From 0dc6f8f892ea34025111f2da08541ff090f3ad80 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 06:30:22 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/2xxx/CVE-2006-2783.json | 710 +++++++-------- 2006/2xxx/CVE-2006-2937.json | 1530 ++++++++++++++++---------------- 2006/2xxx/CVE-2006-2939.json | 34 +- 2006/3xxx/CVE-2006-3302.json | 130 +-- 2006/3xxx/CVE-2006-3439.json | 220 ++--- 2006/3xxx/CVE-2006-3465.json | 540 +++++------ 2006/3xxx/CVE-2006-3631.json | 350 ++++---- 2006/3xxx/CVE-2006-3746.json | 470 +++++----- 2006/3xxx/CVE-2006-3837.json | 160 ++-- 2006/4xxx/CVE-2006-4447.json | 280 +++--- 2006/6xxx/CVE-2006-6023.json | 150 ++-- 2006/6xxx/CVE-2006-6430.json | 160 ++-- 2006/6xxx/CVE-2006-6896.json | 140 +-- 2011/0xxx/CVE-2011-0083.json | 270 +++--- 2011/0xxx/CVE-2011-0449.json | 170 ++-- 2011/0xxx/CVE-2011-0658.json | 130 +-- 2011/1xxx/CVE-2011-1119.json | 160 ++-- 2011/1xxx/CVE-2011-1187.json | 220 ++--- 2011/1xxx/CVE-2011-1250.json | 150 ++-- 2011/1xxx/CVE-2011-1435.json | 150 ++-- 2011/1xxx/CVE-2011-1799.json | 150 ++-- 2011/1xxx/CVE-2011-1947.json | 250 +++--- 2011/3xxx/CVE-2011-3357.json | 300 +++---- 2011/3xxx/CVE-2011-3449.json | 130 +-- 2011/3xxx/CVE-2011-3716.json | 140 +-- 2011/3xxx/CVE-2011-3874.json | 160 ++-- 2011/4xxx/CVE-2011-4094.json | 34 +- 2011/4xxx/CVE-2011-4618.json | 190 ++-- 2011/4xxx/CVE-2011-4826.json | 140 +-- 2013/5xxx/CVE-2013-5126.json | 180 ++-- 2014/2xxx/CVE-2014-2016.json | 130 +-- 2014/2xxx/CVE-2014-2030.json | 34 +- 2014/2xxx/CVE-2014-2164.json | 120 +-- 2014/2xxx/CVE-2014-2422.json | 170 ++-- 2014/2xxx/CVE-2014-2945.json | 34 +- 2014/3xxx/CVE-2014-3160.json | 190 ++-- 2014/6xxx/CVE-2014-6173.json | 140 +-- 2014/6xxx/CVE-2014-6508.json | 150 ++-- 2014/7xxx/CVE-2014-7096.json | 34 +- 2014/7xxx/CVE-2014-7461.json | 140 +-- 2017/0xxx/CVE-2017-0021.json | 140 +-- 2017/0xxx/CVE-2017-0481.json | 186 ++-- 2017/0xxx/CVE-2017-0542.json | 168 ++-- 2017/0xxx/CVE-2017-0833.json | 162 ++-- 2017/0xxx/CVE-2017-0895.json | 130 +-- 2017/0xxx/CVE-2017-0930.json | 122 +-- 2017/18xxx/CVE-2017-18026.json | 170 ++-- 2017/18xxx/CVE-2017-18148.json | 34 +- 2017/18xxx/CVE-2017-18252.json | 130 +-- 2017/1xxx/CVE-2017-1116.json | 172 ++-- 2017/1xxx/CVE-2017-1312.json | 288 +++--- 2017/1xxx/CVE-2017-1377.json | 142 +-- 2017/1xxx/CVE-2017-1487.json | 142 +-- 2017/1xxx/CVE-2017-1821.json | 34 +- 2017/5xxx/CVE-2017-5589.json | 160 ++-- 55 files changed, 5560 insertions(+), 5560 deletions(-) diff --git a/2006/2xxx/CVE-2006-2783.json b/2006/2xxx/CVE-2006-2783.json index f8d6e6742be..f3c09c13a7e 100644 --- a/2006/2xxx/CVE-2006-2783.json +++ b/2006/2xxx/CVE-2006-2783.json @@ -1,357 +1,357 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2783", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2783", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060602 rPSA-2006-0091-1 firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435795/100/0/threaded" - }, - { - "name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-42.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-42.html" - }, - { - "name" : "http://support.apple.com/kb/HT3613", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3613" - }, - { - "name" : "APPLE-SA-2008-07-11", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html" - }, - { - "name" : "APPLE-SA-2009-06-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" - }, - { - "name" : "DSA-1118", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1118" - }, - { - "name" : "DSA-1120", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1120" - }, - { - "name" : "DSA-1134", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1134" - }, - { - "name" : "GLSA-200606-12", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" - }, - { - "name" : "GLSA-200606-21", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/446658/100/200/threaded" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/446658/100/200/threaded" - }, - { - "name" : "HPSBUX02156", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/446657/100/200/threaded" - }, - { - "name" : "SSRT061236", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/446657/100/200/threaded" - }, - { - "name" : "MDKSA-2006:143", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" - }, - { - "name" : "MDKSA-2006:145", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" - }, - { - "name" : "MDKSA-2006:146", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" - }, - { - "name" : "RHSA-2006:0578", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0578.html" - }, - { - "name" : "RHSA-2006:0610", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0610.html" - }, - { - "name" : "RHSA-2006:0611", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0611.html" - }, - { - "name" : "RHSA-2006:0609", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2006-0609.html" - }, - { - "name" : "RHSA-2006:0594", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0594.html" - }, - { - "name" : "SUSE-SA:2006:035", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" - }, - { - "name" : "USN-296-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/296-1/" - }, - { - "name" : "USN-297-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/297-1/" - }, - { - "name" : "USN-296-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/296-2/" - }, - { - "name" : "USN-297-3", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/297-3/" - }, - { - "name" : "USN-323-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/323-1/" - }, - { - "name" : "18228", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18228" - }, - { - "name" : "oval:org.mitre.oval:def:10772", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10772" - }, - { - "name" : "35379", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35379" - }, - { - "name" : "ADV-2006-2106", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2106" - }, - { - "name" : "ADV-2006-3748", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3748" - }, - { - "name" : "ADV-2006-3749", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3749" - }, - { - "name" : "ADV-2008-0083", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0083" - }, - { - "name" : "ADV-2008-2094", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2094/references" - }, - { - "name" : "1016202", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016202" - }, - { - "name" : "1016214", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016214" - }, - { - "name" : "20376", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20376" - }, - { - "name" : "20382", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20382" - }, - { - "name" : "20561", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20561" - }, - { - "name" : "20709", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20709" - }, - { - "name" : "21134", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21134" - }, - { - "name" : "21183", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21183" - }, - { - "name" : "21176", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21176" - }, - { - "name" : "21178", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21178" - }, - { - "name" : "21188", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21188" - }, - { - "name" : "21210", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21210" - }, - { - "name" : "21269", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21269" - }, - { - "name" : "21270", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21270" - }, - { - "name" : "21336", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21336" - }, - { - "name" : "21324", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21324" - }, - { - "name" : "21532", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21532" - }, - { - "name" : "21607", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21607" - }, - { - "name" : "21631", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21631" - }, - { - "name" : "22065", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22065" - }, - { - "name" : "22066", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22066" - }, - { - "name" : "31074", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31074" - }, - { - "name" : "ADV-2009-1522", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1522" - }, - { - "name" : "mozilla-bom-utf8-xss(26852)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26852" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox and Thunderbird before 1.5.0.4 strip the Unicode Byte-order-Mark (BOM) from a UTF-8 page before the page is passed to the parser, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a BOM sequence in the middle of a dangerous tag such as SCRIPT." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20709", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20709" + }, + { + "name": "21176", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21176" + }, + { + "name": "MDKSA-2006:145", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" + }, + { + "name": "ADV-2006-3748", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3748" + }, + { + "name": "USN-297-3", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/297-3/" + }, + { + "name": "USN-296-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/296-1/" + }, + { + "name": "USN-323-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/323-1/" + }, + { + "name": "20561", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20561" + }, + { + "name": "APPLE-SA-2009-06-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html" + }, + { + "name": "21210", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21210" + }, + { + "name": "RHSA-2006:0594", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html" + }, + { + "name": "21336", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21336" + }, + { + "name": "20382", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20382" + }, + { + "name": "1016214", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016214" + }, + { + "name": "20060602 rPSA-2006-0091-1 firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded" + }, + { + "name": "ADV-2006-3749", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3749" + }, + { + "name": "ADV-2009-1522", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1522" + }, + { + "name": "RHSA-2006:0610", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html" + }, + { + "name": "20376", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20376" + }, + { + "name": "MDKSA-2006:146", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146" + }, + { + "name": "RHSA-2006:0609", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html" + }, + { + "name": "21178", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21178" + }, + { + "name": "1016202", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016202" + }, + { + "name": "21607", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21607" + }, + { + "name": "18228", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18228" + }, + { + "name": "21532", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21532" + }, + { + "name": "21270", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21270" + }, + { + "name": "ADV-2008-0083", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0083" + }, + { + "name": "21188", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21188" + }, + { + "name": "21134", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21134" + }, + { + "name": "21631", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21631" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" + }, + { + "name": "SSRT061236", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" + }, + { + "name": "35379", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35379" + }, + { + "name": "USN-296-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/296-2/" + }, + { + "name": "GLSA-200606-21", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml" + }, + { + "name": "DSA-1118", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1118" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded" + }, + { + "name": "DSA-1120", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1120" + }, + { + "name": "RHSA-2006:0611", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html" + }, + { + "name": "mozilla-bom-utf8-xss(26852)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26852" + }, + { + "name": "APPLE-SA-2008-07-11", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008//Jul/msg00001.html" + }, + { + "name": "HPSBUX02156", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded" + }, + { + "name": "DSA-1134", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1134" + }, + { + "name": "GLSA-200606-12", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" + }, + { + "name": "oval:org.mitre.oval:def:10772", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10772" + }, + { + "name": "21324", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21324" + }, + { + "name": "21183", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21183" + }, + { + "name": "ADV-2008-2094", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2094/references" + }, + { + "name": "22066", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22066" + }, + { + "name": "21269", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21269" + }, + { + "name": "SUSE-SA:2006:035", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" + }, + { + "name": "http://support.apple.com/kb/HT3613", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3613" + }, + { + "name": "USN-297-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/297-1/" + }, + { + "name": "RHSA-2006:0578", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html" + }, + { + "name": "ADV-2006-2106", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2106" + }, + { + "name": "MDKSA-2006:143", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" + }, + { + "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-42.