]
}

74
2003/0xxx/CVE-2003-0677.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0677",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0677",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka \"ONDM Ping failure.\""
"lang": "eng",
"value": "Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka \"ONDM Ping failure.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030807 Cisco CSS 11000 Series DoS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/332284"
"name": "20030807 Cisco CSS 11000 Series DoS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/332284"
},
{
"name" : "20030807 Cisco CSS 11000 Series DoS",
"refsource" : "VULNWATCH",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0073.html"
"name": "20030808 Re: [VulnWatch] Cisco CSS 11000 Series DoS",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0079.html"
},
{
"name" : "20030808 Re: [VulnWatch] Cisco CSS 11000 Series DoS",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0079.html"
"name": "20030807 Cisco CSS 11000 Series DoS",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0073.html"
}
]
}

68
2003/0xxx/CVE-2003-0689.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0689",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0689",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow."
"lang": "eng",
"value": "The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "RHSA-2003:249",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2003-249.html"
"name": "RHSA-2003:249",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-249.html"
},
{
"name" : "RHSA-2003:325",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2003-325.html"
"name": "RHSA-2003:325",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-325.html"
}
]
}

62
2003/0xxx/CVE-2003-0705.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0705",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0705",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code."
"lang": "eng",
"value": "Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "DSA-378",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2003/dsa-378"
"name": "DSA-378",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-378"
}
]
}

22
2005/1xxx/CVE-2005-1690.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2005-1690",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2005-1690",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1250. Reason: This candidate is a duplicate of CVE-2005-1250. Notes: this duplicate occurred as a result of multiple independent discoveries and insufficient coordination by the vendor and CNA. All CVE users should reference CVE-2005-1250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-1250. Reason: This candidate is a duplicate of CVE-2005-1250. Notes: this duplicate occurred as a result of multiple independent discoveries and insufficient coordination by the vendor and CNA. All CVE users should reference CVE-2005-1250 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

92
2009/1xxx/CVE-2009-1497.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1497",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1497",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file."
"lang": "eng",
"value": "Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20090408 [Bkis-06-2009] GOM Player Subtitle Buffer Overflow Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/502552/100/0/threaded"
"name": "53361",
"refsource": "OSVDB",
"url": "http://osvdb.org/53361"
},
{
"name" : "8370",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/8370"
"name": "8370",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8370"
},
{
"name" : "http://security.bkis.vn/?p=501",
"refsource" : "MISC",
"url" : "http://security.bkis.vn/?p=501"
"name": "20090408 [Bkis-06-2009] GOM Player Subtitle Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502552/100/0/threaded"
},
{
"name" : "34427",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/34427"
"name": "34427",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34427"
},
{
"name" : "53361",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/53361"
"name": "34639",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34639"
},
{
"name" : "34639",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34639"
"name": "http://security.bkis.vn/?p=501",
"refsource": "MISC",
"url": "http://security.bkis.vn/?p=501"
}
]
}

146
2009/1xxx/CVE-2009-1859.json
View File

@ -1,131 +1,131 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-1859",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1859",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption."
"lang": "eng",
"value": "Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb09-07.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb09-07.html"
"name": "35274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35274"
},
{
"name" : "GLSA-200907-06",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200907-06.xml"
"name": "35289",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35289"
},
{
"name" : "RHSA-2009:1109",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2009-1109.html"
"name": "ADV-2009-1547",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1547"
},
{
"name" : "SUSE-SR:2009:012",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
"name": "35655",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35655"
},
{
"name" : "SUSE-SA:2009:035",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html"
"name": "TA09-161A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-161A.html"
},
{
"name" : "TA09-161A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA09-161A.html"
"name": "35734",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35734"
},
{
"name" : "35274",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35274"
"name": "RHSA-2009:1109",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2009-1109.html"
},
{
"name" : "35289",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/35289"
"name": "http://www.adobe.com/support/security/bulletins/apsb09-07.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb09-07.html"
},
{
"name" : "1022361",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1022361"
"name": "SUSE-SA:2009:035",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html"
},
{
"name" : "34580",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/34580"
"name": "1022361",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022361"
},
{
"name" : "35496",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35496"
"name": "GLSA-200907-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200907-06.xml"
},
{
"name" : "35655",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35655"
"name": "34580",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34580"
},
{
"name" : "35685",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35685"
"name": "35685",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35685"
},
{
"name" : "35734",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/35734"
"name": "SUSE-SR:2009:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"name" : "ADV-2009-1547",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2009/1547"
"name": "35496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35496"
}
]
}

