admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:46:19 +00:00
parent 565c3ceea8
commit 179f422945
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
57 changed files with 3767 additions and 3770 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
2006/2xxx/CVE-2006-2000.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2000", "ID": "CVE-2006-2000",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in /lms/a2z.jsp in logMethods 0.9 allows remote attackers to inject arbitrary web script or HTML via the kwd parameter." "value": "Cross-site scripting (XSS) vulnerability in /lms/a2z.jsp in logMethods 0.9 allows remote attackers to inject arbitrary web script or HTML via the kwd parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://pridels0.blogspot.com/2006/04/logmethods-xss-vuln.html", "name": "ADV-2006-1484",
"refsource" : "MISC", "refsource": "VUPEN",
"url" : "http://pridels0.blogspot.com/2006/04/logmethods-xss-vuln.html" "url": "http://www.vupen.com/english/advisories/2006/1484"
}, },
{ {
"name" : "17675", "name": "24876",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/17675" "url": "http://www.osvdb.org/24876"
}, },
{ {
"name" : "ADV-2006-1484", "name": "http://pridels0.blogspot.com/2006/04/logmethods-xss-vuln.html",
"refsource" : "VUPEN", "refsource": "MISC",
"url" : "http://www.vupen.com/english/advisories/2006/1484" "url": "http://pridels0.blogspot.com/2006/04/logmethods-xss-vuln.html"
}, },
{ {
"name" : "24876", "name": "17675",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://www.osvdb.org/24876" "url": "http://www.securityfocus.com/bid/17675"
}, },
{ {
"name" : "19793", "name": "19793",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/19793" "url": "http://secunia.com/advisories/19793"
}, },
{ {
"name" : "logmethods-lmsa2z-xss(25968)", "name": "logmethods-lmsa2z-xss(25968)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25968" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25968"
} }
] ]
} }

116
2006/2xxx/CVE-2006-2430.json
View File

@ -1,106 +1,106 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2430", "ID": "CVE-2006-2430",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges." "value": "IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060509 IBM Websphere Application Server Multiple Vulnerabilities", "name": "PK16492",
"refsource" : "BUGTRAQ", "refsource": "AIXAPAR",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html" "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=PK16492&apar=only"
}, },
{ {
"name" : "PK16492", "name": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064",
"refsource" : "AIXAPAR", "refsource": "CONFIRM",
"url" : "http://www-1.ibm.com/support/search.wss?rs=0&q=PK16492&apar=only" "url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064"
}, },
{ {
"name" : "PK22416", "name": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009",
"refsource" : "AIXAPAR", "refsource": "CONFIRM",
"url" : "http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK16492&uid=swg1PK22416&loc=en_US&cs=utf-8&lang=" "url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009"
}, },
{ {
"name" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773", "name": "PK22416",
"refsource" : "CONFIRM", "refsource": "AIXAPAR",
"url" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773" "url": "http://www-1.ibm.com/support/docview.wss?rs=0&dc=DB550&q1=PK16492&uid=swg1PK22416&loc=en_US&cs=utf-8&lang="
}, },
{ {
"name" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009", "name": "910",
"refsource" : "CONFIRM", "refsource": "SREASON",
"url" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012009" "url": "http://securityreason.com/securityalert/910"
}, },
{ {
"name" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064", "name": "ADV-2006-1736",
"refsource" : "CONFIRM", "refsource": "VUPEN",
"url" : "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24012064" "url": "http://www.vupen.com/english/advisories/2006/1736"
}, },
{ {
"name" : "ADV-2006-1736", "name": "20032",
"refsource" : "VUPEN", "refsource": "SECUNIA",
"url" : "http://www.vupen.com/english/advisories/2006/1736" "url": "http://secunia.com/advisories/20032"
}, },
{ {
"name" : "25372", "name": "20060509 IBM Websphere Application Server Multiple Vulnerabilities",
"refsource" : "OSVDB", "refsource": "BUGTRAQ",
"url" : "http://www.osvdb.org/25372" "url": "http://archives.neohapsis.com/archives/bugtraq/2006-05/0175.html"
}, },
{ {
"name" : "20032", "name": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/20032" "url": "http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24011773"
}, },
{ {
"name" : "910", "name": "25372",
"refsource" : "SREASON", "refsource": "OSVDB",
"url" : "http://securityreason.com/securityalert/910" "url": "http://www.osvdb.org/25372"
} }
] ]
} }

122
2006/2xxx/CVE-2006-2726.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2726", "ID": "CVE-2006-2726",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php." "value": "PHP remote file inclusion vulnerability in Fastpublish CMS 1.6.9.d allows remote attackers to include arbitrary files via the config[fsBase] parameter in (1) drucken.php, (2) drucken2.php, (3) email_an_benutzer.php, (4) rechnung.php, (5) suche/search.php and (6) adminbereich/admin.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "1848", "name": "fastpublish-fsbase-file-include(26897)",
"refsource" : "EXPLOIT-DB", "refsource": "XF",
"url" : "https://www.exploit-db.com/exploits/1848" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26897"
}, },
{ {
"name" : "18163", "name": "26161",
"refsource" : "BID", "refsource": "OSVDB",
"url" : "http://www.securityfocus.com/bid/18163" "url": "http://www.osvdb.org/26161"
}, },
{ {
"name" : "ADV-2006-2043", "name": "26158",
"refsource" : "VUPEN", "refsource": "OSVDB",
"url" : "http://www.vupen.com/english/advisories/2006/2043" "url": "http://www.osvdb.org/26158"
}, },
{ {
"name" : "26157", "name": "26159",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/26157" "url": "http://www.osvdb.org/26159"
}, },
{ {
"name" : "26158", "name": "1848",
"refsource" : "OSVDB", "refsource": "EXPLOIT-DB",
"url" : "http://www.osvdb.org/26158" "url": "https://www.exploit-db.com/exploits/1848"
}, },
{ {
"name" : "26159", "name": "18163",
"refsource" : "OSVDB", "refsource": "BID",
"url" : "http://www.osvdb.org/26159" "url": "http://www.securityfocus.com/bid/18163"
}, },
{ {
"name" : "26160", "name": "26160",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/26160" "url": "http://www.osvdb.org/26160"
}, },
{ {
"name" : "26161", "name": "ADV-2006-2043",
"refsource" : "OSVDB", "refsource": "VUPEN",
"url" : "http://www.osvdb.org/26161" "url": "http://www.vupen.com/english/advisories/2006/2043"
}, },
{ {
"name" : "26162", "name": "26162",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/26162" "url": "http://www.osvdb.org/26162"
}, },
{ {
"name" : "20346", "name": "26157",
"refsource" : "SECUNIA", "refsource": "OSVDB",
"url" : "http://secunia.com/advisories/20346" "url": "http://www.osvdb.org/26157"
}, },
{ {
"name" : "fastpublish-fsbase-file-include(26897)", "name": "20346",
"refsource" : "XF", "refsource": "SECUNIA",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26897" "url": "http://secunia.com/advisories/20346"
} }
] ]
} }

92
2006/2xxx/CVE-2006-2813.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2813", "ID": "CVE-2006-2813",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arbitrary files via a .. (dot dot) in the query string." "value": "Directory traversal vulnerability in easy-scart.cgi in iShopCart allows remote attackers to read arbitrary files via a .. (dot dot) in the query string."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060531 ishopcart cgi 0day and multiple vulnerabilities", "name": "1031",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/435597/100/0/threaded" "url": "http://securityreason.com/securityalert/1031"
}, },
{ {
"name" : "18223", "name": "iShopCart-easyscart-directory-traversal(27015)",
"refsource" : "BID", "refsource": "XF",
"url" : "http://www.securityfocus.com/bid/18223" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27015"
}, },
{ {
"name" : "ADV-2006-2108", "name": "18223",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2006/2108" "url": "http://www.securityfocus.com/bid/18223"
}, },
{ {
"name" : "20415", "name": "20060531 ishopcart cgi 0day and multiple vulnerabilities",
"refsource" : "SECUNIA", "refsource": "BUGTRAQ",
"url" : "http://secunia.com/advisories/20415" "url": "http://www.securityfocus.com/archive/1/435597/100/0/threaded"
}, },
{ {
"name" : "1031", "name": "20415",
"refsource" : "SREASON", "refsource": "SECUNIA",
"url" : "http://securityreason.com/securityalert/1031" "url": "http://secunia.com/advisories/20415"
}, },
{ {
"name" : "iShopCart-easyscart-directory-traversal(27015)", "name": "ADV-2006-2108",
"refsource" : "XF", "refsource": "VUPEN",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27015" "url": "http://www.vupen.com/english/advisories/2006/2108"
} }
] ]
} }