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-42.html" + }, + { + "name": "22065", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22065" + }, + { + "name": "31074", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31074" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2937.json b/2006/2xxx/CVE-2006-2937.json index ed7a7e30568..2138782d035 100644 --- a/2006/2xxx/CVE-2006-2937.json +++ b/2006/2xxx/CVE-2006-2937.json @@ -1,767 +1,767 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2937", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-2937", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070110 VMware ESX server security updates", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456546/100/200/threaded" - }, - { - "name" : "20060928 rPSA-2006-0175-1 openssl openssl-scripts", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/447318/100/0/threaded" - }, - { - "name" : "20060929 rPSA-2006-0175-2 openssl openssl-scripts", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/447393/100/0/threaded" - }, - { - "name" : "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/489739/100/0/threaded" - }, - { - "name" : "20060928 [SECURITY] OpenSSL 0.9.8d and 0.9.7l released", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html" - }, - { - "name" : "[bind-announce] 20061103 Internet Systems Consortium Security Advisory. [revised]", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=bind-announce&m=116253119512445&w=2" - }, - { - "name" : "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", - "refsource" : "MLIST", - "url" : "http://lists.vmware.com/pipermail/security-announce/2008/000008.html" - }, - { - "name" : "http://www.openssl.org/news/secadv_20060928.txt", - "refsource" : "CONFIRM", - "url" : "http://www.openssl.org/news/secadv_20060928.txt" - }, - { - "name" : "http://kolab.org/security/kolab-vendor-notice-11.txt", - "refsource" : "CONFIRM", - "url" : "http://kolab.org/security/kolab-vendor-notice-11.txt" - }, - { - "name" : "http://openvpn.net/changelog.html", - "refsource" : "CONFIRM", - "url" : "http://openvpn.net/changelog.html" - }, - { - "name" : "http://www.serv-u.com/releasenotes/", - "refsource" : "CONFIRM", - "url" : "http://www.serv-u.com/releasenotes/" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm" - }, - { - "name" : "http://www.arkoon.fr/upload/alertes/37AK-2006-06-FR-1.1_FAST360_OPENSSL_ASN1.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.arkoon.fr/upload/alertes/37AK-2006-06-FR-1.1_FAST360_OPENSSL_ASN1.pdf" - }, - { - "name" : "http://www.arkoon.fr/upload/alertes/41AK-2006-08-FR-1.1_SSL360_OPENSSL_ASN1.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.arkoon.fr/upload/alertes/41AK-2006-08-FR-1.1_SSL360_OPENSSL_ASN1.pdf" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=304829", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=304829" - }, - { - "name" : "http://www.f-secure.com/security/fsc-2006-6.shtml", - "refsource" : "CONFIRM", - "url" : "http://www.f-secure.com/security/fsc-2006-6.shtml" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm" - }, - { - "name" : "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html" - }, - { - "name" : "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html" - }, - { - "name" : "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html" - }, - { - "name" : "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html" - }, - { - "name" : "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html" - }, - { - "name" : "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html" - }, - { - "name" : "http://issues.rpath.com/browse/RPL-613", - "refsource" : "CONFIRM", - "url" : "http://issues.rpath.com/browse/RPL-613" - }, - { - "name" : "http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2008-0005.html" - }, - { - "name" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" - }, - { - "name" : "http://www.vmware.com/support/player/doc/releasenotes_player.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/player/doc/releasenotes_player.html" - }, - { - "name" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" - }, - { - "name" : "http://www.vmware.com/support/server/doc/releasenotes_server.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/server/doc/releasenotes_server.html" - }, - { - "name" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" - }, - { - "name" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" - }, - { - "name" : "http://support.attachmate.com/techdocs/2374.html", - "refsource" : "CONFIRM", - "url" : "http://support.attachmate.com/techdocs/2374.html" - }, - { - "name" : "APPLE-SA-2006-11-28", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html" - }, - { - "name" : "20061108 Multiple Vulnerabilities in OpenSSL library", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml" - }, - { - "name" : "20061108 Multiple Vulnerabilities in OpenSSL Library", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html" - }, - { - "name" : "DSA-1185", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1185" - }, - { - "name" : "FreeBSD-SA-06:23.openssl", - "refsource" : "FREEBSD", - "url" : "http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc" - }, - { - "name" : "GLSA-200610-11", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200610-11.xml" - }, - { - "name" : "GLSA-200612-11", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml" - }, - { - "name" : "HPSBUX02174", - "refsource" : "HP", - "url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100" - }, - { - "name" : "SSRT061239", - "refsource" : "HP", - "url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100" - }, - { - "name" : "HPSBUX02186", - "refsource" : "HP", - "url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540" - }, - { - "name" : "SSRT071299", - "refsource" : "HP", - "url" : "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540" - }, - { - "name" : "HPSBTU02207", - "refsource" : "HP", - "url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" - }, - { - "name" : "SSRT061213", - "refsource" : "HP", - "url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" - }, - { - "name" : "SSRT071304", - "refsource" : "HP", - "url" : "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" - }, - { - "name" : "HPSBMA02250", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771" - }, - { - "name" : "SSRT061275", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771" - }, - { - "name" : "HPSBOV02683", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" - }, - { - "name" : "SSRT090208", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=130497311408250&w=2" - }, - { - "name" : "MDKSA-2006:172", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:172" - }, - { - "name" : "MDKSA-2006:177", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:177" - }, - { - "name" : "MDKSA-2006:178", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:178" - }, - { - "name" : "NetBSD-SA2008-007", - "refsource" : "NETBSD", - "url" : "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc" - }, - { - "name" : "[3.9] 20061007 013: SECURITY FIX: October 7, 2006", - "refsource" : "OPENBSD", - "url" : "http://openbsd.org/errata.html#openssl2" - }, - { - "name" : "OpenPKG-SA-2006.021", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html" - }, - { - "name" : "RHSA-2006:0695", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0695.html" - }, - { - "name" : "RHSA-2008:0629", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0629.html" - }, - { - "name" : "20061001-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc" - }, - { - "name" : "SSA:2006-272-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946" - }, - { - "name" : "102668", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1" - }, - { - "name" : "102747", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1" - }, - { - "name" : "200585", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1" - }, - { - "name" : "201534", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1" - }, - { - "name" : "SUSE-SA:2006:058", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_58_openssl.html" - }, - { - "name" : "SUSE-SR:2006:024", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_24_sr.html" - }, - { - "name" : "2006-0054", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2006/0054" - }, - { - "name" : "USN-353-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-353-1" - }, - { - "name" : "TA06-333A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-333A.html" - }, - { - "name" : "VU#247744", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/247744" - }, - { - "name" : "20248", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20248" - }, - { - "name" : "28276", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28276" - }, - { - "name" : "oval:org.mitre.oval:def:10560", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10560" - }, - { - "name" : "ADV-2006-3820", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3820" - }, - { - "name" : "ADV-2006-3860", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3860" - }, - { - "name" : "ADV-2006-3902", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3902" - }, - { - "name" : "ADV-2006-3869", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3869" - }, - { - "name" : "ADV-2006-3936", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3936" - }, - { - "name" : "ADV-2006-4019", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4019" - }, - { - "name" : "ADV-2006-4036", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4036" - }, - { - "name" : "ADV-2006-4264", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4264" - }, - { - "name" : "ADV-2006-4327", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4327" - }, - { - "name" : "ADV-2006-4329", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4329" - }, - { - "name" : "ADV-2006-4417", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4417" - }, - { - "name" : "ADV-2006-4401", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4401" - }, - { - "name" : "ADV-2006-4750", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4750" - }, - { - "name" : "ADV-2006-4761", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4761" - }, - { - "name" : "ADV-2006-4980", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4980" - }, - { - "name" : "ADV-2007-0343", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0343" - }, - { - "name" : "ADV-2007-1401", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1401" - }, - { - "name" : "ADV-2007-2315", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2315" - }, - { - "name" : "ADV-2007-2783", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2783" - }, - { - "name" : "ADV-2008-0905", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0905/references" - }, - { - "name" : "ADV-2008-2396", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2396" - }, - { - "name" : "29260", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/29260" - }, - { - "name" : "1016943", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016943" - }, - { - "name" : "22130", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22130" - }, - { - "name" : "22094", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22094" - }, - { - "name" : "22165", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22165" - }, - { - "name" : "22186", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22186" - }, - { - "name" : "22193", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22193" - }, - { - "name" : "22207", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22207" - }, - { - "name" : "22259", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22259" - }, - { - "name" : "22260", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22260" - }, - { - "name" : "22166", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22166" - }, - { - "name" : "22172", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22172" - }, - { - "name" : "22212", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22212" - }, - { - "name" : "22240", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22240" - }, - { - "name" : "22216", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22216" - }, - { - "name" : "22116", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22116" - }, - { - "name" : "22220", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22220" - }, - { - "name" : "22284", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22284" - }, - { - "name" : "22330", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22330" - }, - { - "name" : "22385", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22385" - }, - { - "name" : "22460", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22460" - }, - { - "name" : "22544", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22544" - }, - { - "name" : "22626", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22626" - }, - { - "name" : "22487", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22487" - }, - { - "name" : "22671", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22671" - }, - { - "name" : "22758", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22758" - }, - { - "name" : "22799", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22799" - }, - { - "name" : "22772", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22772" - }, - { - "name" : "23038", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23038" - }, - { - "name" : "23155", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23155" - }, - { - "name" : "23131", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23131" - }, - { - "name" : "22298", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22298" - }, - { - "name" : "23309", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23309" - }, - { - "name" : "23280", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23280" - }, - { - "name" : "23340", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23340" - }, - { - "name" : "23351", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23351" - }, - { - "name" : "23680", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23680" - }, - { - "name" : "23915", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23915" - }, - { - "name" : "24950", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24950" - }, - { - "name" : "24930", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24930" - }, - { - "name" : "25889", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25889" - }, - { - "name" : "26329", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26329" - }, - { - "name" : "30124", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30124" - }, - { - "name" : "31531", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31531" - }, - { - "name" : "31492", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31492" - }, - { - "name" : "openssl-asn1-error-dos(29228)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2006:172", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:172" + }, + { + "name": "22212", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22212" + }, + { + "name": "http://support.attachmate.com/techdocs/2374.html", + "refsource": "CONFIRM", + "url": "http://support.attachmate.com/techdocs/2374.html" + }, + { + "name": "ADV-2006-4750", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4750" + }, + { + "name": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/esx21/doc/esx-213-200612-patch.html" + }, + { + "name": "23915", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23915" + }, + { + "name": "201534", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201534-1" + }, + { + "name": "HPSBMA02250", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771" + }, + { + "name": "1016943", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016943" + }, + { + "name": "23038", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23038" + }, + { + "name": "2006-0054", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2006/0054" + }, + { + "name": "23309", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23309" + }, + { + "name": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html" + }, + { + "name": "ADV-2006-4401", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4401" + }, + { + "name": "USN-353-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-353-1" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227" + }, + { + "name": "22116", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22116" + }, + { + "name": "SSRT071304", + "refsource": "HP", + "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-260.htm" + }, + { + "name": "GLSA-200612-11", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml" + }, + { + "name": "22166", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22166" + }, + { + "name": "RHSA-2006:0695", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0695.html" + }, + { + "name": "23340", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23340" + }, + { + "name": "22385", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22385" + }, + { + "name": "SUSE-SR:2006:024", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_24_sr.html" + }, + { + "name": "22758", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22758" + }, + { + "name": "22487", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22487" + }, + { + "name": "SUSE-SA:2006:058", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_58_openssl.html" + }, + { + "name": "22772", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22772" + }, + { + "name": "SSRT071299", + "refsource": "HP", + "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540" + }, + { + "name": "31531", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31531" + }, + { + "name": "http://www.arkoon.fr/upload/alertes/37AK-2006-06-FR-1.1_FAST360_OPENSSL_ASN1.pdf", + "refsource": "CONFIRM", + "url": "http://www.arkoon.fr/upload/alertes/37AK-2006-06-FR-1.1_FAST360_OPENSSL_ASN1.pdf" + }, + { + "name": "FreeBSD-SA-06:23.openssl", + "refsource": "FREEBSD", + "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:23.openssl.asc" + }, + { + "name": "22165", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22165" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=304829", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=304829" + }, + { + "name": "20060928 [SECURITY] OpenSSL 0.9.8d and 0.9.7l released", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049715.html" + }, + { + "name": "SSRT090208", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2" + }, + { + "name": "22220", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22220" + }, + { + "name": "23680", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23680" + }, + { + "name": "http://openvpn.net/changelog.html", + "refsource": "CONFIRM", + "url": "http://openvpn.net/changelog.html" + }, + { + "name": "http://www.vmware.com/support/server/doc/releasenotes_server.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/server/doc/releasenotes_server.html" + }, + { + "name": "25889", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25889" + }, + { + "name": "openssl-asn1-error-dos(29228)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29228" + }, + { + "name": "ADV-2006-4036", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4036" + }, + { + "name": "ADV-2006-4019", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4019" + }, + { + "name": "[3.9] 20061007 013: SECURITY FIX: October 7, 2006", + "refsource": "OPENBSD", + "url": "http://openbsd.org/errata.html#openssl2" + }, + { + "name": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html" + }, + { + "name": "30124", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30124" + }, + { + "name": "22626", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22626" + }, + { + "name": "MDKSA-2006:178", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:178" + }, + { + "name": "23351", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23351" + }, + { + "name": "ADV-2006-3869", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3869" + }, + { + "name": "22671", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22671" + }, + { + "name": "20248", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20248" + }, + { + "name": "22544", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22544" + }, + { + "name": "22298", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22298" + }, + { + "name": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/player2/doc/releasenotes_player2.html" + }, + { + "name": "22130", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22130" + }, + { + "name": "31492", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31492" + }, + { + "name": "ADV-2006-4329", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4329" + }, + { + "name": "22284", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22284" + }, + { + "name": "24930", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24930" + }, + { + "name": "ADV-2006-4327", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4327" + }, + { + "name": "RHSA-2008:0629", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html" + }, + { + "name": "GLSA-200610-11", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200610-11.xml" + }, + { + "name": "23131", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23131" + }, + { + "name": "http://issues.rpath.com/browse/RPL-613", + "refsource": "CONFIRM", + "url": "http://issues.rpath.com/browse/RPL-613" + }, + { + "name": "26329", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26329" + }, + { + "name": "22260", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22260" + }, + { + "name": "http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf", + "refsource": "CONFIRM", + "url": "http://www.xerox.com/downloads/usa/en/c/cert_ESSNetwork_XRX07001_v1.pdf" + }, + { + "name": "ADV-2007-0343", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0343" + }, + { + "name": "ADV-2006-3860", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3860" + }, + { + "name": "23280", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23280" + }, + { + "name": "20060928 rPSA-2006-0175-1 openssl openssl-scripts", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/447318/100/0/threaded" + }, + { + "name": "SSRT061213", + "refsource": "HP", + "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" + }, + { + "name": "http://www.vmware.com/support/player/doc/releasenotes_player.