68
2009/5xxx/CVE-2009-5083.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2009-5083",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5083",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which allows remote attackers to bypass authentication via unspecified vectors."
"lang": "eng",
"value": "IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which allows remote attackers to bypass authentication via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg24029497",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg24029497"
"name": "IZ44571",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ44571"
},
{
"name" : "IZ44571",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ44571"
"name": "http://www.ibm.com/support/docview.wss?uid=swg24029497",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg24029497"
}
]
}

74
2012/0xxx/CVE-2012-0080.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-0080",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-0080",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Management."
"lang": "eng",
"value": "Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Management."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
"name": "51466",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51466"
},
{
"name" : "51466",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/51466"
"name": "peoplesoft-enterprisehcm-cve20120080(72481)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72481"
},
{
"name" : "peoplesoft-enterprisehcm-cve20120080(72481)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72481"
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
}
]
}

68
2012/0xxx/CVE-2012-0243.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-0243",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-0243",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content to any pathname."
"lang": "eng",
"value": "Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content to any pathname."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf"
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-047-01.pdf"
},
{
"name" : "52051",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/52051"
"name": "52051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52051"
}
]
}

164
2012/1xxx/CVE-2012-1717.json
View File

@ -1,146 +1,146 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1717",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-1717",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux."
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[OpenJDK] 20120612 IcedTea6 1.10.8 & 1.11.3 Released",
"refsource" : "MLIST",
"url" : "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html"
"name": "53952",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53952"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
"name": "SUSE-SU-2012:1265",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21615246",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21615246"
"name": "SUSE-SU-2012:1177",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html"
},
{
"name" : "GLSA-201406-32",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml"
"name": "SUSE-SU-2012:1231",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
},
{
"name" : "MDVSA-2012:095",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:095"
"name": "RHSA-2012:0734",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0734.html"
},
{
"name" : "MDVSA-2013:150",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
"name": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
},
{
"name" : "RHSA-2012:1243",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1243.html"
"name": "RHSA-2012:1243",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1243.html"
},
{
"name" : "RHSA-2013:1455",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
"name": "[OpenJDK] 20120612 IcedTea6 1.10.8 & 1.11.3 Released",
"refsource": "MLIST",
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html"
},
{
"name" : "RHSA-2013:1456",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
"name": "50659",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50659"
},
{
"name" : "RHSA-2012:0734",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0734.html"
"name": "SUSE-SU-2012:1204",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html"
},
{
"name" : "SUSE-SU-2012:1231",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name" : "SUSE-SU-2012:1177",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html"
"name": "MDVSA-2012:095",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:095"
},
{
"name" : "SUSE-SU-2012:1265",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name" : "SUSE-SU-2012:1204",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html"
"name": "RHSA-2013:1456",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name" : "53952",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/53952"
"name": "http://www.ibm.com/support/docview.wss?uid=swg21615246",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"
},
{
"name" : "50659",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50659"
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name" : "51080",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51080"
"name": "51080",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51080"
}
]
}

128
2012/1xxx/CVE-2012-1766.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1766",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-1766",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1767, CVE-2012-1769, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1767, CVE-2012-1769, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
"name": "outsideintechnology-outsideinfilters-dos(76999)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76999"
},
{
"name" : "http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx",
"refsource" : "CONFIRM",
"url" : "http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx"
"name": "http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx"
},
{
"name" : "http://technet.microsoft.com/security/advisory/2737111",
"refsource" : "CONFIRM",
"url" : "http://technet.microsoft.com/security/advisory/2737111"
"name": "1027264",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027264"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21660640",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21660640"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21660640",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660640"
},
{
"name" : "MDVSA-2013:150",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
"name": "VU#118913",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/118913"
},
{
"name" : "MS12-067",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067"
"name": "MS12-058",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058"
},
{
"name" : "MS12-058",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name" : "VU#118913",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/118913"
"name": "54531",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54531"
},
{
"name" : "54531",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/54531"
"name": "oval:org.mitre.oval:def:15724",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15724"
},
{
"name" : "oval:org.mitre.oval:def:15724",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15724"
"name": "MS12-067",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067"
},
{
"name" : "1027264",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027264"
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name" : "outsideintechnology-outsideinfilters-dos(76999)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76999"
"name": "http://technet.microsoft.com/security/advisory/2737111",
"refsource": "CONFIRM",
"url": "http://technet.microsoft.com/security/advisory/2737111"
}
]
}

80
2012/1xxx/CVE-2012-1985.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1985",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1985",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service (stack consumption and daemon crash) via a malformed URL."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in RealNetworks Helix Server and Helix Mobile Server 14.x before 14.3.x allows remote attackers to hijack the authentication of administrators for requests that cause a denial of service (stack consumption and daemon crash) via a malformed URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://helixproducts.real.com/docs/security/SecurityUpdate04022012HS.pdf",
"refsource" : "CONFIRM",
"url" : "http://helixproducts.real.com/docs/security/SecurityUpdate04022012HS.pdf"
"name": "52929",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52929"
},
{
"name" : "52929",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/52929"
"name": "helix-server-url-dos(74678)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74678"
},
{
"name" : "1026898",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026898"
"name": "1026898",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026898"
},
{
"name" : "helix-server-url-dos(74678)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74678"
"name": "http://helixproducts.real.com/docs/security/SecurityUpdate04022012HS.pdf",
"refsource": "CONFIRM",
"url": "http://helixproducts.real.com/docs/security/SecurityUpdate04022012HS.pdf"
}
]
}

22
2012/3xxx/CVE-2012-3087.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3087",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3087",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2012/3xxx/CVE-2012-3328.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3328",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-3328",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1, Maximo Asset Management Essentials 7.1, Tivoli Asset Management for IT 7.1 and 7.2, Tivoli Service Request Manager 7.1 and 7.2, and Change and Configuration Management Database (CCMDB) 7.1 and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to a hidden frame footer."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1, Maximo Asset Management Essentials 7.1, Tivoli Asset Management for IT 7.1 and 7.2, Tivoli Service Request Manager 7.1 and 7.2, and Change and Configuration Management Database (CCMDB) 7.1 and 7.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to a hidden frame footer."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21625624",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21625624"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21625624",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21625624"
},
{
"name" : "IV20823",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV20823"
"name": "mam-hiddenframefooter-xss(78040)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78040"
},
{
"name" : "mam-hiddenframefooter-xss(78040)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/78040"
"name": "IV20823",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV20823"
}
]
}

74
2012/3xxx/CVE-2012-3487.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3487",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3487",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process."
"lang": "eng",
"value": "Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20120811 OS X Local Root: Silly SUID Helper in Tunnel Blick",
"refsource" : "FULLDISC",
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2012-08/0122.html"
"name": "[oss-security] 20120812 Re: Tunnel Blick: Multiple Vulnerabilities to Local Root and DoS (OS X)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/14/1"
},
{
"name" : "[oss-security] 20120812 Re: Tunnel Blick: Multiple Vulnerabilities to Local Root and DoS (OS X)",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/08/14/1"
"name": "http://code.google.com/p/tunnelblick/issues/detail?id=212",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/tunnelblick/issues/detail?id=212"
},
{
"name" : "http://code.google.com/p/tunnelblick/issues/detail?id=212",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/tunnelblick/issues/detail?id=212"
"name": "20120811 OS X Local Root: Silly SUID Helper in Tunnel Blick",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2012-08/0122.html"
}
]
}

194
2012/3xxx/CVE-2012-3524.json
View File

@ -1,171 +1,171 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3524",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3524",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: \"we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus.\""
"lang": "eng",
"value": "libdbus 1.5.x and earlier, when used in setuid or other privileged programs in X.org and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: libdbus maintainers state that this is a vulnerability in the applications that do not cleanse environment variables, not in libdbus itself: \"we do not support use of libdbus in setuid binaries that do not sanitize their environment before their first call into libdbus.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "21323",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/21323"
"name": "SUSE-SU-2012:1155",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00009.html"
},
{
"name" : "[oss-security] 20120710 libdbus hardening",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/07/10/4"
"name": "[oss-security] 20120912 libdbus CVE-2012-3524 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/12/6"
},
{
"name" : "[oss-security] 20120726 Re: libdbus hardening",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/07/26/1"
"name": "[oss-security] 20120726 Re: libdbus hardening",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/26/1"
},
{
"name" : "[oss-security] 20120912 libdbus CVE-2012-3524 fix",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/09/12/6"
"name": "openSUSE-SU-2012:1287",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00000.html"
},
{
"name" : "[oss-security] 20120914 Re: libdbus CVE-2012-3524 fix",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/09/14/2"
"name": "openSUSE-SU-2012:1418",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html"
},
{
"name" : "[oss-security] 20120917 Re: libdbus CVE-2012-3524 fix",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/09/17/2"
"name": "50544",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50544"
},
{
"name" : "http://stealth.openwall.net/null/dzug.c",
"refsource" : "MISC",
"url" : "http://stealth.openwall.net/null/dzug.c"
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=52202",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=52202"
},
{
"name" : "https://bugzilla.novell.com/show_bug.cgi?id=697105",
"refsource" : "MISC",
"url" : "https://bugzilla.novell.com/show_bug.cgi?id=697105"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=847402",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=847402"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=847402",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=847402"
"name": "USN-1576-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1576-1"
},
{
"name" : "https://bugs.freedesktop.org/show_bug.cgi?id=52202",
"refsource" : "CONFIRM",
"url" : "https://bugs.freedesktop.org/show_bug.cgi?id=52202"
"name": "50537",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50537"
},
{
"name" : "MDVSA-2013:070",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:070"
"name": "[oss-security] 20120917 Re: libdbus CVE-2012-3524 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/17/2"
},
{
"name" : "MDVSA-2013:083",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:083"
"name": "21323",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/21323"
},
{
"name" : "RHSA-2012:1261",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1261.html"
"name": "55517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55517"
},
{
"name" : "SUSE-SU-2012:1155",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00009.html"
"name": "RHSA-2012:1261",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1261.html"
},
{
"name" : "SUSE-SU-2012:1155-2",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00015.html"
"name": "[oss-security] 20120710 libdbus hardening",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/10/4"
},
{
"name" : "openSUSE-SU-2012:1287",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00000.html"
"name": "[oss-security] 20120914 Re: libdbus CVE-2012-3524 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/14/2"
},
{
"name" : "openSUSE-SU-2012:1418",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html"
"name": "MDVSA-2013:083",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:083"
},
{
"name" : "USN-1576-2",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1576-2"
"name": "MDVSA-2013:070",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:070"
},
{
"name" : "USN-1576-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1576-1"
"name": "50710",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50710"
},
{
"name" : "55517",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/55517"
"name": "SUSE-SU-2012:1155-2",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00015.html"
},
{
"name" : "50537",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50537"
"name": "https://bugzilla.novell.com/show_bug.cgi?id=697105",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=697105"
},
{
"name" : "50544",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50544"
"name": "USN-1576-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1576-2"
},
{
"name" : "50710",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50710"
"name": "http://stealth.openwall.net/null/dzug.c",
"refsource": "MISC",
"url": "http://stealth.openwall.net/null/dzug.c"
}
]
}

