From 1ae81798de88f5c0d328c057723c2b1329710cf2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 6 May 2018 19:03:14 -0400 Subject: [PATCH] - Synchronized data. --- 2018/10xxx/CVE-2018-10767.json | 48 ++++++++++++++++++++++++++++++++-- 2018/10xxx/CVE-2018-10768.json | 48 ++++++++++++++++++++++++++++++++-- 2 files changed, 92 insertions(+), 4 deletions(-) diff --git a/2018/10xxx/CVE-2018-10767.json b/2018/10xxx/CVE-2018-10767.json index bfc827e4bc8..f1bc62c9782 100644 --- a/2018/10xxx/CVE-2018-10767.json +++ b/2018/10xxx/CVE-2018-10767.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-10767", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1575188", + "refsource" : "MISC", + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1575188" } ] } diff --git a/2018/10xxx/CVE-2018-10768.json b/2018/10xxx/CVE-2018-10768.json index 041156c17f4..65dcc60cc2f 100644 --- a/2018/10xxx/CVE-2018-10768.json +++ b/2018/10xxx/CVE-2018-10768.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-10768", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugs.freedesktop.org/show_bug.cgi?id=106408", + "refsource" : "MISC", + "url" : "https://bugs.freedesktop.org/show_bug.cgi?id=106408" } ] }