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/player/doc/releasenotes_player.html" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-220.htm" + }, + { + "name": "http://www.f-secure.com/security/fsc-2006-6.shtml", + "refsource": "CONFIRM", + "url": "http://www.f-secure.com/security/fsc-2006-6.shtml" + }, + { + "name": "ADV-2006-4264", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4264" + }, + { + "name": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html" + }, + { + "name": "22193", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22193" + }, + { + "name": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/esx2/doc/esx-202-200612-patch.html" + }, + { + "name": "ADV-2008-2396", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2396" + }, + { + "name": "ADV-2006-4761", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4761" + }, + { + "name": "23155", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23155" + }, + { + "name": "22799", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22799" + }, + { + "name": "200585", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200585-1" + }, + { + "name": "SSA:2006-272-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.676946" + }, + { + "name": "ADV-2006-4417", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4417" + }, + { + "name": "HPSBUX02186", + "refsource": "HP", + "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00849540" + }, + { + "name": "HPSBOV02683", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=130497311408250&w=2" + }, + { + "name": "http://www.serv-u.com/releasenotes/", + "refsource": "CONFIRM", + "url": "http://www.serv-u.com/releasenotes/" + }, + { + "name": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/esx25/doc/esx-254-200612-patch.html" + }, + { + "name": "29260", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/29260" + }, + { + "name": "[bind-announce] 20061103 Internet Systems Consortium Security Advisory. [revised]", + "refsource": "MLIST", + "url": "http://marc.info/?l=bind-announce&m=116253119512445&w=2" + }, + { + "name": "22094", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22094" + }, + { + "name": "22186", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22186" + }, + { + "name": "http://www.openssl.org/news/secadv_20060928.txt", + "refsource": "CONFIRM", + "url": "http://www.openssl.org/news/secadv_20060928.txt" + }, + { + "name": "http://kolab.org/security/kolab-vendor-notice-11.txt", + "refsource": "CONFIRM", + "url": "http://kolab.org/security/kolab-vendor-notice-11.txt" + }, + { + "name": "ADV-2007-2315", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2315" + }, + { + "name": "APPLE-SA-2006-11-28", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html" + }, + { + "name": "TA06-333A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html" + }, + { + "name": "20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/489739/100/0/threaded" + }, + { + "name": "22216", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22216" + }, + { + "name": "ADV-2006-3820", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3820" + }, + { + "name": "[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues", + "refsource": "MLIST", + "url": "http://lists.vmware.com/pipermail/security-announce/2008/000008.html" + }, + { + "name": "HPSBUX02174", + "refsource": "HP", + "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100" + }, + { + "name": "oval:org.mitre.oval:def:10560", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10560" + }, + { + "name": "OpenPKG-SA-2006.021", + "refsource": "OPENPKG", + "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.021-openssl.html" + }, + { + "name": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html" + }, + { + "name": "102747", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102747-1" + }, + { + "name": "VU#247744", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/247744" + }, + { + "name": "ADV-2008-0905", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0905/references" + }, + { + "name": "ADV-2007-1401", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1401" + }, + { + "name": "NetBSD-SA2008-007", + "refsource": "NETBSD", + "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-007.txt.asc" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2008-0005.html" + }, + { + "name": "SSRT061275", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01118771" + }, + { + "name": "20070110 VMware ESX server security updates", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456546/100/200/threaded" + }, + { + "name": "20060929 rPSA-2006-0175-2 openssl openssl-scripts", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/447393/100/0/threaded" + }, + { + "name": "ADV-2006-3936", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3936" + }, + { + "name": "ADV-2006-4980", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4980" + }, + { + "name": "22240", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22240" + }, + { + "name": "22330", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22330" + }, + { + "name": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html" + }, + { + "name": "HPSBTU02207", + "refsource": "HP", + "url": "https://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00967144" + }, + { + "name": "DSA-1185", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1185" + }, + { + "name": "20061001-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc" + }, + { + "name": "http://www.arkoon.fr/upload/alertes/41AK-2006-08-FR-1.1_SSL360_OPENSSL_ASN1.pdf", + "refsource": "CONFIRM", + "url": "http://www.arkoon.fr/upload/alertes/41AK-2006-08-FR-1.1_SSL360_OPENSSL_ASN1.pdf" + }, + { + "name": "22207", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22207" + }, + { + "name": "MDKSA-2006:177", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:177" + }, + { + "name": "20061108 Multiple Vulnerabilities in OpenSSL Library", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/hw/contnetw/ps4162/tsd_products_security_response09186a008077af1b.html" + }, + { + "name": "ADV-2006-3902", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3902" + }, + { + "name": "ADV-2007-2783", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2783" + }, + { + "name": "22259", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22259" + }, + { + "name": "22460", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22460" + }, + { + "name": "22172", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22172" + }, + { + "name": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/support/esx25/doc/esx-253-200612-patch.html" + }, + { + "name": "SSRT061239", + "refsource": "HP", + "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00805100" + }, + { + "name": "28276", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28276" + }, + { + "name": "102668", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1" + }, + { + "name": "20061108 Multiple Vulnerabilities in OpenSSL library", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-sr-20061108-openssl.shtml" + }, + { + "name": "24950", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24950" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2939.json b/2006/2xxx/CVE-2006-2939.json index 15812494e5d..b26070a26f2 100644 --- a/2006/2xxx/CVE-2006-2939.json +++ b/2006/2xxx/CVE-2006-2939.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2939", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2006-2939", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3302.json b/2006/3xxx/CVE-2006-3302.json index 73e8f46b9db..5661b736918 100644 --- a/2006/3xxx/CVE-2006-3302.json +++ b/2006/3xxx/CVE-2006-3302.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3302", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in mod_cbsms.php in CBSMS Mambo Module 1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosC_a_path parameter. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3302", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ADV-2006-2528", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2528" - }, - { - "name" : "cbsms-multiple-scripts-file-include(27374)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27374" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in mod_cbsms.php in CBSMS Mambo Module 1.0 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosC_a_path parameter. NOTE: the provenance of this information is unknown; portions of the details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "cbsms-multiple-scripts-file-include(27374)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27374" + }, + { + "name": "ADV-2006-2528", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2528" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3439.json b/2006/3xxx/CVE-2006-3439.json index 59679fd2357..e1d4c4b86e1 100644 --- a/2006/3xxx/CVE-2006-3439.json +++ b/2006/3xxx/CVE-2006-3439.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3439", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2006-3439", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.dhs.gov/dhspublic/display?content=5789", - "refsource" : "MISC", - "url" : "http://www.dhs.gov/dhspublic/display?content=5789" - }, - { - "name" : "20060814 Mitigating Exploitation of the MS06-040 Service Buffer Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html" - }, - { - "name" : "MS06-040", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-040" - }, - { - "name" : "TA06-220A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-220A.html" - }, - { - "name" : "VU#650769", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/650769" - }, - { - "name" : "19409", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19409" - }, - { - "name" : "ADV-2006-3210", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3210" - }, - { - "name" : "oval:org.mitre.oval:def:492", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A492" - }, - { - "name" : "1016667", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016667" - }, - { - "name" : "21388", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21388" - }, - { - "name" : "ms-server-service-bo(28002)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28002" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.dhs.gov/dhspublic/display?content=5789", + "refsource": "MISC", + "url": "http://www.dhs.gov/dhspublic/display?content=5789" + }, + { + "name": "20060814 Mitigating Exploitation of the MS06-040 Service Buffer Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/ps6120/tsd_products_security_response09186a008070c75a.html" + }, + { + "name": "MS06-040", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-040" + }, + { + "name": "VU#650769", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/650769" + }, + { + "name": "1016667", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016667" + }, + { + "name": "19409", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19409" + }, + { + "name": "TA06-220A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-220A.html" + }, + { + "name": "oval:org.mitre.oval:def:492", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A492" + }, + { + "name": "ms-server-service-bo(28002)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28002" + }, + { + "name": "ADV-2006-3210", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3210" + }, + { + "name": "21388", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21388" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3465.json b/2006/3xxx/CVE-2006-3465.json index 5f0be8908c5..74e01236f3d 100644 --- a/2006/3xxx/CVE-2006-3465.json +++ b/2006/3xxx/CVE-2006-3465.json @@ -1,272 +1,272 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3465", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-3465", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=304063", - "refsource" : "MISC", - "url" : "http://docs.info.apple.com/article.html?artnum=304063" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-558", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-558" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm" - }, - { - "name" : "APPLE-SA-2006-08-01", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html" - }, - { - "name" : "DSA-1137", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1137" - }, - { - "name" : "GLSA-200608-07", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml" - }, - { - "name" : "MDKSA-2006:137", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:137" - }, - { - "name" : "RHSA-2006:0603", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0603.html" - }, - { - "name" : "RHSA-2006:0648", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0648.html" - }, - { - "name" : "20060801-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P" - }, - { - "name" : "20060901-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc" - }, - { - "name" : "SSA:2006-230-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600" - }, - { - "name" : "103160", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1" - }, - { - "name" : "201331", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1" - }, - { - "name" : "SUSE-SA:2006:044", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_44_libtiff.html" - }, - { - "name" : "2006-0044", - "refsource" : "TRUSTIX", - "url" : "http://lwn.net/Alerts/194228/" - }, - { - "name" : "USN-330-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-330-1" - }, - { - "name" : "TA06-214A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-214A.html" - }, - { - "name" : "19287", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19287" - }, - { - "name" : "19289", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19289" - }, - { - "name" : "oval:org.mitre.oval:def:9067", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9067" - }, - { - "name" : "ADV-2006-3101", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3101" - }, - { - "name" : "ADV-2006-3105", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3105" - }, - { - "name" : "ADV-2007-4034", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4034" - }, - { - "name" : "27729", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/27729" - }, - { - "name" : "1016628", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016628" - }, - { - "name" : "1016671", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016671" - }, - { - "name" : "21253", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21253" - }, - { - "name" : "21370", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21370" - }, - { - "name" : "21274", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21274" - }, - { - "name" : "21290", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21290" - }, - { - "name" : "21334", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21334" - }, - { - "name" : "21392", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21392" - }, - { - "name" : "21501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21501" - }, - { - "name" : "21537", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21537" - }, - { - "name" : "21632", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21632" - }, - { - "name" : "21598", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21598" - }, - { - "name" : "22036", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22036" - }, - { - "name" : "21304", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21304" - }, - { - "name" : "21319", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21319" - }, - { - "name" : "21338", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21338" - }, - { - "name" : "21346", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21346" - }, - { - "name" : "27832", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27832" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060801-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P" + }, + { + "name": "APPLE-SA-2006-08-01", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html" + }, + { + "name": "21501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21501" + }, + { + "name": "oval:org.mitre.oval:def:9067", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9067" + }, + { + "name": "21537", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21537" + }, + { + "name": "21632", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21632" + }, + { + "name": "GLSA-200608-07", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml" + }, + { + "name": "21338", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21338" + }, + { + "name": "USN-330-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-330-1" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm" + }, + { + "name": "ADV-2006-3101", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3101" + }, + { + "name": "1016628", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016628" + }, + { + "name": "21253", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21253" + }, + { + "name": "DSA-1137", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1137" + }, + { + "name": "21370", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21370" + }, + { + "name": "1016671", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016671" + }, + { + "name": "21598", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21598" + }, + { + "name": "RHSA-2006:0648", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0648.html" + }, + { + "name": "MDKSA-2006:137", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:137" + }, + { + "name": "19289", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19289" + }, + { + "name": "ADV-2007-4034", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4034" + }, + { + "name": "TA06-214A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-214A.html" + }, + { + "name": "SUSE-SA:2006:044", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_44_libtiff.html" + }, + { + "name": "21290", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21290" + }, + { + "name": "21274", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21274" + }, + { + "name": "ADV-2006-3105", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3105" + }, + { + "name": "27729", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/27729" + }, + { + "name": "RHSA-2006:0603", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0603.html" + }, + { + "name": "20060901-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc" + }, + { + "name": "21304", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21304" + }, + { + "name": "SSA:2006-230-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=304063", + "refsource": "MISC", + "url": "http://docs.info.apple.com/article.html?artnum=304063" + }, + { + "name": "https://issues.rpath.com/browse/RPL-558", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-558" + }, + { + "name": "27832", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27832" + }, + { + "name": "21346", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21346" + }, + { + "name": "201331", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1" + }, + { + "name": "19287", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19287" + }, + { + "name": "21319", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21319" + }, + { + "name": "21392", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21392" + }, + { + "name": "21334", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21334" + }, + { + "name": "22036", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22036" + }, + { + "name": "2006-0044", + "refsource": "TRUSTIX", + "url": "http://lwn.net/Alerts/194228/" + }, + { + "name": "103160", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3631.json b/2006/3xxx/CVE-2006-3631.json index f91eeb9eec4..bb54222204a 100644 --- a/2006/3xxx/CVE-2006-3631.json +++ b/2006/3xxx/CVE-2006-3631.json @@ -1,177 +1,177 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3631", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-3631", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060719 rPSA-2006-0132-1 tshark wireshark", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/440576/100/0/threaded" - }, - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2006-01.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2006-01.html" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-197.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-197.htm" - }, - { - "name" : "DSA-1127", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1127" - }, - { - "name" : "GLSA-200607-09", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200607-09.xml" - }, - { - "name" : "MDKSA-2006:128", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:128" - }, - { - "name" : "RHSA-2006:0602", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2006-0602.html" - }, - { - "name" : "20060801-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P" - }, - { - "name" : "SUSE-SR:2006:020", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_20_sr.html" - }, - { - "name" : "19051", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19051" - }, - { - "name" : "oval:org.mitre.oval:def:11476", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11476" - }, - { - "name" : "ADV-2006-2850", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2850" - }, - { - "name" : "27370", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/27370" - }, - { - "name" : "1016532", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016532" - }, - { - "name" : "21078", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21078" - }, - { - "name" : "21107", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21107" - }, - { - "name" : "21121", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21121" - }, - { - "name" : "21204", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21204" - }, - { - "name" : "21249", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21249" - }, - { - "name" : "21488", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21488" - }, - { - "name" : "21598", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21598" - }, - { - "name" : "22089", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22089" - }, - { - "name" : "21467", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21467" - }, - { - "name" : "wireshark-ssh-dos(27829)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27829" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060801-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P" + }, + { + "name": "RHSA-2006:0602", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2006-0602.html" + }, + { + "name": "SUSE-SR:2006:020", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_20_sr.html" + }, + { + "name": "21121", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21121" + }, + { + "name": "1016532", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016532" + }, + { + "name": "21078", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21078" + }, + { + "name": "GLSA-200607-09", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200607-09.xml" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-197.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-197.htm" + }, + { + "name": "21598", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21598" + }, + { + "name": "21467", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21467" + }, + { + "name": "22089", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22089" + }, + { + "name": "21204", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21204" + }, + { + "name": "20060719 rPSA-2006-0132-1 tshark wireshark", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/440576/100/0/threaded" + }, + { + "name": "wireshark-ssh-dos(27829)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27829" + }, + { + "name": "ADV-2006-2850", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2850" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2006-01.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2006-01.html" + }, + { + "name": "27370", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/27370" + }, + { + "name": "DSA-1127", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1127" + }, + { + "name": "21107", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21107" + }, + { + "name": "21249", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21249" + }, + { + "name": "MDKSA-2006:128", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:128" + }, + { + "name": "21488", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21488" + }, + { + "name": "oval:org.mitre.oval:def:11476", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11476" + }, + { + "name": "19051", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19051" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3746.json b/2006/3xxx/CVE-2006-3746.json index 29ae901eb3a..621fa4ac463 100644 --- a/2006/3xxx/CVE-2006-3746.json +++ b/2006/3xxx/CVE-2006-3746.json @@ -1,237 +1,237 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3746", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-3746", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060802 rPSA-2006-0143-1 gnupg", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/442012/100/0/threaded" - }, - { - "name" : "20060808 ERRATA: [ GLSA 200608-08 ] GnuPG: Integer overflow vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/442621/100/100/threaded" - }, - { - "name" : "[Dailydave] 20060721 GnuPG 1.4.4 fun", - "refsource" : "MLIST", - "url" : "http://lists.immunitysec.com/pipermail/dailydave/2006-July/003354.html" - }, - { - "name" : "[Gnupg-devel] 20060725 Re: [Dailydave] GnuPG 1.4.4 fun", - "refsource" : "MLIST", - "url" : "http://www.gossamer-threads.com/lists/gnupg/devel/37623" - }, - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200502", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200502" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi/gnupg.CVE-2006-3746.diff?bug=381204;msg=15;att=1", - "refsource" : "MISC", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi/gnupg.CVE-2006-3746.diff?bug=381204;msg=15;att=1" - }, - { - "name" : "http://issues.rpath.com/browse/RPL-560", - "refsource" : "MISC", - "url" : "http://issues.rpath.com/browse/RPL-560" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-164.