22
2006/3xxx/CVE-2006-3248.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2006-3248", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2006-3248",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4011. Reason: This candidate is a duplicate of CVE-2005-4011. Notes: All CVE users should reference CVE-2005-4011 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-4011. Reason: This candidate is a duplicate of CVE-2005-4011. Notes: All CVE users should reference CVE-2005-4011 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
} }
] ]
} }

80
2006/3xxx/CVE-2006-3653.json
View File

@ -1,76 +1,76 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3653", "ID": "CVE-2006-3653",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files." "value": "wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060714 Microsoft Works - Buffer Overflows / Denial of Service (DoS)-Vulnerabilities", "name": "18989",
"refsource" : "BUGTRAQ", "refsource": "BID",
"url" : "http://www.securityfocus.com/archive/1/440056/100/0/threaded" "url": "http://www.securityfocus.com/bid/18989"
}, },
{ {
"name" : "18989", "name": "20060714 Microsoft Works - Buffer Overflows / Denial of Service (DoS)-Vulnerabilities",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/18989" "url": "http://www.securityfocus.com/archive/1/440056/100/0/threaded"
}, },
{ {
"name" : "ADV-2006-2813", "name": "1016504",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2006/2813" "url": "http://securitytracker.com/id?1016504"
}, },
{ {
"name" : "1016504", "name": "ADV-2006-2813",
"refsource" : "SECTRACK", "refsource": "VUPEN",
"url" : "http://securitytracker.com/id?1016504" "url": "http://www.vupen.com/english/advisories/2006/2813"
} }
] ]
} }

122
2006/3xxx/CVE-2006-3697.json
View File

@ -1,111 +1,111 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-3697", "ID": "CVE-2006-3697",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall." "value": "Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the \"open folder\" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the \"Save Configuration As\" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior", "name": "21089",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://www.securityfocus.com/archive/1/440426/100/0/threaded" "url": "http://secunia.com/advisories/21089"
}, },
{ {
"name" : "http://www.ben.goulding.com.au/secad.html", "name": "27349",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://www.ben.goulding.com.au/secad.html" "url": "http://www.osvdb.org/27349"
}, },
{ {
"name" : "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html", "name": "19018",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html" "url": "http://www.securityfocus.com/bid/19018"
}, },
{ {
"name" : "19018", "name": "20060716 Escalation of privileges in Outpost and Lavasoft Firewalls -Unusual ShellExecute behavior",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/19018" "url": "http://www.securityfocus.com/archive/1/440426/100/0/threaded"
}, },
{ {
"name" : "19024", "name": "ADV-2007-0144",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/19024" "url": "http://www.vupen.com/english/advisories/2007/0144"
}, },
{ {
"name" : "ADV-2006-2851", "name": "19024",
"refsource" : "VUPEN", "refsource": "BID",
"url" : "http://www.vupen.com/english/advisories/2006/2851" "url": "http://www.securityfocus.com/bid/19024"
}, },
{ {
"name" : "ADV-2006-2852", "name": "ADV-2006-2851",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2852" "url": "http://www.vupen.com/english/advisories/2006/2851"
}, },
{ {
"name" : "ADV-2007-0144", "name": "ADV-2006-2852",
"refsource" : "VUPEN", "refsource": "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0144" "url": "http://www.vupen.com/english/advisories/2006/2852"
}, },
{ {
"name" : "27349", "name": "http://www.ben.goulding.com.au/secad.html",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://www.osvdb.org/27349" "url": "http://www.ben.goulding.com.au/secad.html"
}, },
{ {
"name" : "21088", "name": "21088",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/21088" "url": "http://secunia.com/advisories/21088"
}, },
{ {
"name" : "21089", "name": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/21089" "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/903/3762108_f.SAL_Public.html"
} }
] ]
} }

98
2006/6xxx/CVE-2006-6237.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6237", "ID": "CVE-2006-6237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the decode_cookie function in thread.php in Woltlab Burning Board Lite 1.0.2 allows remote attackers to execute arbitrary SQL commands via the threadvisit Cookie parameter." "value": "SQL injection vulnerability in the decode_cookie function in thread.php in Woltlab Burning Board Lite 1.0.2 allows remote attackers to execute arbitrary SQL commands via the threadvisit Cookie parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061124 Wolflab Burning Board Lite 1.0.2 two sql injections", "name": "ADV-2006-4694",
"refsource" : "BUGTRAQ", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/archive/1/452561/100/0/threaded" "url": "http://www.vupen.com/english/advisories/2006/4694"
}, },
{ {
"name" : "2841", "name": "wbblite-thread-sql-injection(30561)",
"refsource" : "EXPLOIT-DB", "refsource": "XF",
"url" : "https://www.exploit-db.com/exploits/2841" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30561"
}, },
{ {
"name" : "http://retrogod.altervista.org/wbblite_102_sql_mqg_bypass.html", "name": "http://retrogod.altervista.org/wbblite_102_sql_mqg_bypass.html",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://retrogod.altervista.org/wbblite_102_sql_mqg_bypass.html" "url": "http://retrogod.altervista.org/wbblite_102_sql_mqg_bypass.html"
}, },
{ {
"name" : "ADV-2006-4694", "name": "2841",
"refsource" : "VUPEN", "refsource": "EXPLOIT-DB",
"url" : "http://www.vupen.com/english/advisories/2006/4694" "url": "https://www.exploit-db.com/exploits/2841"
}, },
{ {
"name" : "23077", "name": "1955",
"refsource" : "SECUNIA", "refsource": "SREASON",
"url" : "http://secunia.com/advisories/23077" "url": "http://securityreason.com/securityalert/1955"
}, },
{ {
"name" : "1955", "name": "23077",
"refsource" : "SREASON", "refsource": "SECUNIA",
"url" : "http://securityreason.com/securityalert/1955" "url": "http://secunia.com/advisories/23077"
}, },
{ {
"name" : "wbblite-thread-sql-injection(30561)", "name": "20061124 Wolflab Burning Board Lite 1.0.2 two sql injections",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30561" "url": "http://www.securityfocus.com/archive/1/452561/100/0/threaded"
} }
] ]
} }

74
2006/6xxx/CVE-2006-6273.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6273", "ID": "CVE-2006-6273",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid dir parameter, which reveals the path in an error message." "value": "sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid dir parameter, which reveals the path in an error message."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061124 Cross site scripting & fullpath disclosure", "name": "20061227 Re: Cross site scripting & fullpath disclosure",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/452555/100/100/threaded" "url": "http://www.securityfocus.com/archive/1/455359/100/0/threaded"
}, },
{ {
"name" : "20061227 Re: Cross site scripting & fullpath disclosure", "name": "20061124 Cross site scripting & fullpath disclosure",
"refsource" : "BUGTRAQ", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/455359/100/0/threaded" "url": "http://www.securityfocus.com/archive/1/452555/100/100/threaded"
}, },
{ {
"name" : "1967", "name": "1967",
"refsource" : "SREASON", "refsource": "SREASON",
"url" : "http://securityreason.com/securityalert/1967" "url": "http://securityreason.com/securityalert/1967"
} }
] ]
} }

86
2006/6xxx/CVE-2006-6401.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6401", "ID": "CVE-2006-6401",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in mystats.php in MyStats 1.0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) connexion, (2) by, and (3) details parameter." "value": "Multiple cross-site scripting (XSS) vulnerabilities in mystats.php in MyStats 1.0.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) connexion, (2) by, and (3) details parameter."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061112 MyStats <=1.0.8 [injection sql, multiples xss, array & full path", "name": "22813",
"refsource" : "BUGTRAQ", "refsource": "SECUNIA",
"url" : "http://marc.info/?l=bugtraq&m=116344068502988&w=2" "url": "http://secunia.com/advisories/22813"
}, },
{ {
"name" : "ADV-2006-4468", "name": "1017210",
"refsource" : "VUPEN", "refsource": "SECTRACK",
"url" : "http://www.vupen.com/english/advisories/2006/4468" "url": "http://securitytracker.com/id?1017210"
}, },
{ {
"name" : "30319", "name": "30319",
"refsource" : "OSVDB", "refsource": "OSVDB",
"url" : "http://www.osvdb.org/30319" "url": "http://www.osvdb.org/30319"
}, },
{ {
"name" : "1017210", "name": "20061112 MyStats <=1.0.8 [injection sql, multiples xss, array & full path",
"refsource" : "SECTRACK", "refsource": "BUGTRAQ",
"url" : "http://securitytracker.com/id?1017210" "url": "http://marc.info/?l=bugtraq&m=116344068502988&w=2"
}, },
{ {
"name" : "22813", "name": "ADV-2006-4468",
"refsource" : "SECUNIA", "refsource": "VUPEN",
"url" : "http://secunia.com/advisories/22813" "url": "http://www.vupen.com/english/advisories/2006/4468"
} }
] ]
} }