122
2012/4xxx/CVE-2012-4191.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4191",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4191",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors."
"lang": "eng",
"value": "The mozilla::net::FailDelayManager::Lookup function in the WebSockets implementation in Mozilla Firefox before 16.0.1, Thunderbird before 16.0.1, and SeaMonkey before 2.13.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-88.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-88.html"
"name": "50904",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50904"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=798045",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=798045"
"name": "50984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50984"
},
{
"name" : "USN-1608-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1608-1"
"name": "oval:org.mitre.oval:def:16719",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16719"
},
{
"name" : "USN-1611-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1611-1"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=798045",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=798045"
},
{
"name" : "86125",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/86125"
"name": "mozilla-websockets-code-execution(79209)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79209"
},
{
"name" : "oval:org.mitre.oval:def:16719",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16719"
"name": "86125",
"refsource": "OSVDB",
"url": "http://osvdb.org/86125"
},
{
"name" : "1027653",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027653"
"name": "USN-1608-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1608-1"
},
{
"name" : "50929",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50929"
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-88.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-88.html"
},
{
"name" : "50904",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50904"
"name": "50929",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50929"
},
{
"name" : "50984",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/50984"
"name": "USN-1611-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1611-1"
},
{
"name" : "mozilla-websockets-code-execution(79209)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/79209"
"name": "1027653",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027653"
}
]
}

74
2012/4xxx/CVE-2012-4342.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4342",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4342",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 before 3.0.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Gallery 3 before 3.0.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://gallery.menalto.com/gallery_3_0_4",
"refsource" : "CONFIRM",
"url" : "http://gallery.menalto.com/gallery_3_0_4"
"name": "FEDORA-2012-9705",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082954.html"
},
{
"name" : "FEDORA-2012-9666",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082995.html"
"name": "http://gallery.menalto.com/gallery_3_0_4",
"refsource": "CONFIRM",
"url": "http://gallery.menalto.com/gallery_3_0_4"
},
{
"name" : "FEDORA-2012-9705",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082954.html"
"name": "FEDORA-2012-9666",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082995.html"
}
]
}

82
2017/2xxx/CVE-2017-2162.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-2162",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2162",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "FlashAirTM SDHC Memory Card (SD-WE Series <W-03>)",
"version" : {
"version_data" : [
"product_name": "FlashAirTM SDHC Memory Card (SD-WE Series <W-03>)",
"version": {
"version_data": [
{
"version_value" : "V3.00.02 and earlier"
"version_value": "V3.00.02 and earlier"
}
]
}
},
{
"product_name" : "FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>)",
"version" : {
"version_data" : [
"product_name": "FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>)",
"version": {
"version_data": [
{
"version_value" : "V2.00.04 and earlier"
"version_value": "V2.00.04 and earlier"
}
]
}
}
]
},
"vendor_name" : "Toshiba Corporation"
"vendor_name": "Toshiba Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>) V2.00.04 and earlier allows default credentials to be set for wireless LAN connections to the product when enabling the PhotoShare function through a web browser."
"lang": "eng",
"value": "FlashAirTM SDHC Memory Card (SD-WE Series <W-03>) V3.00.02 and earlier and FlashAirTM SDHC Memory Card (SD-WD/WC Series <W-02>) V2.00.04 and earlier allows default credentials to be set for wireless LAN connections to the product when enabling the PhotoShare function through a web browser."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Configures default credentials"
"lang": "eng",
"value": "Configures default credentials"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.toshiba-personalstorage.net/news/20170516a.htm",
"refsource" : "CONFIRM",
"url" : "http://www.toshiba-personalstorage.net/news/20170516a.htm"
"name": "JVNDB-2017-000091",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2017-000091"
},
{
"name" : "JVN#81820501",
"refsource" : "JVN",
"url" : "https://jvn.jp/en/jp/JVN81820501/index.html"
"name": "JVN#81820501",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN81820501/index.html"
},
{
"name" : "JVNDB-2017-000091",
"refsource" : "JVNDB",
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2017-000091"
"name": "http://www.toshiba-personalstorage.net/news/20170516a.htm",
"refsource": "CONFIRM",
"url": "http://www.toshiba-personalstorage.net/news/20170516a.htm"
}
]
}

104
2017/2xxx/CVE-2017-2455.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2017-2455",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-2455",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "41809",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41809/"
"name": "41809",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41809/"
},
{
"name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1082",
"refsource" : "MISC",
"url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1082"
"name": "1038137",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038137"
},
{
"name" : "https://support.apple.com/HT207600",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207600"
"name": "https://support.apple.com/HT207601",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207601"
},
{
"name" : "https://support.apple.com/HT207601",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207601"
"name": "97130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97130"
},
{
"name" : "https://support.apple.com/HT207617",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207617"
"name": "GLSA-201706-15",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-15"
},
{
"name" : "GLSA-201706-15",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201706-15"
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1082",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1082"
},
{
"name" : "97130",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97130"
"name": "https://support.apple.com/HT207600",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207600"
},
{
"name" : "1038137",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038137"
"name": "https://support.apple.com/HT207617",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207617"
}
]
}

22
2017/6xxx/CVE-2017-6115.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6115",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6115",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2017/6xxx/CVE-2017-6182.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6182",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6182",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304."
"lang": "eng",
"value": "In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "42332",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/42332/"
"name": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html",
"refsource": "CONFIRM",
"url": "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
},
{
"name" : "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html",
"refsource" : "CONFIRM",
"url" : "http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html"
"name": "97261",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97261"
},
{
"name" : "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2",
"refsource" : "CONFIRM",
"url" : "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
"name": "42332",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42332/"
},
{
"name" : "97261",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97261"
"name": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2",
"refsource": "CONFIRM",
"url": "https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2"
}
]
}

122
2017/6xxx/CVE-2017-6214.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6214",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6214",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag."
"lang": "eng",
"value": "The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
"refsource" : "CONFIRM",
"url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82"
"name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-09-01"
},
{
"name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11"
"name": "96421",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96421"
},
{
"name" : "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
"refsource" : "CONFIRM",
"url" : "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82"
"name": "RHSA-2017:1615",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1615"
},
{
"name" : "https://source.android.com/security/bulletin/2017-09-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-09-01"
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ccf7abb93af09ad0868ae9033d1ca8108bdaec82"
},
{
"name" : "DSA-3804",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3804"
"name": "RHSA-2017:1647",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1647"
},
{
"name" : "RHSA-2017:1372",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1372"
"name": "RHSA-2017:1616",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1616"
},
{
"name" : "RHSA-2017:1615",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1615"
"name": "RHSA-2017:1372",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1372"
},
{
"name" : "RHSA-2017:1616",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1616"
"name": "1037897",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037897"
},
{
"name" : "RHSA-2017:1647",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1647"
"name": "DSA-3804",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3804"
},
{
"name" : "96421",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96421"
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.11"
},
{
"name" : "1037897",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037897"
"name": "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ccf7abb93af09ad0868ae9033d1ca8108bdaec82"
}
]
}

82
2017/6xxx/CVE-2017-6331.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@symantec.com",
"DATE_PUBLIC" : "2017-11-06T00:00:00",
"ID" : "CVE-2017-6331",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"DATE_PUBLIC": "2017-11-06T00:00:00",
"ID": "CVE-2017-6331",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Symantec Endpoint Protection",
"version" : {
"version_data" : [
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value" : "Prior to SEP 14 RU1"
"version_value": "Prior to SEP 14 RU1"
}
]
}
}
]
},
"vendor_name" : "Symantec Corporation"
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients."
"lang": "eng",
"value": "Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Tamper-protection bypass"
"lang": "eng",
"value": "Tamper-protection bypass"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "43134",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/43134/"
"name": "43134",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43134/"
},
{
"name" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00",
"refsource" : "CONFIRM",
"url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00"
"name": "101502",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101502"
},
{
"name" : "101502",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/101502"
"name": "1039775",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039775"
},
{
"name" : "1039775",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039775"
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00"
}
]
}

86
2017/6xxx/CVE-2017-6471.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6471",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6471",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validating the capability length."
"lang": "eng",
"value": "In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validating the capability length."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13348",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13348"
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13348",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13348"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=62afef41277dfac37f515207ca73d33306e3302b",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=62afef41277dfac37f515207ca73d33306e3302b"
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=62afef41277dfac37f515207ca73d33306e3302b",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=62afef41277dfac37f515207ca73d33306e3302b"
},
{
"name" : "https://www.wireshark.org/security/wnpa-sec-2017-05.html",
"refsource" : "CONFIRM",
"url" : "https://www.wireshark.org/security/wnpa-sec-2017-05.html"
"name": "96564",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96564"
},
{
"name" : "DSA-3811",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3811"
"name": "https://www.wireshark.org/security/wnpa-sec-2017-05.html",
"refsource": "CONFIRM",
"url": "https://www.wireshark.org/security/wnpa-sec-2017-05.html"
},
{
"name" : "96564",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96564"
"name": "DSA-3811",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3811"
}
]
}

22
2017/6xxx/CVE-2017-6933.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6933",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6933",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2017/7xxx/CVE-2017-7383.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-7383",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7383",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document."
"lang": "eng",
"value": "The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://blogs.gentoo.org/ago/2017/03/31/podofo-four-null-pointer-dereference",
"refsource" : "MISC",
"url" : "https://blogs.gentoo.org/ago/2017/03/31/podofo-four-null-pointer-dereference"
"name": "https://blogs.gentoo.org/ago/2017/03/31/podofo-four-null-pointer-dereference",
"refsource": "MISC",
"url": "https://blogs.gentoo.org/ago/2017/03/31/podofo-four-null-pointer-dereference"
},
{
"name" : "97296",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97296"
"name": "97296",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97296"
}
]
}

62
2018/10xxx/CVE-2018-10052.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10052",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10052",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "iScripts SupportDesk v4.3 has XSS via the admin/inteligentsearchresult.php txtinteligentsearch parameter."
"lang": "eng",
"value": "iScripts SupportDesk v4.3 has XSS via the admin/inteligentsearchresult.php txtinteligentsearch parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://pastebin.com/aeqYLK9u",
"refsource" : "MISC",
"url" : "https://pastebin.com/aeqYLK9u"
"name": "https://pastebin.com/aeqYLK9u",
"refsource": "MISC",
"url": "https://pastebin.com/aeqYLK9u"
}
]
}

22
2018/10xxx/CVE-2018-10390.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10390",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10390",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/10xxx/CVE-2018-10964.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10964",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10964",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/14xxx/CVE-2018-14144.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14144",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14144",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2018/14xxx/CVE-2018-14262.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2018-14262",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2018-14262",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Foxit Reader",
"version" : {
"version_data" : [
"product_name": "Foxit Reader",
"version": {
"version_data": [
{
"version_value" : "9.0.1.1049"
"version_value": "9.0.1.1049"
}
]
}
}
]
},
"vendor_name" : "Foxit"
"vendor_name": "Foxit"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getURL method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6025."
"lang": "eng",
"value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getURL method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6025."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-843-Access of Resource Using Incompatible Type ('Type Confusion')"
"lang": "eng",
"value": "CWE-843-Access of Resource Using Incompatible Type ('Type Confusion')"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://zerodayinitiative.com/advisories/ZDI-18-722",
"refsource" : "MISC",
"url" : "https://zerodayinitiative.com/advisories/ZDI-18-722"
"name": "https://zerodayinitiative.com/advisories/ZDI-18-722",
"refsource": "MISC",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-722"
},
{
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource" : "CONFIRM",
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php"
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}
]
}

74
2018/14xxx/CVE-2018-14423.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14423",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14423",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash)."
"lang": "eng",
"value": "Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[debian-lts-announce] 20181222 [SECURITY] [DLA 1614-1] openjpeg2 security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/12/msg00013.html"
"name": "[debian-lts-announce] 20181222 [SECURITY] [DLA 1614-1] openjpeg2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00013.html"
},
{
"name" : "https://github.com/uclouvain/openjpeg/issues/1123",
"refsource" : "MISC",
"url" : "https://github.com/uclouvain/openjpeg/issues/1123"
"name": "https://github.com/uclouvain/openjpeg/issues/1123",
"refsource": "MISC",
"url": "https://github.com/uclouvain/openjpeg/issues/1123"
},
{
"name" : "DSA-4405",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2019/dsa-4405"
"name": "DSA-4405",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4405"
}
]
}