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-164.htm" - }, - { - "name" : "DSA-1140", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1140" - }, - { - "name" : "DSA-1141", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1141" - }, - { - "name" : "GLSA-200608-08", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200608-08.xml" - }, - { - "name" : "MDKSA-2006:141", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:141" - }, - { - "name" : "RHSA-2006:0615", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0615.html" - }, - { - "name" : "20060801-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P" - }, - { - "name" : "SUSE-SR:2006:020", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_20_sr.html" - }, - { - "name" : "2006-0044", - "refsource" : "TRUSTIX", - "url" : "http://lwn.net/Alerts/194228/" - }, - { - "name" : "USN-332-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-332-1" - }, - { - "name" : "19110", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19110" - }, - { - "name" : "oval:org.mitre.oval:def:11347", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11347" - }, - { - "name" : "ADV-2006-3123", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3123" - }, - { - "name" : "27664", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/27664" - }, - { - "name" : "1016622", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016622" - }, - { - "name" : "21306", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21306" - }, - { - "name" : "21329", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21329" - }, - { - "name" : "21378", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21378" - }, - { - "name" : "21351", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21351" - }, - { - "name" : "21297", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21297" - }, - { - "name" : "21333", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21333" - }, - { - "name" : "21326", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21326" - }, - { - "name" : "21300", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21300" - }, - { - "name" : "21522", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21522" - }, - { - "name" : "21524", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21524" - }, - { - "name" : "21598", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21598" - }, - { - "name" : "21346", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21346" - }, - { - "name" : "21467", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21467" - }, - { - "name" : "gnupg-parsecomment-bo(28220)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28220" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in parse_comment in GnuPG (gpg) 1.4.4 allows remote attackers to cause a denial of service (segmentation fault) via a crafted message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060801-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P" + }, + { + "name": "21329", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21329" + }, + { + "name": "RHSA-2006:0615", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0615.html" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi/gnupg.CVE-2006-3746.diff?bug=381204;msg=15;att=1", + "refsource": "MISC", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi/gnupg.CVE-2006-3746.diff?bug=381204;msg=15;att=1" + }, + { + "name": "21297", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21297" + }, + { + "name": "ADV-2006-3123", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3123" + }, + { + "name": "SUSE-SR:2006:020", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_20_sr.html" + }, + { + "name": "oval:org.mitre.oval:def:11347", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11347" + }, + { + "name": "21300", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21300" + }, + { + "name": "21326", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21326" + }, + { + "name": "http://issues.rpath.com/browse/RPL-560", + "refsource": "MISC", + "url": "http://issues.rpath.com/browse/RPL-560" + }, + { + "name": "21598", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21598" + }, + { + "name": "gnupg-parsecomment-bo(28220)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28220" + }, + { + "name": "21467", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21467" + }, + { + "name": "DSA-1140", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1140" + }, + { + "name": "19110", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19110" + }, + { + "name": "21351", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21351" + }, + { + "name": "21522", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21522" + }, + { + "name": "21333", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21333" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-164.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-164.htm" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200502", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=200502" + }, + { + "name": "[Gnupg-devel] 20060725 Re: [Dailydave] GnuPG 1.4.4 fun", + "refsource": "MLIST", + "url": "http://www.gossamer-threads.com/lists/gnupg/devel/37623" + }, + { + "name": "MDKSA-2006:141", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:141" + }, + { + "name": "[Dailydave] 20060721 GnuPG 1.4.4 fun", + "refsource": "MLIST", + "url": "http://lists.immunitysec.com/pipermail/dailydave/2006-July/003354.html" + }, + { + "name": "USN-332-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-332-1" + }, + { + "name": "21378", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21378" + }, + { + "name": "1016622", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016622" + }, + { + "name": "27664", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/27664" + }, + { + "name": "21346", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21346" + }, + { + "name": "20060808 ERRATA: [ GLSA 200608-08 ] GnuPG: Integer overflow vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/442621/100/100/threaded" + }, + { + "name": "GLSA-200608-08", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200608-08.xml" + }, + { + "name": "DSA-1141", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1141" + }, + { + "name": "20060802 rPSA-2006-0143-1 gnupg", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/442012/100/0/threaded" + }, + { + "name": "21306", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21306" + }, + { + "name": "21524", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21524" + }, + { + "name": "2006-0044", + "refsource": "TRUSTIX", + "url": "http://lwn.net/Alerts/194228/" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3837.json b/2006/3xxx/CVE-2006-3837.json index 5f65103b143..705222dceb6 100644 --- a/2006/3xxx/CVE-2006-3837.json +++ b/2006/3xxx/CVE-2006-3837.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3837", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "delcookie.php in Professional Home Page Tools Guestbook changes the expiration date of a cookie instead of deleting the cookie's value, which makes it easier for attackers to steal the cookie and obtain the administrator's password hash after logout." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3837", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060717 Professional PHP Tools Guestbook Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/440421/100/0/threaded" - }, - { - "name" : "http://artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txt", - "refsource" : "MISC", - "url" : "http://artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txt" - }, - { - "name" : "21102", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21102" - }, - { - "name" : "1275", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1275" - }, - { - "name" : "phptguestbook-setcookie-insecure-cookie(27775)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27775" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "delcookie.php in Professional Home Page Tools Guestbook changes the expiration date of a cookie instead of deleting the cookie's value, which makes it easier for attackers to steal the cookie and obtain the administrator's password hash after logout." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1275", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1275" + }, + { + "name": "http://artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txt", + "refsource": "MISC", + "url": "http://artemis.abenteuer-mittelerde.de/pub/adv02-phptgb.txt" + }, + { + "name": "20060717 Professional PHP Tools Guestbook Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/440421/100/0/threaded" + }, + { + "name": "phptguestbook-setcookie-insecure-cookie(27775)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27775" + }, + { + "name": "21102", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21102" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4447.json b/2006/4xxx/CVE-2006-4447.json index 19a7262cae5..b50f1b9ca2d 100644 --- a/2006/4xxx/CVE-2006-4447.json +++ b/2006/4xxx/CVE-2006-4447.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4447", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4447", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[xorg] 20060620 X.Org security advisory: setuid return value check problems", - "refsource" : "MLIST", - "url" : "http://lists.freedesktop.org/archives/xorg/2006-June/016146.html" - }, - { - "name" : "[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1", - "refsource" : "MLIST", - "url" : "http://mail.gnome.org/archives/beast/2006-December/msg00025.html" - }, - { - "name" : "DSA-1193", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1193" - }, - { - "name" : "GLSA-200608-25", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200608-25.xml" - }, - { - "name" : "GLSA-200704-22", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200704-22.xml" - }, - { - "name" : "MDKSA-2006:160", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:160" - }, - { - "name" : "VU#300368", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/300368" - }, - { - "name" : "19742", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19742" - }, - { - "name" : "23697", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23697" - }, - { - "name" : "ADV-2006-3409", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3409" - }, - { - "name" : "ADV-2007-0409", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0409" - }, - { - "name" : "21650", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21650" - }, - { - "name" : "21660", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21660" - }, - { - "name" : "21693", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21693" - }, - { - "name" : "22332", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22332" - }, - { - "name" : "25032", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25032" - }, - { - "name" : "25059", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25059" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21660", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21660" + }, + { + "name": "MDKSA-2006:160", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:160" + }, + { + "name": "[xorg] 20060620 X.Org security advisory: setuid return value check problems", + "refsource": "MLIST", + "url": "http://lists.freedesktop.org/archives/xorg/2006-June/016146.html" + }, + { + "name": "VU#300368", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/300368" + }, + { + "name": "ADV-2006-3409", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3409" + }, + { + "name": "21693", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21693" + }, + { + "name": "DSA-1193", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1193" + }, + { + "name": "GLSA-200704-22", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200704-22.xml" + }, + { + "name": "22332", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22332" + }, + { + "name": "ADV-2007-0409", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0409" + }, + { + "name": "GLSA-200608-25", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200608-25.xml" + }, + { + "name": "23697", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23697" + }, + { + "name": "25059", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25059" + }, + { + "name": "25032", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25032" + }, + { + "name": "[beast] 20061228 ANNOUNCE: BEAST/BSE v0.7.1", + "refsource": "MLIST", + "url": "http://mail.gnome.org/archives/beast/2006-December/msg00025.html" + }, + { + "name": "19742", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19742" + }, + { + "name": "21650", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21650" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6023.json b/2006/6xxx/CVE-2006-6023.json index 8072eb75c33..acbf2675a91 100644 --- a/2006/6xxx/CVE-2006-6023.json +++ b/2006/6xxx/CVE-2006-6023.