74
2006/7xxx/CVE-2006-7152.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7152", "ID": "CVE-2006-7152",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by setting certain pseudo cookie values." "value": "default.asp in ASP-Nuke Community 1.5 and earlier allows remote attackers to gain privileges by setting certain pseudo cookie values."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "2849", "name": "21309",
"refsource" : "EXPLOIT-DB", "refsource": "BID",
"url" : "https://www.exploit-db.com/exploits/2849" "url": "http://www.securityfocus.com/bid/21309"
}, },
{ {
"name" : "21309", "name": "2849",
"refsource" : "BID", "refsource": "EXPLOIT-DB",
"url" : "http://www.securityfocus.com/bid/21309" "url": "https://www.exploit-db.com/exploits/2849"
}, },
{ {
"name" : "aspnuke-cookie-privilege-escalation(30541)", "name": "aspnuke-cookie-privilege-escalation(30541)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30541" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30541"
} }
] ]
} }

98
2006/7xxx/CVE-2006-7160.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-7160", "ID": "CVE-2006-7160",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions." "value": "The Sandbox.sys driver in Outpost Firewall PRO 4.0, and possibly earlier versions, does not validate arguments to hooked SSDT functions, which allows local users to cause a denial of service (crash) via invalid arguments to the (1) NtAssignProcessToJobObject,, (2) NtCreateKey, (3) NtCreateThread, (4) NtDeleteFile, (5) NtLoadDriver, (6) NtOpenProcess, (7) NtProtectVirtualMemory, (8) NtReplaceKey, (9) NtTerminateProcess, (10) NtTerminateThread, (11) NtUnloadDriver, and (12) NtWriteVirtualMemory functions."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability", "name": "2376",
"refsource" : "BUGTRAQ", "refsource": "SREASON",
"url" : "http://www.securityfocus.com/archive/1/451672/100/0/threaded" "url": "http://securityreason.com/securityalert/2376"
}, },
{ {
"name" : "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php", "name": "outpostfirewall-multiple-functions-dos(30312)",
"refsource" : "MISC", "refsource": "XF",
"url" : "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312"
}, },
{ {
"name" : "21097", "name": "ADV-2006-4537",
"refsource" : "BID", "refsource": "VUPEN",
"url" : "http://www.securityfocus.com/bid/21097" "url": "http://www.vupen.com/english/advisories/2006/4537"
}, },
{ {
"name" : "ADV-2006-4537", "name": "20061115 Outpost Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource" : "VUPEN", "refsource": "BUGTRAQ",
"url" : "http://www.vupen.com/english/advisories/2006/4537" "url": "http://www.securityfocus.com/archive/1/451672/100/0/threaded"
}, },
{ {
"name" : "22913", "name": "22913",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/22913" "url": "http://secunia.com/advisories/22913"
}, },
{ {
"name" : "2376", "name": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource" : "SREASON", "refsource": "MISC",
"url" : "http://securityreason.com/securityalert/2376" "url": "http://www.matousec.com/info/advisories/Outpost-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
}, },
{ {
"name" : "outpostfirewall-multiple-functions-dos(30312)", "name": "21097",
"refsource" : "XF", "refsource": "BID",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30312" "url": "http://www.securityfocus.com/bid/21097"
} }
] ]
} }

98
2011/0xxx/CVE-2011-0005.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-0005", "ID": "CVE-2011-0005",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the com_search module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php." "value": "Cross-site scripting (XSS) vulnerability in the com_search module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20110105 Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability", "name": "joomla-ordering-xss(64539)",
"refsource" : "BUGTRAQ", "refsource": "XF",
"url" : "http://www.securityfocus.com/archive/1/515553/100/0/threaded" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64539"
}, },
{ {
"name" : "20110107 Re: Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability", "name": "http://yehg.net/lab/pr0js/advisories/joomla/core/[joomla_1.0.x~15]_cross_site_scripting",
"refsource" : "BUGTRAQ", "refsource": "MISC",
"url" : "http://www.securityfocus.com/archive/1/515590/100/0/threaded" "url": "http://yehg.net/lab/pr0js/advisories/joomla/core/[joomla_1.0.x~15]_cross_site_scripting"
}, },
{ {
"name" : "http://packetstormsecurity.org/files/view/97273/joomla1015-xss.txt", "name": "70369",
"refsource" : "MISC", "refsource": "OSVDB",
"url" : "http://packetstormsecurity.org/files/view/97273/joomla1015-xss.txt" "url": "http://osvdb.org/70369"
}, },
{ {
"name" : "http://yehg.net/lab/pr0js/advisories/joomla/core/[joomla_1.0.x~15]_cross_site_scripting", "name": "45679",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://yehg.net/lab/pr0js/advisories/joomla/core/[joomla_1.0.x~15]_cross_site_scripting" "url": "http://www.securityfocus.com/bid/45679"
}, },
{ {
"name" : "45679", "name": "20110107 Re: Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability",
"refsource" : "BID", "refsource": "BUGTRAQ",
"url" : "http://www.securityfocus.com/bid/45679" "url": "http://www.securityfocus.com/archive/1/515590/100/0/threaded"
}, },
{ {
"name" : "70369", "name": "http://packetstormsecurity.org/files/view/97273/joomla1015-xss.txt",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://osvdb.org/70369" "url": "http://packetstormsecurity.org/files/view/97273/joomla1015-xss.txt"
}, },
{ {
"name" : "joomla-ordering-xss(64539)", "name": "20110105 Joomla! 1.0.x ~ 1.0.15 | Cross Site Scripting (XSS) Vulnerability",
"refsource" : "XF", "refsource": "BUGTRAQ",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64539" "url": "http://www.securityfocus.com/archive/1/515553/100/0/threaded"
} }
] ]
} }

110
2011/0xxx/CVE-2011-0055.json
View File

@ -1,101 +1,101 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-0055", "ID": "CVE-2011-0055",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the js_HasOwnProperty function and garbage collection." "value": "Use-after-free vulnerability in the JSON.stringify method in js3250.dll in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors related to the js_HasOwnProperty function and garbage collection."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20110302 ZDI-11-103: Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability", "name": "http://downloads.avaya.com/css/P8/documents/100133195",
"refsource" : "BUGTRAQ", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/archive/1/516802" "url": "http://downloads.avaya.com/css/P8/documents/100133195"
}, },
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-103/", "name": "46661",
"refsource" : "MISC", "refsource": "BID",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-103/" "url": "http://www.securityfocus.com/bid/46661"
}, },
{ {
"name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-03.html", "name": "oval:org.mitre.oval:def:14476",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-03.html" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14476"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=616009", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=616009",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=616009" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=616009"
}, },
{ {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=619255", "name": "http://www.mozilla.org/security/announce/2011/mfsa2011-03.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=619255" "url": "http://www.mozilla.org/security/announce/2011/mfsa2011-03.html"
}, },
{ {
"name" : "http://downloads.avaya.com/css/P8/documents/100133195", "name": "MDVSA-2011:041",
"refsource" : "CONFIRM", "refsource": "MANDRIVA",
"url" : "http://downloads.avaya.com/css/P8/documents/100133195" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:041"
}, },
{ {
"name" : "MDVSA-2011:041", "name": "20110302 ZDI-11-103: Mozilla Firefox JSON.stringify Dangling Pointer Remote Code Execution Vulnerability",
"refsource" : "MANDRIVA", "refsource": "BUGTRAQ",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:041" "url": "http://www.securityfocus.com/archive/1/516802"
}, },
{ {
"name" : "46661", "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-103/",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/46661" "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-103/"
}, },
{ {
"name" : "oval:org.mitre.oval:def:14476", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=619255",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14476" "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=619255"
} }
] ]
} }

98
2011/0xxx/CVE-2011-0120.json
View File

@ -1,91 +1,91 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-0120", "ID": "CVE-2011-0120",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1." "value": "WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT4554", "name": "oval:org.mitre.oval:def:17373",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://support.apple.com/kb/HT4554" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17373"
}, },
{ {
"name" : "http://support.apple.com/kb/HT4564", "name": "http://support.apple.com/kb/HT4564",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT4564" "url": "http://support.apple.com/kb/HT4564"
}, },
{ {
"name" : "http://support.apple.com/kb/HT4566", "name": "http://support.apple.com/kb/HT4566",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://support.apple.com/kb/HT4566" "url": "http://support.apple.com/kb/HT4566"
}, },
{ {
"name" : "APPLE-SA-2011-03-02-1", "name": "APPLE-SA-2011-03-02-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html" "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
}, },
{ {
"name" : "APPLE-SA-2011-03-09-1", "name": "APPLE-SA-2011-03-09-1",
"refsource" : "APPLE", "refsource": "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html" "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00003.html"
}, },
{ {
"name" : "APPLE-SA-2011-03-09-2", "name": "http://support.apple.com/kb/HT4554",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html" "url": "http://support.apple.com/kb/HT4554"
}, },
{ {
"name" : "oval:org.mitre.oval:def:17373", "name": "APPLE-SA-2011-03-09-2",
"refsource" : "OVAL", "refsource": "APPLE",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17373" "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
} }
] ]
} }