22
2018/14xxx/CVE-2018-14684.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14684",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14684",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2018/14xxx/CVE-2018-14947.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14947",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14947",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in XmlFonts.cc has Mismatched Memory Management Routines (operator new [] versus operator delete)."
"lang": "eng",
"value": "An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in XmlFonts.cc has Mismatched Memory Management Routines (operator new [] versus operator delete)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/flexpaper/pdf2json/issues/20",
"refsource" : "MISC",
"url" : "https://github.com/flexpaper/pdf2json/issues/20"
"name": "https://github.com/flexpaper/pdf2json/issues/20",
"refsource": "MISC",
"url": "https://github.com/flexpaper/pdf2json/issues/20"
},
{
"name" : "https://github.com/fouzhe/security/tree/master/pdf2json#alloc_dealloc_mismatch-in-function-csstyle",
"refsource" : "MISC",
"url" : "https://github.com/fouzhe/security/tree/master/pdf2json#alloc_dealloc_mismatch-in-function-csstyle"
"name": "https://github.com/fouzhe/security/tree/master/pdf2json#alloc_dealloc_mismatch-in-function-csstyle",
"refsource": "MISC",
"url": "https://github.com/fouzhe/security/tree/master/pdf2json#alloc_dealloc_mismatch-in-function-csstyle"
}
]
}

22
2018/15xxx/CVE-2018-15284.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15284",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15284",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/15xxx/CVE-2018-15693.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-15693",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-15693",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization bypass via insecure direct object reference."
"lang": "eng",
"value": "Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization bypass via insecure direct object reference."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.kpmg.de/noindex/advisories/KPMG-2018-001.txt",
"refsource" : "MISC",
"url" : "https://www.kpmg.de/noindex/advisories/KPMG-2018-001.txt"
"name": "https://www.kpmg.de/noindex/advisories/KPMG-2018-001.txt",
"refsource": "MISC",
"url": "https://www.kpmg.de/noindex/advisories/KPMG-2018-001.txt"
}
]
}

62
2018/20xxx/CVE-2018-20230.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20230",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20230",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact."
"lang": "eng",
"value": "An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1660318",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1660318"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1660318",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660318"
}
]
}

22
2018/20xxx/CVE-2018-20258.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20258",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20258",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

64
2018/9xxx/CVE-2018-9070.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@lenovo.com",
"DATE_PUBLIC" : "2018-07-13T00:00:00",
"ID" : "CVE-2018-9070",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2018-07-13T00:00:00",
"ID": "CVE-2018-9070",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Lenovo Smart Assistant",
"version" : {
"version_data" : [
"product_name": "Lenovo Smart Assistant",
"version": {
"version_data": [
{
"version_value" : "Earlier than 12.1.82"
"version_value": "Earlier than 12.1.82"
}
]
}
}
]
},
"vendor_name" : "Lenovo Group Ltd."
"vendor_name": "Lenovo Group Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides extra privileges, including changing settings and running code. Lenovo Smart Assistant is an Amazon Alexa-enabled smart speaker developed by Lenovo."
"lang": "eng",
"value": "For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides extra privileges, including changing settings and running code. Lenovo Smart Assistant is an Amazon Alexa-enabled smart speaker developed by Lenovo."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Root access of the device"
"lang": "eng",
"value": "Root access of the device"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.lenovo.com/us/en/solutions/LEN-22172",
"refsource" : "CONFIRM",
"url" : "https://support.lenovo.com/us/en/solutions/LEN-22172"
"name": "https://support.lenovo.com/us/en/solutions/LEN-22172",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-22172"
}
]
}

68
2018/9xxx/CVE-2018-9238.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9238",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9238",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "proberv.php in Yahei-PHP Proberv 0.4.7 has XSS via the funName parameter."
"lang": "eng",
"value": "proberv.php in Yahei-PHP Proberv 0.4.7 has XSS via the funName parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "44424",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/44424/"
"name": "44424",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/44424/"
},
{
"name" : "https://pastebin.com/ia7U4vi9",
"refsource" : "MISC",
"url" : "https://pastebin.com/ia7U4vi9"
"name": "https://pastebin.com/ia7U4vi9",
"refsource": "MISC",
"url": "https://pastebin.com/ia7U4vi9"
}
]
}

22
2018/9xxx/CVE-2018-9624.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9624",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9624",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/9xxx/CVE-2018-9743.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9743",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9743",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}