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6023", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** PHP remote file inclusion vulnerability in phoo.base.php in Bill Roberts Bloo 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the descriptorFileList parameter. NOTE: this issue is disputed by CVE since $descriptorFileList is used in a function definition within phoo.base.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6023", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061116 Bloo => 1.00 Remote File Include Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/451818/100/0/threaded" - }, - { - "name" : "20061121 CVE dispute for Bloo RFI", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2006-November/001137.html" - }, - { - "name" : "1893", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1893" - }, - { - "name" : "bloo-base-file-include(30336)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30336" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** PHP remote file inclusion vulnerability in phoo.base.php in Bill Roberts Bloo 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the descriptorFileList parameter. NOTE: this issue is disputed by CVE since $descriptorFileList is used in a function definition within phoo.base.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "bloo-base-file-include(30336)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30336" + }, + { + "name": "20061121 CVE dispute for Bloo RFI", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2006-November/001137.html" + }, + { + "name": "20061116 Bloo => 1.00 Remote File Include Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/451818/100/0/threaded" + }, + { + "name": "1893", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1893" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6430.json b/2006/6xxx/CVE-2006-6430.json index b8da59cf82f..6a3bf14ff4a 100644 --- a/2006/6xxx/CVE-2006-6430.json +++ b/2006/6xxx/CVE-2006-6430.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6430", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6430", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf" - }, - { - "name" : "21365", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21365" - }, - { - "name" : "ADV-2006-4791", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4791" - }, - { - "name" : "23265", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23265" - }, - { - "name" : "xerox-https-security-bypass(30679)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30679" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Web services in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000 do not require HTTPS, which allows remote attackers to obtain sensitive information by sniffing the unencrypted HTTP traffic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf", + "refsource": "CONFIRM", + "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX06_006_v1b.pdf" + }, + { + "name": "xerox-https-security-bypass(30679)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30679" + }, + { + "name": "23265", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23265" + }, + { + "name": "21365", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21365" + }, + { + "name": "ADV-2006-4791", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4791" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6896.json b/2006/6xxx/CVE-2006-6896.json index 9e8d86cb6a8..b88c9a5f500 100644 --- a/2006/6xxx/CVE-2006-6896.json +++ b/2006/6xxx/CVE-2006-6896.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6896", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Bluetooth stack in the Plantronic Headset does not properly implement Non-pairable mode, which allows remote attackers to conduct unauthorized pair-up operations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6896", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/455889/100/0/threaded" - }, - { - "name" : "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf", - "refsource" : "MISC", - "url" : "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf" - }, - { - "name" : "37586", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37586" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Bluetooth stack in the Plantronic Headset does not properly implement Non-pairable mode, which allows remote attackers to conduct unauthorized pair-up operations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf", + "refsource": "MISC", + "url": "http://events.ccc.de/congress/2006-mediawiki//images/f/fb/23c3_Bluetooh_revisited.pdf" + }, + { + "name": "20070104 23C3 - Bluetooth hacking revisted [Summary and Code]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/455889/100/0/threaded" + }, + { + "name": "37586", + "refsource": "OSVDB", + "url": "http://osvdb.org/37586" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0083.json b/2011/0xxx/CVE-2011-0083.json index b66f27dcd61..511773f59ae 100644 --- a/2011/0xxx/CVE-2011-0083.json +++ b/2011/0xxx/CVE-2011-0083.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0083", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0083", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-23.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-23.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=648090", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=648090" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100144854", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100144854" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100145333", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100145333" - }, - { - "name" : "DSA-2268", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2268" - }, - { - "name" : "DSA-2269", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2269" - }, - { - "name" : "DSA-2273", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2273" - }, - { - "name" : "MDVSA-2011:111", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:111" - }, - { - "name" : "RHSA-2011:0885", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0885.html" - }, - { - "name" : "RHSA-2011:0886", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0886.html" - }, - { - "name" : "RHSA-2011:0887", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0887.html" - }, - { - "name" : "RHSA-2011:0888", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0888.html" - }, - { - "name" : "SUSE-SA:2011:028", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html" - }, - { - "name" : "USN-1149-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1149-1" - }, - { - "name" : "oval:org.mitre.oval:def:13543", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13543" - }, - { - "name" : "45002", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/45002" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:13543", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13543" + }, + { + "name": "MDVSA-2011:111", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:111" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=648090", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=648090" + }, + { + "name": "45002", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/45002" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100145333", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100145333" + }, + { + "name": "USN-1149-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1149-1" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100144854", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100144854" + }, + { + "name": "RHSA-2011:0887", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0887.html" + }, + { + "name": "RHSA-2011:0885", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0885.html" + }, + { + "name": "DSA-2268", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2268" + }, + { + "name": "RHSA-2011:0888", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0888.html" + }, + { + "name": "DSA-2269", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2269" + }, + { + "name": "SUSE-SA:2011:028", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00001.html" + }, + { + "name": "RHSA-2011:0886", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0886.html" + }, + { + "name": "DSA-2273", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2273" + }, + { + "name": "http://www.mozilla.org/security/announce/2011/mfsa2011-23.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-23.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0449.json b/2011/0xxx/CVE-2011-0449.json index f529294a0c9..e40d38e54a4 100644 --- a/2011/0xxx/CVE-2011-0449.json +++ b/2011/0xxx/CVE-2011-0449.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0449", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0449", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[rubyonrails-security] 20110209 Filter Problems on Case-Insensitive Filesystems", - "refsource" : "MLIST", - "url" : "http://groups.google.com/group/rubyonrails-security/msg/04345b2e84df5b4f?dmode=source&output=gplain" - }, - { - "name" : "http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4", - "refsource" : "CONFIRM", - "url" : "http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4" - }, - { - "name" : "FEDORA-2011-4358", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html" - }, - { - "name" : "1025061", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1025061" - }, - { - "name" : "43278", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43278" - }, - { - "name" : "ADV-2011-0877", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1025061", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1025061" + }, + { + "name": "[rubyonrails-security] 20110209 Filter Problems on Case-Insensitive Filesystems", + "refsource": "MLIST", + "url": "http://groups.google.com/group/rubyonrails-security/msg/04345b2e84df5b4f?dmode=source&output=gplain" + }, + { + "name": "http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4", + "refsource": "CONFIRM", + "url": "http://weblog.rubyonrails.org/2011/2/8/new-releases-2-3-11-and-3-0-4" + }, + { + "name": "FEDORA-2011-4358", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html" + }, + { + "name": "43278", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43278" + }, + { + "name": "ADV-2011-0877", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0877" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0658.json b/2011/0xxx/CVE-2011-0658.json index ad9e73abae7..7955fb19bec 100644 --- a/2011/0xxx/CVE-2011-0658.json +++ b/2011/0xxx/CVE-2011-0658.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0658", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted WMF file, aka \"OLE Automation Underflow Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2011-0658", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS11-038", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-038" - }, - { - "name" : "oval:org.mitre.oval:def:12335", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12335" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted WMF file, aka \"OLE Automation Underflow Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS11-038", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-038" + }, + { + "name": "oval:org.mitre.oval:def:12335", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12335" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1119.json b/2011/1xxx/CVE-2011-1119.json index c97eb15f460..9478d6ebd32 100644 --- a/2011/1xxx/CVE-2011-1119.json +++ b/2011/1xxx/CVE-2011-1119.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1119", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a \"stale pointer.