68
2011/0xxx/CVE-2011-0178.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-0178", "ID": "CVE-2011-0178",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory." "value": "The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable directory in response to a call with the kTemporaryFolderType flag, which allows local users to obtain potentially sensitive information by accessing this directory."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://support.apple.com/kb/HT4581", "name": "APPLE-SA-2011-03-21-1",
"refsource" : "CONFIRM", "refsource": "APPLE",
"url" : "http://support.apple.com/kb/HT4581" "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
}, },
{ {
"name" : "APPLE-SA-2011-03-21-1", "name": "http://support.apple.com/kb/HT4581",
"refsource" : "APPLE", "refsource": "CONFIRM",
"url" : "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" "url": "http://support.apple.com/kb/HT4581"
} }
] ]
} }

22
2011/2xxx/CVE-2011-2068.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2068", "ID": "CVE-2011-2068",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

134
2011/2xxx/CVE-2011-2213.json
View File

@ -1,121 +1,121 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2213", "ID": "CVE-2011-2213",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880." "value": "The inet_diag_bc_audit function in net/ipv4/inet_diag.c in the Linux kernel before 2.6.39.3 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message, as demonstrated by an INET_DIAG_BC_JMP instruction with a zero yes value, a different vulnerability than CVE-2010-3880."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[netdev] 20110601 Re: inet_diag insufficient validation?", "name": "http://patchwork.ozlabs.org/patch/100857/",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://article.gmane.org/gmane.linux.network/197208" "url": "http://patchwork.ozlabs.org/patch/100857/"
}, },
{ {
"name" : "[netdev] 20110601 inet_diag insufficient validation?", "name": "[netdev] 20110617 [PATCH] inet_diag: fix inet_diag_bc_audit()",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://article.gmane.org/gmane.linux.network/197206" "url": "http://article.gmane.org/gmane.linux.network/198809"
}, },
{ {
"name" : "[netdev] 20110603 Re: inet_diag insufficient validation?", "name": "RHSA-2011:0927",
"refsource" : "MLIST", "refsource": "REDHAT",
"url" : "http://article.gmane.org/gmane.linux.network/197386" "url": "http://rhn.redhat.com/errata/RHSA-2011-0927.html"
}, },
{ {
"name" : "[netdev] 20110617 [PATCH] inet_diag: fix inet_diag_bc_audit()", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=714536",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://article.gmane.org/gmane.linux.network/198809" "url": "https://bugzilla.redhat.com/show_bug.cgi?id=714536"
}, },
{ {
"name" : "[oss-security] 20110620 CVE request: kernel: inet_diag: fix inet_diag_bc_audit()", "name": "[oss-security] 20110620 CVE request: kernel: inet_diag: fix inet_diag_bc_audit()",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/20/1" "url": "http://www.openwall.com/lists/oss-security/2011/06/20/1"
}, },
{ {
"name" : "[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()", "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d",
"refsource" : "MLIST", "refsource": "CONFIRM",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/20/13" "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d"
}, },
{ {
"name" : "[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()", "name": "[netdev] 20110601 inet_diag insufficient validation?",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/20/16" "url": "http://article.gmane.org/gmane.linux.network/197206"
}, },
{ {
"name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d", "name": "[netdev] 20110601 Re: inet_diag insufficient validation?",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=eeb1497277d6b1a0a34ed36b97e18f2bd7d6de0d" "url": "http://article.gmane.org/gmane.linux.network/197208"
}, },
{ {
"name" : "http://patchwork.ozlabs.org/patch/100857/", "name": "[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "http://patchwork.ozlabs.org/patch/100857/" "url": "http://www.openwall.com/lists/oss-security/2011/06/20/13"
}, },
{ {
"name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3", "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3" "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.39.3"
}, },
{ {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=714536", "name": "[netdev] 20110603 Re: inet_diag insufficient validation?",
"refsource" : "CONFIRM", "refsource": "MLIST",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=714536" "url": "http://article.gmane.org/gmane.linux.network/197386"
}, },
{ {
"name" : "HPSBGN02970", "name": "[oss-security] 20110620 Re: CVE request: kernel: inet_diag: fix inet_diag_bc_audit()",
"refsource" : "HP", "refsource": "MLIST",
"url" : "http://marc.info/?l=bugtraq&m=139447903326211&w=2" "url": "http://www.openwall.com/lists/oss-security/2011/06/20/16"
}, },
{ {
"name" : "RHSA-2011:0927", "name": "HPSBGN02970",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2011-0927.html" "url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
} }
] ]
} }

104
2011/2xxx/CVE-2011-2716.json
View File

@ -1,96 +1,96 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2716", "ID": "CVE-2011-2716",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options." "value": "The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in the (1) HOST_NAME, (2) DOMAIN_NAME, (3) NIS_DOMAIN, and (4) TFTP_SERVER_NAME host name options."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://downloads.avaya.com/css/P8/documents/100158840", "name": "http://downloads.avaya.com/css/P8/documents/100158840",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://downloads.avaya.com/css/P8/documents/100158840" "url": "http://downloads.avaya.com/css/P8/documents/100158840"
}, },
{ {
"name" : "http://www.busybox.net/news.html", "name": "http://www.busybox.net/news.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.busybox.net/news.html" "url": "http://www.busybox.net/news.html"
}, },
{ {
"name" : "https://bugs.busybox.net/show_bug.cgi?id=3979", "name": "45363",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://bugs.busybox.net/show_bug.cgi?id=3979" "url": "http://secunia.com/advisories/45363"
}, },
{ {
"name" : "https://support.t-mobile.com/docs/DOC-21994", "name": "https://support.t-mobile.com/docs/DOC-21994",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://support.t-mobile.com/docs/DOC-21994" "url": "https://support.t-mobile.com/docs/DOC-21994"
}, },
{ {
"name" : "MDVSA-2012:129", "name": "https://bugs.busybox.net/show_bug.cgi?id=3979",
"refsource" : "MANDRIVA", "refsource": "CONFIRM",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:129" "url": "https://bugs.busybox.net/show_bug.cgi?id=3979"
}, },
{ {
"name" : "RHSA-2012:0810", "name": "RHSA-2012:0810",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-0810.html" "url": "http://rhn.redhat.com/errata/RHSA-2012-0810.html"
}, },
{ {
"name" : "48879", "name": "48879",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/48879" "url": "http://www.securityfocus.com/bid/48879"
}, },
{ {
"name" : "45363", "name": "MDVSA-2012:129",
"refsource" : "SECUNIA", "refsource": "MANDRIVA",
"url" : "http://secunia.com/advisories/45363" "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:129"
} }
] ]
} }

128
2011/3xxx/CVE-2011-3110.json
View File

@ -1,116 +1,116 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3110", "ID": "CVE-2011-3110",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations." "value": "The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=126337", "name": "http://code.google.com/p/chromium/issues/detail?id=126378",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=126337" "url": "http://code.google.com/p/chromium/issues/detail?id=126378"
}, },
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=126343", "name": "http://code.google.com/p/chromium/issues/detail?id=127349",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=126343" "url": "http://code.google.com/p/chromium/issues/detail?id=127349"
}, },
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=126378", "name": "oval:org.mitre.oval:def:14666",
"refsource" : "CONFIRM", "refsource": "OVAL",
"url" : "http://code.google.com/p/chromium/issues/detail?id=126378" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14666"
}, },
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=127349", "name": "http://code.google.com/p/chromium/issues/detail?id=126343",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=127349" "url": "http://code.google.com/p/chromium/issues/detail?id=126343"
}, },
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=127819", "name": "53679",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "http://code.google.com/p/chromium/issues/detail?id=127819" "url": "http://www.securityfocus.com/bid/53679"
}, },
{ {
"name" : "http://code.google.com/p/chromium/issues/detail?id=127868", "name": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=127868" "url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html"
}, },
{ {
"name" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html", "name": "1027098",
"refsource" : "CONFIRM", "refsource": "SECTRACK",
"url" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html" "url": "http://www.securitytracker.com/id?1027098"
}, },
{ {
"name" : "53679", "name": "http://code.google.com/p/chromium/issues/detail?id=127819",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/53679" "url": "http://code.google.com/p/chromium/issues/detail?id=127819"
}, },
{ {
"name" : "82245", "name": "http://code.google.com/p/chromium/issues/detail?id=126337",
"refsource" : "OSVDB", "refsource": "CONFIRM",
"url" : "http://osvdb.org/82245" "url": "http://code.google.com/p/chromium/issues/detail?id=126337"
}, },
{ {
"name" : "oval:org.mitre.oval:def:14666", "name": "http://code.google.com/p/chromium/issues/detail?id=127868",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14666" "url": "http://code.google.com/p/chromium/issues/detail?id=127868"
}, },
{ {
"name" : "1027098", "name": "82245",
"refsource" : "SECTRACK", "refsource": "OSVDB",
"url" : "http://www.securitytracker.com/id?1027098" "url": "http://osvdb.org/82245"
}, },
{ {
"name" : "49277", "name": "49277",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/49277" "url": "http://secunia.com/advisories/49277"
} }
] ]
} }

74
2011/3xxx/CVE-2011-3497.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-3497", "ID": "CVE-2011-3497",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method." "value": "service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://aluigi.altervista.org/adv/scadapro_1-adv.txt", "name": "8382",
"refsource" : "MISC", "refsource": "SREASON",
"url" : "http://aluigi.altervista.org/adv/scadapro_1-adv.txt" "url": "http://securityreason.com/securityalert/8382"
}, },
{ {
"name" : "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf", "name": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf",
"refsource" : "MISC", "refsource": "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf" "url": "http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-256-04.pdf"
}, },
{ {
"name" : "8382", "name": "http://aluigi.altervista.org/adv/scadapro_1-adv.txt",
"refsource" : "SREASON", "refsource": "MISC",
"url" : "http://securityreason.com/securityalert/8382" "url": "http://aluigi.altervista.org/adv/scadapro_1-adv.txt"
} }
] ]
} }

22
2011/3xxx/CVE-2011-3674.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-3674", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2011-3674",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }

68
2011/4xxx/CVE-2011-4185.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4185", "ID": "CVE-2011-4185",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436." "value": "The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.novell.com/support/viewContent.do?externalId=7008708", "name": "http://www.novell.com/support/viewContent.do?externalId=7010144",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.novell.com/support/viewContent.do?externalId=7008708" "url": "http://www.novell.com/support/viewContent.do?externalId=7010144"
}, },
{ {
"name" : "http://www.novell.com/support/viewContent.do?externalId=7010144", "name": "http://www.novell.com/support/viewContent.do?externalId=7008708",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.novell.com/support/viewContent.do?externalId=7010144" "url": "http://www.novell.com/support/viewContent.do?externalId=7008708"
} }
] ]
} }

22
2011/4xxx/CVE-2011-4386.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-4386", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2011-4386",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }

22
2011/4xxx/CVE-2011-4387.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-4387", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2011-4387",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }

22
2011/4xxx/CVE-2011-4983.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-4983", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2011-4983",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }

22
2011/4xxx/CVE-2011-4985.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2011-4985", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2011-4985",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
} }
] ]
} }

22
2013/1xxx/CVE-2013-1359.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-1359", "ID": "CVE-2013-1359",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

86
2013/5xxx/CVE-2013-5306.json
View File

@ -1,81 +1,81 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5306", "ID": "CVE-2013-5306",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "SQL injection vulnerability in the Browser - TYPO3 without PHP (browser) extension before 4.5.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors." "value": "SQL injection vulnerability in the Browser - TYPO3 without PHP (browser) extension before 4.5.5 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013", "name": "http://typo3.org/extensions/repository/view/browser",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013" "url": "http://typo3.org/extensions/repository/view/browser"
}, },
{ {
"name" : "http://typo3.org/extensions/repository/view/browser", "name": "95963",
"refsource" : "CONFIRM", "refsource": "OSVDB",
"url" : "http://typo3.org/extensions/repository/view/browser" "url": "http://osvdb.org/95963"
}, },
{ {
"name" : "61656", "name": "61656",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/61656" "url": "http://www.securityfocus.com/bid/61656"
}, },
{ {
"name" : "95963", "name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013",
"refsource" : "OSVDB", "refsource": "MISC",
"url" : "http://osvdb.org/95963" "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2013-013"
}, },
{ {
"name" : "typo3-browser-unspecified-sql-injection(86228)", "name": "typo3-browser-unspecified-sql-injection(86228)",
"refsource" : "XF", "refsource": "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86228" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86228"
} }
] ]
} }

62
2013/5xxx/CVE-2013-5545.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2013-5545", "ID": "CVE-2013-5545",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936." "value": "The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers", "name": "20131030 Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131030-asr1000"
} }
] ]
} }

74
2013/5xxx/CVE-2013-5771.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2013-5771", "ID": "CVE-2013-5771",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality and availability via unknown vectors." "value": "Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality and availability via unknown vectors."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "name": "55322",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html" "url": "http://secunia.com/advisories/55322"
}, },
{ {
"name" : "oval:org.mitre.oval:def:19209", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource" : "OVAL", "refsource": "CONFIRM",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19209" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}, },
{ {
"name" : "55322", "name": "oval:org.mitre.oval:def:19209",
"refsource" : "SECUNIA", "refsource": "OVAL",
"url" : "http://secunia.com/advisories/55322" "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19209"
} }
] ]
} }

62
2014/2xxx/CVE-2014-2184.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2014-2184", "ID": "CVE-2014-2184",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The IP Manager Assistant (IPMA) component in Cisco Unified Communications Manager (Unified CM) allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCun74352." "value": "The IP Manager Assistant (IPMA) component in Cisco Unified Communications Manager (Unified CM) allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCun74352."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "20140428 Cisco Unified Communications Manager Sensitive Information Disclosure Vulnerability", "name": "20140428 Cisco Unified Communications Manager Sensitive Information Disclosure Vulnerability",
"refsource" : "CISCO", "refsource": "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2184" "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2184"
} }
] ]
} }

22
2014/2xxx/CVE-2014-2539.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2539", "ID": "CVE-2014-2539",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

74
2014/2xxx/CVE-2014-2742.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@debian.org",
"ID" : "CVE-2014-2742", "ID": "CVE-2014-2742",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an \"xmppbomb\" attack." "value": "Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an \"xmppbomb\" attack."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20140407 Re: Possible CVE Request: Uncontrolled Resource Consumption with XMPP-Layer Compression", "name": "http://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://openwall.com/lists/oss-security/2014/04/07/7" "url": "http://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/"
}, },
{ {
"name" : "[oss-security] 20140408 Re: (Openfire M-Link Metronome Prosody Tigase) Possible CVE Request: Uncontrolled Resource Consumption with XMPP-Layer Compression", "name": "[oss-security] 20140408 Re: (Openfire M-Link Metronome Prosody Tigase) Possible CVE Request: Uncontrolled Resource Consumption with XMPP-Layer Compression",
"refsource" : "MLIST", "refsource": "MLIST",
"url" : "http://openwall.com/lists/oss-security/2014/04/09/1" "url": "http://openwall.com/lists/oss-security/2014/04/09/1"
}, },
{ {
"name" : "http://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/", "name": "[oss-security] 20140407 Re: Possible CVE Request: Uncontrolled Resource Consumption with XMPP-Layer Compression",
"refsource" : "MISC", "refsource": "MLIST",
"url" : "http://xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/" "url": "http://openwall.com/lists/oss-security/2014/04/07/7"
} }
] ]
} }

146
2014/6xxx/CVE-2014-6051.json
View File

@ -1,131 +1,131 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-6051", "ID": "CVE-2014-6051",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow." "value": "Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "[oss-security] 20140923 Multiple issues in libVNCserver", "name": "http://www.ocert.org/advisories/ocert-2014-007.html",
"refsource" : "MLIST", "refsource": "MISC",
"url" : "http://seclists.org/oss-sec/2014/q3/639" "url": "http://www.ocert.org/advisories/ocert-2014-007.html"
}, },
{ {
"name" : "[oss-security] 20140925 [oCERT-2014-007] libvncserver multiple issues", "name": "GLSA-201612-36",
"refsource" : "MLIST", "refsource": "GENTOO",
"url" : "http://www.openwall.com/lists/oss-security/2014/09/25/11" "url": "https://security.gentoo.org/glsa/201612-36"
}, },
{ {
"name" : "http://www.ocert.org/advisories/ocert-2014-007.html", "name": "openSUSE-SU-2015:2207",
"refsource" : "MISC", "refsource": "SUSE",
"url" : "http://www.ocert.org/advisories/ocert-2014-007.html" "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html"
}, },
{ {
"name" : "https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273", "name": "https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273" "url": "https://github.com/newsoft/libvncserver/commit/045a044e8ae79db9244593fbce154cdf6e843273"
}, },
{ {
"name" : "https://www.kde.org/info/security/advisory-20140923-1.txt", "name": "61506",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "https://www.kde.org/info/security/advisory-20140923-1.txt" "url": "http://secunia.com/advisories/61506"
}, },
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "name": "https://www.kde.org/info/security/advisory-20140923-1.txt",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" "url": "https://www.kde.org/info/security/advisory-20140923-1.txt"
}, },
{ {
"name" : "DSA-3081", "name": "RHSA-2015:0113",
"refsource" : "DEBIAN", "refsource": "REDHAT",
"url" : "http://www.debian.org/security/2014/dsa-3081" "url": "http://rhn.redhat.com/errata/RHSA-2015-0113.html"
}, },
{ {
"name" : "FEDORA-2014-11537", "name": "[oss-security] 20140925 [oCERT-2014-007] libvncserver multiple issues",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html" "url": "http://www.openwall.com/lists/oss-security/2014/09/25/11"
}, },
{ {
"name" : "FEDORA-2014-11685", "name": "[oss-security] 20140923 Multiple issues in libVNCserver",
"refsource" : "FEDORA", "refsource": "MLIST",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html" "url": "http://seclists.org/oss-sec/2014/q3/639"
}, },
{ {
"name" : "GLSA-201507-07", "name": "GLSA-201507-07",
"refsource" : "GENTOO", "refsource": "GENTOO",
"url" : "https://security.gentoo.org/glsa/201507-07" "url": "https://security.gentoo.org/glsa/201507-07"
}, },
{ {
"name" : "GLSA-201612-36", "name": "70093",
"refsource" : "GENTOO", "refsource": "BID",
"url" : "https://security.gentoo.org/glsa/201612-36" "url": "http://www.securityfocus.com/bid/70093"
}, },
{ {
"name" : "RHSA-2015:0113", "name": "DSA-3081",
"refsource" : "REDHAT", "refsource": "DEBIAN",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0113.html" "url": "http://www.debian.org/security/2014/dsa-3081"
}, },
{ {
"name" : "openSUSE-SU-2015:2207", "name": "FEDORA-2014-11537",
"refsource" : "SUSE", "refsource": "FEDORA",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00022.html" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139445.html"
}, },
{ {
"name" : "70093", "name": "FEDORA-2014-11685",
"refsource" : "BID", "refsource": "FEDORA",
"url" : "http://www.securityfocus.com/bid/70093" "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139654.html"
}, },
{ {
"name" : "61506", "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/61506" "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
} }
] ]
} }

92
2014/6xxx/CVE-2014-6186.json
View File

@ -1,86 +1,86 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2014-6186", "ID": "CVE-2014-6186",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.1 allows remote authenticated users to bypass intended object-access restrictions via the datagraph." "value": "IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.1 allows remote authenticated users to bypass intended object-access restrictions via the datagraph."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21693379", "name": "ibm-wsrr-cve20146186-sec-bypass(98549)",
"refsource" : "CONFIRM", "refsource": "XF",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21693379" "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98549"
}, },
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21693381", "name": "IV26309",
"refsource" : "CONFIRM", "refsource": "AIXAPAR",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21693381" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV26309"
}, },
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21693384", "name": "http://www.ibm.com/support/docview.wss?uid=swg21693384",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21693384" "url": "http://www.ibm.com/support/docview.wss?uid=swg21693384"
}, },
{ {
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21693387", "name": "http://www.ibm.com/support/docview.wss?uid=swg21693379",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21693387" "url": "http://www.ibm.com/support/docview.wss?uid=swg21693379"
}, },
{ {
"name" : "IV26309", "name": "http://www.ibm.com/support/docview.wss?uid=swg21693381",
"refsource" : "AIXAPAR", "refsource": "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV26309" "url": "http://www.ibm.com/support/docview.wss?uid=swg21693381"
}, },
{ {
"name" : "ibm-wsrr-cve20146186-sec-bypass(98549)", "name": "http://www.ibm.com/support/docview.wss?uid=swg21693387",
"refsource" : "XF", "refsource": "CONFIRM",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98549" "url": "http://www.ibm.com/support/docview.wss?uid=swg21693387"
} }
] ]
} }

326
2014/6xxx/CVE-2014-6531.json
View File

@ -1,281 +1,281 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-6531", "ID": "CVE-2014-6531",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries." "value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Libraries."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", "name": "60414",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" "url": "http://secunia.com/advisories/60414"
}, },
{ {
"name" : "http://linux.oracle.com/errata/ELSA-2014-1633.html", "name": "RHSA-2014:1880",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://linux.oracle.com/errata/ELSA-2014-1633.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
}, },
{ {
"name" : "http://linux.oracle.com/errata/ELSA-2014-1634.html", "name": "RHSA-2014:1657",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://linux.oracle.com/errata/ELSA-2014-1634.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
}, },
{ {
"name" : "http://linux.oracle.com/errata/ELSA-2014-1636", "name": "RHSA-2014:1877",
"refsource" : "CONFIRM", "refsource": "REDHAT",
"url" : "http://linux.oracle.com/errata/ELSA-2014-1636" "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
}, },
{ {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21688283", "name": "61609",
"refsource" : "CONFIRM", "refsource": "SECUNIA",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21688283" "url": "http://secunia.com/advisories/61609"
}, },
{ {
"name" : "DSA-3077", "name": "61928",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2014/dsa-3077" "url": "http://secunia.com/advisories/61928"
}, },
{ {
"name" : "DSA-3080", "name": "61163",
"refsource" : "DEBIAN", "refsource": "SECUNIA",
"url" : "http://www.debian.org/security/2014/dsa-3080" "url": "http://secunia.com/advisories/61163"
}, },
{ {
"name" : "GLSA-201502-12", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
"refsource" : "GENTOO", "refsource": "CONFIRM",
"url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
}, },
{ {
"name" : "HPSBUX03218", "name": "USN-2386-1",
"refsource" : "HP", "refsource": "UBUNTU",
"url" : "http://marc.info/?l=bugtraq&m=141775382904016&w=2" "url": "http://www.ubuntu.com/usn/USN-2386-1"
}, },
{ {
"name" : "SSRT101770", "name": "http://linux.oracle.com/errata/ELSA-2014-1633.html",
"refsource" : "HP", "refsource": "CONFIRM",
"url" : "http://marc.info/?l=bugtraq&m=141775382904016&w=2" "url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
}, },
{ {
"name" : "RHSA-2014:1620", "name": "USN-2388-1",
"refsource" : "REDHAT", "refsource": "UBUNTU",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1620.html" "url": "http://www.ubuntu.com/usn/USN-2388-1"
}, },
{ {
"name" : "RHSA-2014:1633", "name": "HPSBUX03218",
"refsource" : "REDHAT", "refsource": "HP",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1633.html" "url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2"
}, },
{ {
"name" : "RHSA-2014:1634", "name": "RHSA-2014:1881",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1634.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
}, },
{ {
"name" : "RHSA-2014:1636", "name": "61629",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1636.html" "url": "http://secunia.com/advisories/61629"
}, },
{ {
"name" : "RHSA-2014:1657", "name": "SUSE-SU-2014:1549",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1657.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
}, },
{ {
"name" : "RHSA-2014:1658", "name": "61018",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1658.html" "url": "http://secunia.com/advisories/61018"
}, },
{ {
"name" : "RHSA-2014:1876", "name": "SUSE-SU-2015:0376",
"refsource" : "REDHAT", "refsource": "SUSE",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1876.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
}, },
{ {
"name" : "RHSA-2014:1877", "name": "RHSA-2014:1876",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1877.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
}, },
{ {
"name" : "RHSA-2014:1880", "name": "http://linux.oracle.com/errata/ELSA-2014-1634.html",
"refsource" : "REDHAT", "refsource": "CONFIRM",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1880.html" "url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
}, },
{ {
"name" : "RHSA-2014:1881", "name": "61346",
"refsource" : "REDHAT", "refsource": "SECUNIA",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1881.html" "url": "http://secunia.com/advisories/61346"
}, },
{ {
"name" : "RHSA-2014:1882", "name": "RHSA-2015:0264",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1882.html" "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
}, },
{ {
"name" : "RHSA-2015:0264", "name": "RHSA-2014:1634",
"refsource" : "REDHAT", "refsource": "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2015-0264.html" "url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
}, },
{ {
"name" : "SUSE-SU-2014:1422", "name": "USN-2388-2",
"refsource" : "SUSE", "refsource": "UBUNTU",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html" "url": "http://www.ubuntu.com/usn/USN-2388-2"
}, },
{ {
"name" : "SUSE-SU-2014:1526", "name": "SUSE-SU-2014:1422",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
}, },
{ {
"name" : "SUSE-SU-2014:1549", "name": "DSA-3080",
"refsource" : "SUSE", "refsource": "DEBIAN",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html" "url": "http://www.debian.org/security/2014/dsa-3080"
}, },
{ {
"name" : "SUSE-SU-2015:0344", "name": "SUSE-SU-2015:0392",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
}, },
{ {
"name" : "SUSE-SU-2015:0345", "name": "SUSE-SU-2014:1526",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
}, },
{ {
"name" : "SUSE-SU-2015:0376", "name": "SUSE-SU-2015:0345",
"refsource" : "SUSE", "refsource": "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
}, },
{ {
"name" : "SUSE-SU-2015:0392", "name": "60416",
"refsource" : "SUSE", "refsource": "SECUNIA",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html" "url": "http://secunia.com/advisories/60416"
}, },
{ {
"name" : "USN-2386-1", "name": "RHSA-2014:1882",
"refsource" : "UBUNTU", "refsource": "REDHAT",
"url" : "http://www.ubuntu.com/usn/USN-2386-1" "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
}, },
{ {
"name" : "USN-2388-1", "name": "RHSA-2014:1633",
"refsource" : "UBUNTU", "refsource": "REDHAT",
"url" : "http://www.ubuntu.com/usn/USN-2388-1" "url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
}, },
{ {
"name" : "USN-2388-2", "name": "RHSA-2014:1636",
"refsource" : "UBUNTU", "refsource": "REDHAT",
"url" : "http://www.ubuntu.com/usn/USN-2388-2" "url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
}, },
{ {
"name" : "70572", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/70572" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
}, },
{ {
"name" : "60414", "name": "RHSA-2014:1658",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/60414" "url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
}, },
{ {
"name" : "60416", "name": "61164",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/60416" "url": "http://secunia.com/advisories/61164"
}, },
{ {
"name" : "60417", "name": "SSRT101770",
"refsource" : "SECUNIA", "refsource": "HP",
"url" : "http://secunia.com/advisories/60417" "url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2"
}, },
{ {
"name" : "61018", "name": "DSA-3077",
"refsource" : "SECUNIA", "refsource": "DEBIAN",
"url" : "http://secunia.com/advisories/61018" "url": "http://www.debian.org/security/2014/dsa-3077"
}, },
{ {
"name" : "61020", "name": "http://linux.oracle.com/errata/ELSA-2014-1636",
"refsource" : "SECUNIA", "refsource": "CONFIRM",
"url" : "http://secunia.com/advisories/61020" "url": "http://linux.oracle.com/errata/ELSA-2014-1636"
}, },
{ {
"name" : "61143", "name": "GLSA-201502-12",
"refsource" : "SECUNIA", "refsource": "GENTOO",
"url" : "http://secunia.com/advisories/61143" "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
}, },
{ {
"name" : "61629", "name": "61020",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/61629" "url": "http://secunia.com/advisories/61020"
}, },
{ {
"name" : "61163", "name": "61143",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/61163" "url": "http://secunia.com/advisories/61143"
}, },
{ {
"name" : "61164", "name": "SUSE-SU-2015:0344",
"refsource" : "SECUNIA", "refsource": "SUSE",
"url" : "http://secunia.com/advisories/61164" "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
}, },
{ {
"name" : "61346", "name": "60417",
"refsource" : "SECUNIA", "refsource": "SECUNIA",
"url" : "http://secunia.com/advisories/61346" "url": "http://secunia.com/advisories/60417"
}, },
{ {
"name" : "61609", "name": "70572",
"refsource" : "SECUNIA", "refsource": "BID",
"url" : "http://secunia.com/advisories/61609" "url": "http://www.securityfocus.com/bid/70572"
}, },
{ {
"name" : "61928", "name": "RHSA-2014:1620",
"refsource" : "SECUNIA", "refsource": "REDHAT",
"url" : "http://secunia.com/advisories/61928" "url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
} }
] ]
} }

68
2014/6xxx/CVE-2014-6547.json
View File

@ -1,66 +1,66 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2014-6547", "ID": "CVE-2014-6547",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, and CVE-2014-6477." "value": "Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, and CVE-2014-6477."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
}, },
{ {
"name" : "70536", "name": "70536",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/70536" "url": "http://www.securityfocus.com/bid/70536"
} }
] ]
} }

74
2014/6xxx/CVE-2014-6808.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cert@cert.org",
"ID" : "CVE-2014-6808", "ID": "CVE-2014-6808",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Active 24 (aka com.zentity.app.active24) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." "value": "The Active 24 (aka com.zentity.app.active24) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", "name": "VU#132025",
"refsource" : "MISC", "refsource": "CERT-VN",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" "url": "http://www.kb.cert.org/vuls/id/132025"
}, },
{ {
"name" : "VU#132025", "name": "VU#582497",
"refsource" : "CERT-VN", "refsource": "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/132025" "url": "http://www.kb.cert.org/vuls/id/582497"
}, },
{ {
"name" : "VU#582497", "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "CERT-VN", "refsource": "MISC",
"url" : "http://www.kb.cert.org/vuls/id/582497" "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
} }
] ]
} }

74
2017/0xxx/CVE-2017-0035.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2017-0035", "ID": "CVE-2017-0035",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Browser", "product_name": "Browser",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Browser" "version_value": "Browser"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151." "value": "A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability is different from those described in CVE-2017-0010, CVE-2017-0015, CVE-2017-0032, CVE-2017-0067, CVE-2017-0070, CVE-2017-0071, CVE-2017-0094, CVE-2017-0131, CVE-2017-0132, CVE-2017-0133, CVE-2017-0134, CVE-2017-0136, CVE-2017-0137, CVE-2017-0138, CVE-2017-0141, CVE-2017-0150, and CVE-2017-0151."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote Code Execution" "value": "Remote Code Execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0035", "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0035",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0035" "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0035"
}, },
{ {
"name" : "96082", "name": "1038006",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/96082" "url": "http://www.securitytracker.com/id/1038006"
}, },
{ {
"name" : "1038006", "name": "96082",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1038006" "url": "http://www.securityfocus.com/bid/96082"
} }
] ]
} }

62
2017/0xxx/CVE-2017-0348.json
View File

@ -1,61 +1,61 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@nvidia.com", "ASSIGNER": "psirt@nvidia.com",
"ID" : "CVE-2017-0348", "ID": "CVE-2017-0348",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "GPU Display Driver", "product_name": "GPU Display Driver",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All versions" "version_value": "All versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Nvidia Corporation" "vendor_name": "Nvidia Corporation"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges." "value": "All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Denial of Service, Escalation of Privileges" "value": "Denial of Service, Escalation of Privileges"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4462", "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4462",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4462" "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4462"
} }
] ]
} }

74
2017/0xxx/CVE-2017-0477.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0477", "ID": "CVE-2017-0477",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Android-7.1.1" "version_value": "Android-7.1.1"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 7.1.1. Android ID: A-33621647." "value": "A remote code execution vulnerability in libgdx could enable an attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. Product: Android. Versions: 7.1.1. Android ID: A-33621647."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Remote code execution" "value": "Remote code execution"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-03-01", "name": "96760",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://source.android.com/security/bulletin/2017-03-01" "url": "http://www.securityfocus.com/bid/96760"
}, },
{ {
"name" : "96760", "name": "https://source.android.com/security/bulletin/2017-03-01",
"refsource" : "BID", "refsource": "CONFIRM",
"url" : "http://www.securityfocus.com/bid/96760" "url": "https://source.android.com/security/bulletin/2017-03-01"
}, },
{ {
"name" : "1037968", "name": "1037968",
"refsource" : "SECTRACK", "refsource": "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037968" "url": "http://www.securitytracker.com/id/1037968"
} }
] ]
} }

74
2017/0xxx/CVE-2017-0501.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0501", "ID": "CVE-2017-0501",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28430015. References: M-ALPS02708983." "value": "An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28430015. References: M-ALPS02708983."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Elevation of privilege" "value": "Elevation of privilege"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.android.com/security/bulletin/2017-03-01", "name": "https://source.android.com/security/bulletin/2017-03-01",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-03-01" "url": "https://source.android.com/security/bulletin/2017-03-01"
}, },
{ {
"name" : "96726", "name": "1037968",
"refsource" : "BID", "refsource": "SECTRACK",
"url" : "http://www.securityfocus.com/bid/96726" "url": "http://www.securitytracker.com/id/1037968"
}, },
{ {
"name" : "1037968", "name": "96726",
"refsource" : "SECTRACK", "refsource": "BID",
"url" : "http://www.securitytracker.com/id/1037968" "url": "http://www.securityfocus.com/bid/96726"
} }
] ]
} }

76
2017/0xxx/CVE-2017-0905.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC" : "2017-11-06T00:00:00", "DATE_PUBLIC": "2017-11-06T00:00:00",
"ID" : "CVE-2017-0905", "ID": "CVE-2017-0905",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "recurly ruby gem", "product_name": "recurly ruby gem",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Versions before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3" "version_value": "Versions before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Recurly" "vendor_name": "Recurly"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the \"Resource#find\" method that could result in compromise of API keys or other critical resources." "value": "The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the \"Resource#find\" method that could result in compromise of API keys or other critical resources."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Server-Side Request Forgery (SSRF) (CWE-918)" "value": "Server-Side Request Forgery (SSRF) (CWE-918)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://hackerone.com/reports/288635", "name": "https://dev.recurly.com/page/ruby-updates",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://hackerone.com/reports/288635" "url": "https://dev.recurly.com/page/ruby-updates"
}, },
{ {
"name" : "https://dev.recurly.com/page/ruby-updates", "name": "https://hackerone.com/reports/288635",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://dev.recurly.com/page/ruby-updates" "url": "https://hackerone.com/reports/288635"
}, },
{ {
"name" : "https://github.com/recurly/recurly-client-ruby/commit/1bb0284d6e668b8b3d31167790ed6db1f6ccc4be", "name": "https://github.com/recurly/recurly-client-ruby/commit/1bb0284d6e668b8b3d31167790ed6db1f6ccc4be",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://github.com/recurly/recurly-client-ruby/commit/1bb0284d6e668b8b3d31167790ed6db1f6ccc4be" "url": "https://github.com/recurly/recurly-client-ruby/commit/1bb0284d6e668b8b3d31167790ed6db1f6ccc4be"
} }
] ]
} }

72
2017/0xxx/CVE-2017-0914.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "support@hackerone.com", "ASSIGNER": "support@hackerone.com",
"ID" : "CVE-2017-0914", "ID": "CVE-2017-0914",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "GitLab Community and Enterprise Editions", "product_name": "GitLab Community and Enterprise Editions",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.1.0 - 10.1.5 Fixed in 10.1.6" "version_value": "9.1.0 - 10.1.5 Fixed in 10.1.6"
}, },
{ {
"version_value" : "10.2.0 - 10.2.5 Fixed in 10.2.6" "version_value": "10.2.0 - 10.2.5 Fixed in 10.2.6"
}, },
{ {
"version_value" : "10.3.0 - 10.3.3 Fixed in 10.3.4" "version_value": "10.3.0 - 10.3.3 Fixed in 10.3.4"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "GitLab" "vendor_name": "GitLab"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database." "value": "Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)" "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://hackerone.com/reports/298176", "name": "https://hackerone.com/reports/298176",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://hackerone.com/reports/298176" "url": "https://hackerone.com/reports/298176"
}, },
{ {
"name" : "https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/", "name": "https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/" "url": "https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/"
} }
] ]
} }

67
2017/1000xxx/CVE-2017-1000362.json
View File

@ -1,65 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1000362", "ID": "CVE-2017-1000362",
"REQUESTER" : "danielbeck@beckweb.net", "REQUESTER": "danielbeck@beckweb.net",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Jenkins", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.32.1" "version_value": "n/a"
},
{
"version_value" : "2.43"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Jenkins" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins now deletes the backup directory, if present. Upgrading from before 1.498 will no longer create a backup directory. Administrators relying on file access permissions in their manually created backups are advised to check them for the directory $JENKINS_HOME/jenkins.security.RekeySecretAdminMonitor/backups, and delete it if present." "value": "The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not removed afterwards. Jenkins now deletes the backup directory, if present. Upgrading from before 1.498 will no longer create a backup directory. Administrators relying on file access permissions in their manually created backups are advised to check them for the directory $JENKINS_HOME/jenkins.security.RekeySecretAdminMonitor/backups, and delete it if present."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CWE-276" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://jenkins.io/security/advisory/2017-02-01/", "name": "https://jenkins.io/security/advisory/2017-02-01/",
"refsource" : "CONFIRM", "refsource": "CONFIRM",
"url" : "https://jenkins.io/security/advisory/2017-02-01/" "url": "https://jenkins.io/security/advisory/2017-02-01/"
} }
] ]
} }

66
2017/1000xxx/CVE-2017-1000454.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-12-29", "DATE_ASSIGNED": "2017-12-29",
"ID" : "CVE-2017-1000454", "ID": "CVE-2017-1000454",
"REQUESTER" : "daniel@scrt.ch", "REQUESTER": "daniel@scrt.ch",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "CMS Made Simple", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.1.6, 2.2, 2.2.1" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "CMS Made Simple" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and local file inclusion since 2.2.1" "value": "CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and local file inclusion since 2.2.1"
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Server Side Template Injection" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://www.cmsmadesimple.org/2017/07/Announcing-CMSMS-2.2.2-Hearts-Content", "name": "https://www.cmsmadesimple.org/2017/07/Announcing-CMSMS-2.2.2-Hearts-Content",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://www.cmsmadesimple.org/2017/07/Announcing-CMSMS-2.2.2-Hearts-Content" "url": "https://www.cmsmadesimple.org/2017/07/Announcing-CMSMS-2.2.2-Hearts-Content"
} }
] ]
} }

74
2017/18xxx/CVE-2017-18068.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"ID" : "CVE-2017-18068", "ID": "CVE-2017-18068",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper buffer length calculation in wma_roam_scan_filter() leads to buffer overflow." "value": "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper buffer length calculation in wma_roam_scan_filter() leads to buffer overflow."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=b91ad6cf984a48ad52fe5af13cb3e0ac4bf012ed", "name": "https://source.android.com/security/bulletin/2018-03-01",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=b91ad6cf984a48ad52fe5af13cb3e0ac4bf012ed" "url": "https://source.android.com/security/bulletin/2018-03-01"
}, },
{ {
"name" : "https://source.android.com/security/bulletin/2018-03-01", "name": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=b91ad6cf984a48ad52fe5af13cb3e0ac4bf012ed",
"refsource" : "CONFIRM", "refsource": "MISC",
"url" : "https://source.android.com/security/bulletin/2018-03-01" "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=b91ad6cf984a48ad52fe5af13cb3e0ac4bf012ed"
}, },
{ {
"name" : "103254", "name": "103254",
"refsource" : "BID", "refsource": "BID",
"url" : "http://www.securityfocus.com/bid/103254" "url": "http://www.securityfocus.com/bid/103254"
} }
] ]
} }

74
2017/18xxx/CVE-2017-18355.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-18355", "ID": "CVE-2017-18355",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "Installed packages are exposed by node_modules in Rendertron 1.0.0, allowing remote attackers to read absolute paths on the server by examining the \"_where\" attribute of package.json files." "value": "Installed packages are exposed by node_modules in Rendertron 1.0.0, allowing remote attackers to read absolute paths on the server by examining the \"_where\" attribute of package.json files."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=759111", "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=759111",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=759111" "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=759111"
}, },
{ {
"name" : "https://github.com/GoogleChrome/rendertron/commit/8d70628c96ae72eff6eebb451d26fc9ed6b58b0e", "name": "https://github.com/GoogleChrome/rendertron/commit/8d70628c96ae72eff6eebb451d26fc9ed6b58b0e",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/GoogleChrome/rendertron/commit/8d70628c96ae72eff6eebb451d26fc9ed6b58b0e" "url": "https://github.com/GoogleChrome/rendertron/commit/8d70628c96ae72eff6eebb451d26fc9ed6b58b0e"
}, },
{ {
"name" : "https://github.com/GoogleChrome/rendertron/pull/88", "name": "https://github.com/GoogleChrome/rendertron/pull/88",
"refsource" : "MISC", "refsource": "MISC",
"url" : "https://github.com/GoogleChrome/rendertron/pull/88" "url": "https://github.com/GoogleChrome/rendertron/pull/88"
} }
] ]
} }

22
2017/1xxx/CVE-2017-1667.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1667", "ID": "CVE-2017-1667",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }

22
2017/1xxx/CVE-2017-1828.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1828", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-1828",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/1xxx/CVE-2017-1839.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-1839", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-1839",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4624.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4624", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4624",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4714.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4714", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4714",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4790.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4790", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4790",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

22
2017/4xxx/CVE-2017-4842.json
View File

@ -1,17 +1,17 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4842", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
"ID": "CVE-2017-4842",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
}, },
"data_format" : "MITRE", "description": {
"data_type" : "CVE", "description_data": [
"data_version" : "4.0",
"description" : {
"description_data" : [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }

74
2017/5xxx/CVE-2017-5556.json
View File

@ -1,71 +1,71 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-5556", "ID": "CVE-2017-5556",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
] ]
} }
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process." "value": "The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process."
} }
] ]
}, },
"problemtype" : { "problemtype": {
"problemtype_data" : [ "problemtype_data": [
{ {
"description" : [ "description": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "n/a" "value": "n/a"
} }
] ]
} }
] ]
}, },
"references" : { "references": {
"reference_data" : [ "reference_data": [
{ {
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-17-039/", "name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource" : "MISC", "refsource": "CONFIRM",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-17-039/" "url": "https://www.foxitsoftware.com/support/security-bulletins.php"
}, },
{ {
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", "name": "95353",
"refsource" : "CONFIRM", "refsource": "BID",
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "url": "http://www.securityfocus.com/bid/95353"
}, },
{ {
"name" : "95353", "name": "http://www.zerodayinitiative.com/advisories/ZDI-17-039/",
"refsource" : "BID", "refsource": "MISC",
"url" : "http://www.securityfocus.com/bid/95353" "url": "http://www.zerodayinitiative.com/advisories/ZDI-17-039/"
} }
] ]
} }