From 184c0be3dadfa8ef3af6036cd5b6525ae5f9d716 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 4 Jun 2018 15:27:02 -0400 Subject: [PATCH] Adding 3 CVEs for Talos. --- 2016/9xxx/CVE-2016-9042.json | 49 +++++++++++++++++++++++++++++++--- 2017/12xxx/CVE-2017-12092.json | 49 +++++++++++++++++++++++++++++++--- 2018/3xxx/CVE-2018-3853.json | 49 +++++++++++++++++++++++++++++++--- 3 files changed, 138 insertions(+), 9 deletions(-) diff --git a/2016/9xxx/CVE-2016-9042.json b/2016/9xxx/CVE-2016-9042.json index d6f74bbed7c..4d029967e70 100644 --- a/2016/9xxx/CVE-2016-9042.json +++ b/2016/9xxx/CVE-2016-9042.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", + "DATE_PUBLIC" : "2017-03-29T00:00:00", "ID" : "CVE-2016-9042", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Network Time Protocol", + "version" : { + "version_data" : [ + { + "version_value" : "NTP 4.2.8p9" + } + ] + } + } + ] + }, + "vendor_name" : "Talos" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "denial of service" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0260" } ] } diff --git a/2017/12xxx/CVE-2017-12092.json b/2017/12xxx/CVE-2017-12092.json index 14d1e0c8e07..b7b9de0e299 100644 --- a/2017/12xxx/CVE-2017-12092.json +++ b/2017/12xxx/CVE-2017-12092.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", + "DATE_PUBLIC" : "2018-03-28T00:00:00", "ID" : "CVE-2017-12092", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Allen Bradley", + "version" : { + "version_data" : [ + { + "version_value" : "Allen Bradley Micrologix 1400 Series B FRN 21.2 Allen Bradley Micrologix 1400 Series B FRN 21.0 Allen Bradley Micrologix 1400 Series B FRN 15" + } + ] + } + } + ] + }, + "vendor_name" : "Talos" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a file write resulting in a new program being written to the memory module. An attacker can send an unauthenticated packet to trigger this vulnerability." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "information exposure" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0444" } ] } diff --git a/2018/3xxx/CVE-2018-3853.json b/2018/3xxx/CVE-2018-3853.json index 144162ebc72..0f2f220d601 100644 --- a/2018/3xxx/CVE-2018-3853.json +++ b/2018/3xxx/CVE-2018-3853.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "talos-cna@cisco.com", + "DATE_PUBLIC" : "2018-04-19T00:00:00", "ID" : "CVE-2018-3853", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Foxit", + "version" : { + "version_data" : [ + { + "version_value" : "Foxit PDF Reader 9.0.1.1049" + } + ] + } + } + ] + }, + "vendor_name" : "Talos" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "remote code execution" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0536" } ] }