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1119", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=71595", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=71595" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html" - }, - { - "name" : "46614", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46614" - }, - { - "name" : "oval:org.mitre.oval:def:14542", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14542" - }, - { - "name" : "google-chrome-orientation-dos(65737)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65737" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 9.0.597.107 does not properly determine device orientation, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a \"stale pointer.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "google-chrome-orientation-dos(65737)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65737" + }, + { + "name": "46614", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46614" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=71595", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=71595" + }, + { + "name": "oval:org.mitre.oval:def:14542", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14542" + }, + { + "name": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/02/stable-channel-update_28.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1187.json b/2011/1xxx/CVE-2011-1187.json index 96917ca0c07..80b97246010 100644 --- a/2011/1xxx/CVE-2011-1187.json +++ b/2011/1xxx/CVE-2011-1187.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1187", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an \"error message leak.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1187", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=69187", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=69187" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html" - }, - { - "name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-32.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-32.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=624621", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=624621" - }, - { - "name" : "46785", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46785" - }, - { - "name" : "oval:org.mitre.oval:def:14369", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14369" - }, - { - "name" : "48972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/48972" - }, - { - "name" : "49047", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49047" - }, - { - "name" : "49055", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49055" - }, - { - "name" : "ADV-2011-0628", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0628" - }, - { - "name" : "google-unspecified-info-disc(65951)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65951" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 10.0.648.127 allows remote attackers to bypass the Same Origin Policy via unspecified vectors, related to an \"error message leak.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "46785", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46785" + }, + { + "name": "google-unspecified-info-disc(65951)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65951" + }, + { + "name": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/03/chrome-stable-release.html" + }, + { + "name": "49055", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49055" + }, + { + "name": "http://www.mozilla.org/security/announce/2012/mfsa2012-32.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2012/mfsa2012-32.html" + }, + { + "name": "48972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/48972" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=624621", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=624621" + }, + { + "name": "49047", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49047" + }, + { + "name": "oval:org.mitre.oval:def:14369", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14369" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=69187", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=69187" + }, + { + "name": "ADV-2011-0628", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0628" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1250.json b/2011/1xxx/CVE-2011-1250.json index 1bffef2e045..3bafd955ed9 100644 --- a/2011/1xxx/CVE-2011-1250.json +++ b/2011/1xxx/CVE-2011-1250.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1250", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka \"Link Properties Handling Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2011-1250", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110615 NSFOCUS SA2011-01 : Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/518445/100/0/threaded" - }, - { - "name" : "http://www.nsfocus.com/en/advisories/1101.html", - "refsource" : "MISC", - "url" : "http://www.nsfocus.com/en/advisories/1101.html" - }, - { - "name" : "MS11-050", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050" - }, - { - "name" : "oval:org.mitre.oval:def:12708", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka \"Link Properties Handling Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20110615 NSFOCUS SA2011-01 : Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/518445/100/0/threaded" + }, + { + "name": "http://www.nsfocus.com/en/advisories/1101.html", + "refsource": "MISC", + "url": "http://www.nsfocus.com/en/advisories/1101.html" + }, + { + "name": "oval:org.mitre.oval:def:12708", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12708" + }, + { + "name": "MS11-050", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-050" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1435.json b/2011/1xxx/CVE-2011-1435.json index e09415c7ade..3b78c4dd934 100644 --- a/2011/1xxx/CVE-2011-1435.json +++ b/2011/1xxx/CVE-2011-1435.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1435", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1435", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=72523", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=72523" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html" - }, - { - "name" : "oval:org.mitre.oval:def:14586", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14586" - }, - { - "name" : "chrome-extension-info-disc(67142)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67142" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 11.0.696.57 does not properly implement the tabs permission for extensions, which allows remote attackers to read local files via a crafted extension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://code.google.com/p/chromium/issues/detail?id=72523", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=72523" + }, + { + "name": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html" + }, + { + "name": "oval:org.mitre.oval:def:14586", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14586" + }, + { + "name": "chrome-extension-info-disc(67142)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67142" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1799.json b/2011/1xxx/CVE-2011-1799.json index c2a4f62a244..cf6dc245b68 100644 --- a/2011/1xxx/CVE-2011-1799.json +++ b/2011/1xxx/CVE-2011-1799.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1799", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2011-1799", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=64046", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=64046" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html" - }, - { - "name" : "DSA-2245", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2245" - }, - { - "name" : "oval:org.mitre.oval:def:14029", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14029" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 11.0.696.68 does not properly perform casts of variables during interaction with the WebKit engine, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-2245", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2245" + }, + { + "name": "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/05/stable-channel-update.html" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=64046", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=64046" + }, + { + "name": "oval:org.mitre.oval:def:14029", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14029" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1947.json b/2011/1xxx/CVE-2011-1947.json index d416033a7f5..1c1d8e63238 100644 --- a/2011/1xxx/CVE-2011-1947.json +++ b/2011/1xxx/CVE-2011-1947.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1947", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-1947", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110606 fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/518251/100/0/threaded" - }, - { - "name" : "[oss-security] 20110530 CVE request for fetchmail STARTTLS hang (Denial of Service)", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/05/30/1" - }, - { - "name" : "[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/05/31/12" - }, - { - "name" : "[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/05/31/17" - }, - { - "name" : "[oss-security] 20110601 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2011/06/01/2" - }, - { - "name" : "http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt", - "refsource" : "CONFIRM", - "url" : "http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt" - }, - { - "name" : "http://www.fetchmail.info/fetchmail-SA-2011-01.txt", - "refsource" : "CONFIRM", - "url" : "http://www.fetchmail.info/fetchmail-SA-2011-01.txt" - }, - { - "name" : "FEDORA-2011-8011", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061672.html" - }, - { - "name" : "FEDORA-2011-8021", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061735.html" - }, - { - "name" : "FEDORA-2011-8059", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061634.html" - }, - { - "name" : "MDVSA-2011:107", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:107" - }, - { - "name" : "48043", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/48043" - }, - { - "name" : "1025605", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025605" - }, - { - "name" : "fetchmail-starttls-dos(67700)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67700" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/05/31/17" + }, + { + "name": "48043", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/48043" + }, + { + "name": "FEDORA-2011-8011", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061672.html" + }, + { + "name": "[oss-security] 20110531 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/05/31/12" + }, + { + "name": "[oss-security] 20110530 CVE request for fetchmail STARTTLS hang (Denial of Service)", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/05/30/1" + }, + { + "name": "20110606 fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/518251/100/0/threaded" + }, + { + "name": "FEDORA-2011-8059", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061634.html" + }, + { + "name": "http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt", + "refsource": "CONFIRM", + "url": "http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt" + }, + { + "name": "1025605", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025605" + }, + { + "name": "MDVSA-2011:107", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:107" + }, + { + "name": "FEDORA-2011-8021", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061735.html" + }, + { + "name": "http://www.fetchmail.info/fetchmail-SA-2011-01.txt", + "refsource": "CONFIRM", + "url": "http://www.fetchmail.info/fetchmail-SA-2011-01.txt" + }, + { + "name": "[oss-security] 20110601 Re: CVE request for fetchmail STARTTLS hang (Denial of Service)", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2011/06/01/2" + }, + { + "name": "fetchmail-starttls-dos(67700)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67700" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3357.json b/2011/3xxx/CVE-2011-3357.json index 87ccb264b9a..c09afef2637 100644 --- a/2011/3xxx/CVE-2011-3357.json +++ b/2011/3xxx/CVE-2011-3357.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3357", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in bug_actiongroup_ext_page.php in MantisBT before 1.2.8 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the action parameter, related to bug_actiongroup_page.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-3357", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110905 Multiple vulnerabilities in MantisBT", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/519547/100/0/threaded" - }, - { - "name" : "[debian-security-tracker] 20110908 Security Fix for mantis stable 1.1.8", - "refsource" : "MLIST", - "url" : "http://lists.debian.org/debian-security-tracker/2011/09/msg00012.html" - }, - { - "name" : "[oss-security] 20110904 CVE requests: