admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 06:58:12 +00:00
parent fcd2edc5c3
commit 1f535da4f9
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 4510 additions and 4510 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

242
2006/2xxx/CVE-2006-2071.json
View File

@ -1,211 +1,211 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2071",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2071",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs."
"lang": "eng",
"value": "Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
"name": "oval:org.mitre.oval:def:9978",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9978"
},
{
"name" : "20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
"name": "ADV-2006-4502",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4502"
},
{
"name" : "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
"name": "linux-mprotect-security-bypass(26169)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26169"
},
{
"name" : "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
"name": "ADV-2006-1391",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1391"
},
{
"name" : "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6",
"refsource" : "CONFIRM",
"url" : "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6"
"name": "RHSA-2006:0579",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0579.html"
},
{
"name" : "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b78b6af66a5fbaf17d7e6bfc32384df5e34408c8",
"refsource" : "CONFIRM",
"url" : "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b78b6af66a5fbaf17d7e6bfc32384df5e34408c8"
"name": "20716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20716"
},
{
"name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190073",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190073"
"name": "22875",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22875"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm"
"name": "22292",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22292"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm"
"name": "RHSA-2006:0689",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0689.html"
},
{
"name" : "http://www.vmware.com/download/esx/esx-202-200610-patch.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
"name": "http://www.vmware.com/download/esx/esx-202-200610-patch.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/download/esx/esx-202-200610-patch.html"
},
{
"name" : "http://www.vmware.com/download/esx/esx-213-200610-patch.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
"name": "USN-302-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-302-1"
},
{
"name" : "http://www.vmware.com/download/esx/esx-254-200610-patch.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
"name": "20061113 VMSA-2006-0008 - VMware ESX Server 2.0.2 Upgrade Patch 2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451426/100/200/threaded"
},
{
"name" : "MDKSA-2006:086",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:086"
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190073",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190073"
},
{
"name" : "RHSA-2006:0579",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0579.html"
"name": "21035",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21035"
},
{
"name" : "RHSA-2006:0580",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0580.html"
"name": "http://www.vmware.com/download/esx/esx-213-200610-patch.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/download/esx/esx-213-200610-patch.html"
},
{
"name" : "RHSA-2006:0689",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0689.html"
"name": "RHSA-2006:0580",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0580.html"
},
{
"name" : "RHSA-2006:0710",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0710.html"
"name": "23064",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23064"
},
{
"name" : "USN-302-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-302-1"
"name": "http://www.vmware.com/download/esx/esx-254-200610-patch.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/download/esx/esx-254-200610-patch.html"
},
{
"name" : "oval:org.mitre.oval:def:9978",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9978"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-249.htm"
},
{
"name" : "ADV-2006-4502",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4502"
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-254.htm"
},
{
"name" : "ADV-2006-1391",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1391"
"name": "22497",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22497"
},
{
"name" : "25139",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/25139"
"name": "20061113 VMSA-2006-0006 - VMware ESX Server 2.5.3 Upgrade Patch 4",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451404/100/0/threaded"
},
{
"name" : "20157",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20157"
"name": "25139",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25139"
},
{
"name" : "20716",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20716"
"name": "22945",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22945"
},
{
"name" : "21035",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21035"
"name": "RHSA-2006:0710",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0710.html"
},
{
"name" : "22292",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22292"
"name": "20061113 VMSA-2006-0007 - VMware ESX Server 2.1.3 Upgrade Patch 2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451417/100/200/threaded"
},
{
"name" : "22497",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22497"
"name": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b78b6af66a5fbaf17d7e6bfc32384df5e34408c8",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b78b6af66a5fbaf17d7e6bfc32384df5e34408c8"
},
{
"name" : "22945",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22945"
"name": "MDKSA-2006:086",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:086"
},
{
"name" : "22875",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22875"
"name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6",
"refsource": "CONFIRM",
"url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.16.6"
},
{
"name" : "23064",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23064"
"name": "20061113 VMSA-2006-0005 - VMware ESX Server 2.5.4 Upgrade Patch 1",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451419/100/200/threaded"
},
{
"name" : "linux-mprotect-security-bypass(26169)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26169"
"name": "20157",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20157"
}
]
}

86
2006/2xxx/CVE-2006-2154.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2154",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2154",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog."
"lang": "eng",
"value": "EMC Retrospect for Windows 6.5 before 6.5.382, 7.0 before 7.0.344, and 7.5 before 7.5.1.105 does not drop privileges before opening files, which allows local users to execute arbitrary code via the File>Open dialog."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9507&r=0.7344324",
"refsource" : "CONFIRM",
"url" : "http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9507&r=0.7344324"
"name": "retrospect-fileopen-privilege-escalation(26226)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26226"
},
{
"name" : "17798",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17798"
"name": "ADV-2006-1612",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1612"
},
{
"name" : "ADV-2006-1612",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1612"
"name": "19850",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19850"
},
{
"name" : "19850",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/19850"
"name": "17798",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17798"
},
{
"name" : "retrospect-fileopen-privilege-escalation(26226)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26226"
"name": "http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9507&r=0.7344324",
"refsource": "CONFIRM",
"url": "http://kb.dantz.com/display/2n/articleDirect/index.asp?aid=9507&r=0.7344324"
}
]
}

22
2006/2xxx/CVE-2006-2597.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2597",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-2597",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2585. Reason: This candidate is a duplicate of CVE-2006-2585. Notes: All CVE users should reference CVE-2006-2585 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-2585. Reason: This candidate is a duplicate of CVE-2006-2585. Notes: All CVE users should reference CVE-2006-2585 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

22
2006/3xxx/CVE-2006-3133.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3133",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3133",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

98
2006/3xxx/CVE-2006-3145.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3145",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3145",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error."
"lang": "eng",
"value": "Buffer overflow in pamtofits of NetPBM 10.30 through 10.33 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code when assembling the header, possibly related to an off-by-one error."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://sourceforge.net/project/shownotes.php?release_id=425770",
"refsource" : "CONFIRM",
"url" : "http://sourceforge.net/project/shownotes.php?release_id=425770"
"name": "ADV-2006-2449",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2449"
},
{
"name" : "2006-0037",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2006/0037"
"name": "netpbm-pamtofits-offbyone-bo(27244)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27244"
},
{
"name" : "18525",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18525"
"name": "20775",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20775"
},
{
"name" : "ADV-2006-2449",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2449"
"name": "http://sourceforge.net/project/shownotes.php?release_id=425770",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=425770"
},
{
"name" : "20729",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20729"
"name": "2006-0037",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0037"
},
{
"name" : "20775",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20775"
"name": "20729",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20729"
},
{
"name" : "netpbm-pamtofits-offbyone-bo(27244)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27244"
"name": "18525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18525"
}
]
}

98
2006/3xxx/CVE-2006-3956.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3956",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3956",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in contact.php in Advanced Webhost Billing System (AWBS) 2.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) AccountUsername and (3) Message parameters."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in contact.php in Advanced Webhost Billing System (AWBS) 2.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) AccountUsername and (3) Message parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060729 XSS vulnerability on AWBS",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/441532/100/0/threaded"
"name": "ADV-2006-3061",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3061"
},
{
"name" : "19226",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19226"
"name": "awbs-contact-xss(28069)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28069"
},
{
"name" : "ADV-2006-3061",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3061"
"name": "20060729 XSS vulnerability on AWBS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441532/100/0/threaded"
},
{
"name" : "27629",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27629"
"name": "21296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21296"
},
{
"name" : "21296",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21296"
"name": "1317",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1317"
},
{
"name" : "1317",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1317"
"name": "19226",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19226"
},
{
"name" : "awbs-contact-xss(28069)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28069"
"name": "27629",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27629"
}
]
}

92
2006/4xxx/CVE-2006-4348.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4348",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4348",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in config.kochsuite.php in the Kochsuite (com_kochsuite) 0.9.4 component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in config.kochsuite.php in the Kochsuite (com_kochsuite) 0.9.4 component for Mambo and Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060818 Joomla Kochsuite Component <= 0.9.4 (config.kochsuite.php) Remote File Inclusion Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/443703/100/0/threaded"
"name": "2215",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2215"
},
{
"name" : "2215",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2215"
"name": "28098",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28098"
},
{
"name" : "19590",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19590"
"name": "kochsuite-config-file-include(28457)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28457"
},
{
"name" : "28098",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/28098"
"name": "19590",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19590"
},
{
"name" : "1447",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1447"
"name": "20060818 Joomla Kochsuite Component <= 0.9.4 (config.kochsuite.php) Remote File Inclusion Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443703/100/0/threaded"
},
{
"name" : "kochsuite-config-file-include(28457)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28457"
"name": "1447",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1447"
}
]
}

80
2006/6xxx/CVE-2006-6067.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6067",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6067",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in 20/20 DataShed (aka Real Estate Listing System) allow remote attackers to execute arbitrary SQL commands via the (1) itemID parameter to (a) f-email.asp, or the (2) peopleID and (2) sort_order parameters to (b) listings.asp, different vectors than CVE-2006-5955."
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in 20/20 DataShed (aka Real Estate Listing System) allow remote attackers to execute arbitrary SQL commands via the (1) itemID parameter to (a) f-email.asp, or the (2) peopleID and (2) sort_order parameters to (b) listings.asp, different vectors than CVE-2006-5955."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061117 20/20 datashed [ multiples injection sql ]",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/451962/100/0/threaded"
"name": "2020datashed-multiple-sql-injection(30402)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30402"
},
{
"name" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=40",
"refsource" : "MISC",
"url" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=40"
"name": "21156",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21156"
},
{
"name" : "21156",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21156"
"name": "20061117 20/20 datashed [ multiples injection sql ]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/451962/100/0/threaded"
},
{
"name" : "2020datashed-multiple-sql-injection(30402)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30402"
"name": "http://s-a-p.ca/index.php?page=OurAdvisories&id=40",
"refsource": "MISC",
"url": "http://s-a-p.ca/index.php?page=OurAdvisories&id=40"
}
]
}

98
2006/6xxx/CVE-2006-6082.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6082",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6082",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Creadirectory allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to addlisting.asp or the (2) search parameter to search.asp."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Creadirectory allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to addlisting.asp or the (2) search parameter to search.asp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061121 creadirectory [injection sql & xss]",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/452241/100/0/threaded"
"name": "21230",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21230"
},
{
"name" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=54",
"refsource" : "MISC",
"url" : "http://s-a-p.ca/index.php?page=OurAdvisories&id=54"
"name": "ADV-2006-4665",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4665"
},
{
"name" : "21230",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21230"
"name": "creadirectory-addlisting-search-xss(30473)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30473"
},
{
"name" : "ADV-2006-4665",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4665"
"name": "http://s-a-p.ca/index.php?page=OurAdvisories&id=54",
"refsource": "MISC",
"url": "http://s-a-p.ca/index.php?page=OurAdvisories&id=54"
},
{
"name" : "23067",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23067"
"name": "23067",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23067"
},
{
"name" : "1907",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1907"
"name": "1907",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1907"
},
{
"name" : "creadirectory-addlisting-search-xss(30473)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30473"
"name": "20061121 creadirectory [injection sql & xss]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/452241/100/0/threaded"
}
]
}

80
2006/6xxx/CVE-2006-6213.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6213",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6213",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "index.php in PEGames uses the extract function to overwrite critical variables, which allows remote attackers to conduct PHP remote file inclusion attacks via the abs_url parameter, which is later extracted to overwrite a previously uncontrolled value."
"lang": "eng",
"value": "index.php in PEGames uses the extract function to overwrite critical variables, which allows remote attackers to conduct PHP remote file inclusion attacks via the abs_url parameter, which is later extracted to overwrite a previously uncontrolled value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "2840",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2840"
"name": "pegames-index-file-include(30517)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30517"
},
{
"name" : "20061130 source VERIFY - PEGames RFI",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2006-November/001153.html"
"name": "2840",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2840"
},
{
"name" : "21266",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21266"
"name": "20061130 source VERIFY - PEGames RFI",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-November/001153.html"
},
{
"name" : "pegames-index-file-include(30517)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30517"
"name": "21266",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21266"
}
]
}

122
2006/6xxx/CVE-2006-6690.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6690",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6690",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector."
"lang": "eng",
"value": "rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3, 3.7 and 3.8 with the rtehtmlarea extension, and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php, and possibly another vector."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061220 SEC Consult SA-20061220-0 :: Typo3 Command Execution Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/454944/100/0/threaded"
"name": "20061220 SEC Consult SA-20061220-0 :: Typo3 Command Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/454944/100/0/threaded"
},
{
"name" : "[TYPO3-announce] 20061219 Pre-announcement for important security update",
"refsource" : "MLIST",
"url" : "http://lists.netfielders.de/pipermail/typo3-announce/2006/000045.html"
"name": "23466",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23466"
},
{
"name" : "[TYPO3-announce] 20061220 TYPO3 Security Bulletin TYPO3-20061220-1: Remote Command Execution in TYPO3",
"refsource" : "MLIST",
"url" : "http://lists.netfielders.de/pipermail/typo3-announce/2006/000046.html"
"name": "http://www.sec-consult.com/272.html",
"refsource": "MISC",
"url": "http://www.sec-consult.com/272.html"
},
{
"name" : "http://www.sec-consult.com/272.html",
"refsource" : "MISC",
"url" : "http://www.sec-consult.com/272.html"
"name": "[TYPO3-announce] 20061219 Pre-announcement for important security update",
"refsource": "MLIST",
"url": "http://lists.netfielders.de/pipermail/typo3-announce/2006/000045.html"
},
{
"name" : "http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9",
"refsource" : "CONFIRM",
"url" : "http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9"
"name": "1017428",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017428"
},
{
"name" : "21680",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21680"
"name": "2056",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2056"
},
{
"name" : "ADV-2006-5094",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/5094"
"name": "[TYPO3-announce] 20061220 TYPO3 Security Bulletin TYPO3-20061220-1: Remote Command Execution in TYPO3",
"refsource": "MLIST",
"url": "http://lists.netfielders.de/pipermail/typo3-announce/2006/000046.html"
},
{
"name" : "1017428",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017428"
"name": "23446",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23446"
},
{
"name" : "23446",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23446"
"name": "http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9",
"refsource": "CONFIRM",
"url": "http://typo3.org/news-single-view/?tx_newsimporter_pi1%5BshowItem%5D=0&cHash=e4a40a11a9"
},
{
"name" : "23466",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23466"
"name": "ADV-2006-5094",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5094"
},
{
"name" : "2056",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2056"
"name": "21680",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21680"
}
]
}

74
2006/7xxx/CVE-2006-7036.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7036",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7036",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in register.php for Andys Chat 4.5 allows remote attackers to execute arbitrary code via the action parameter. NOTE: this issue was announced by an unreliable researcher, but the vendor is no longer distributing the product, so the original claims can not be evaluated."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in register.php for Andys Chat 4.5 allows remote attackers to execute arbitrary code via the action parameter. NOTE: this issue was announced by an unreliable researcher, but the vendor is no longer distributing the product, so the original claims can not be evaluated."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060615 Andys Chat 4.5 (action) Remote File Inclusion",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/437300/30/4350/threaded"
"name": "andyschat-register-file-include(27187)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27187"
},
{
"name" : "2284",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2284"
"name": "2284",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2284"
},
{
"name" : "andyschat-register-file-include(27187)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27187"
"name": "20060615 Andys Chat 4.5 (action) Remote File Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/437300/30/4350/threaded"
}
]
}

80
2006/7xxx/CVE-2006-7194.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7194",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7194",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in modules/Mysqlfinder/MysqlfinderAdmin.php in Agora 1.4 RC1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the _SESSION[PATH_COMPOSANT] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061106 [ECHO_ADV_59_2006]Agora 1.4 RC1 \"$_SESSION[PATH_COMPOSANT]\"",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=116283849004075&w=2"
"name": "2726",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2726"
},
{
"name" : "2726",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2726"
"name": "http://advisories.echo.or.id/adv/adv59-theday-2006.txt",
"refsource": "MISC",
"url": "http://advisories.echo.or.id/adv/adv59-theday-2006.txt"
},
{
"name" : "http://advisories.echo.or.id/adv/adv59-theday-2006.txt",
"refsource" : "MISC",
"url" : "http://advisories.echo.or.id/adv/adv59-theday-2006.txt"
"name": "20061106 [ECHO_ADV_59_2006]Agora 1.4 RC1 \"$_SESSION[PATH_COMPOSANT]\"",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=116283849004075&w=2"
},
{
"name" : "agora-mysqlfinderadmin-file-include(30031)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30031"
"name": "agora-mysqlfinderadmin-file-include(30031)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30031"
}
]
}

134
2010/2xxx/CVE-2010-2703.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2703",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-2703",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe."
"lang": "eng",
"value": "Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20100721 VUPEN Security Research - HP OpenView Network Node Manager \"ov.dll\" Buffer Overflow Vulnerability (CVE-2010-2704)",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/512544/100/0/threaded"
"name": "ADV-2010-1866",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1866"
},
{
"name" : "20100721 ZDI-10-137: Hewlett-Packard OpenView NNM webappmon.exe execvp_nc Remote Code Execution Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/512552/100/0/threaded"
"name": "14916",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/14916"
},
{
"name" : "14916",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/14916"
"name": "66514",
"refsource": "OSVDB",
"url": "http://osvdb.org/66514"
},
{
"name" : "HPSBMA02557",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127973001009749&w=2"
"name": "41829",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/41829"
},
{
"name" : "SSRT100025",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=127973001009749&w=2"
"name": "20100721 VUPEN Security Research - HP OpenView Network Node Manager \"ov.dll\" Buffer Overflow Vulnerability (CVE-2010-2704)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/512544/100/0/threaded"
},
{
"name" : "20100727 CVE number confusion in HP OV NNM products",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2010-July/002374.html"
"name": "SSRT100025",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127973001009749&w=2"
},
{
"name" : "41829",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/41829"
"name": "20100727 CVE number confusion in HP OV NNM products",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2010-July/002374.html"
},
{
"name" : "66514",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/66514"
"name": "40686",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40686"
},
{
"name" : "1024224",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024224"
"name": "1024238",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024238"
},
{
"name" : "1024238",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024238"
"name": "1024224",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024224"
},
{
"name" : "40686",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40686"
"name": "8161",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8161"
},
{
"name" : "8161",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8161"
"name": "20100721 ZDI-10-137: Hewlett-Packard OpenView NNM webappmon.exe execvp_nc Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/512552/100/0/threaded"
},
{
"name" : "ADV-2010-1866",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/1866"
"name": "HPSBMA02557",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=127973001009749&w=2"
}
]
}

122
2011/0xxx/CVE-2011-0027.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0027",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-0027",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka \"ADO Record Memory Vulnerability.\" NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118."
"lang": "eng",
"value": "Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka \"ADO Record Memory Vulnerability.\" NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/",
"refsource" : "MISC",
"url" : "http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/"
"name": "ADV-2011-0075",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0075"
},
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-002/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-002/"
"name": "70444",
"refsource": "OSVDB",
"url": "http://osvdb.org/70444"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100124846",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100124846"
"name": "MS11-002",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002"
},
{
"name" : "MS11-002",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002"
"name": "1024947",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024947"
},
{
"name" : "TA11-011A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-011A.html"
"name": "http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/",
"refsource": "MISC",
"url": "http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/"
},
{
"name" : "45698",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45698"
"name": "oval:org.mitre.oval:def:12411",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12411"
},
{
"name" : "70444",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70444"
"name": "42804",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42804"
},
{
"name" : "oval:org.mitre.oval:def:12411",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12411"
"name": "45698",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45698"
},
{
"name" : "1024947",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1024947"
"name": "TA11-011A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-011A.html"
},
{
"name" : "42804",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42804"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-002/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-002/"
},
{
"name" : "ADV-2011-0075",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0075"
"name": "http://support.avaya.com/css/P8/documents/100124846",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100124846"
}
]
}

104
2011/0xxx/CVE-2011-0442.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0442",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2011-0442",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network."
"lang": "eng",
"value": "The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110315 ESA-2011-007: EMC Avamar sensitive information disclosure vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/517022/100/0/threaded"
"name": "avamar-service-utility-info-disclosure(66109)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66109"
},
{
"name" : "46879",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46879"
"name": "ADV-2011-0678",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0678"
},
{
"name" : "1025213",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025213"
"name": "ADV-2011-0677",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0677"
},
{
"name" : "43797",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43797"
"name": "20110315 ESA-2011-007: EMC Avamar sensitive information disclosure vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/517022/100/0/threaded"
},
{
"name" : "8139",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/8139"
"name": "43797",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43797"
},
{
"name" : "ADV-2011-0677",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0677"
"name": "1025213",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025213"
},
{
"name" : "ADV-2011-0678",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0678"
"name": "8139",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8139"
},
{
"name" : "avamar-service-utility-info-disclosure(66109)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66109"
"name": "46879",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46879"
}
]
}

92
2011/0xxx/CVE-2011-0526.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0526",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0526",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in index.php in Vanilla Forums before 2.0.17 allows remote attackers to inject arbitrary web script or HTML via the Target parameter in a /entry/signin action."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in Vanilla Forums before 2.0.17 allows remote attackers to inject arbitrary web script or HTML via the Target parameter in a /entry/signin action."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110127 CVE Request:Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/01/27/2"
"name": "43074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43074"
},
{
"name" : "[oss-security] 20110127 Re: CVE Request:Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/01/27/5"
"name": "70677",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/70677"
},
{
"name" : "http://www.vanillaforums.org/discussion/14397/vanilla-2.0.17-released",
"refsource" : "MISC",
"url" : "http://www.vanillaforums.org/discussion/14397/vanilla-2.0.17-released"
"name": "http://www.vanillaforums.org/discussion/14397/vanilla-2.0.17-released",
"refsource": "MISC",
"url": "http://www.vanillaforums.org/discussion/14397/vanilla-2.0.17-released"
},
{
"name" : "http://yehg.net/lab/pr0js/advisories/%5Bvanilla_forums-2.0.16%5D_cross_site_scripting",
"refsource" : "MISC",
"url" : "http://yehg.net/lab/pr0js/advisories/%5Bvanilla_forums-2.0.16%5D_cross_site_scripting"
"name": "http://yehg.net/lab/pr0js/advisories/%5Bvanilla_forums-2.0.16%5D_cross_site_scripting",
"refsource": "MISC",
"url": "http://yehg.net/lab/pr0js/advisories/%5Bvanilla_forums-2.0.16%5D_cross_site_scripting"
},
{
"name" : "70677",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/70677"
"name": "[oss-security] 20110127 CVE Request:Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/01/27/2"
},
{
"name" : "43074",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43074"
"name": "[oss-security] 20110127 Re: CVE Request:Vanilla Forums 2.0.16 <= Cross Site Scripting Vulnerability",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/01/27/5"
}
]
}

86
2011/0xxx/CVE-2011-0651.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0651",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0651",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 allows remote attackers to execute arbitrary code via a client master key packet in which the sum of unspecified length fields is greater than a certain value."
"lang": "eng",
"value": "Buffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 allows remote attackers to execute arbitrary code via a client master key packet in which the sum of unspecified length fields is greater than a certain value."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-021/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-021/"
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-021/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-021/"
},
{
"name" : "45938",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45938"
"name": "iconfidant-key-bo(64868)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64868"
},
{
"name" : "70599",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70599"
"name": "70599",
"refsource": "OSVDB",
"url": "http://osvdb.org/70599"
},
{
"name" : "42971",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/42971"
"name": "42971",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42971"
},
{
"name" : "iconfidant-key-bo(64868)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64868"
"name": "45938",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45938"
}
]
}

86
2011/1xxx/CVE-2011-1032.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1032",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1032",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors."
"lang": "eng",
"value": "IBM Lotus Connections 3.0, when IBM WebSphere Application Server 7.0.0.11 is used, does not properly restrict access to the internal login module, which has unspecified impact and attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21462435",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21462435"
"name": "http://www.ibm.com/support/docview.wss?uid=swg21462435",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21462435"
},
{
"name" : "PK54565",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PK54565"
"name": "70931",
"refsource": "OSVDB",
"url": "http://osvdb.org/70931"
},
{
"name" : "70931",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70931"
"name": "ADV-2011-0382",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0382"
},
{
"name" : "43298",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43298"
"name": "43298",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43298"
},
{
"name" : "ADV-2011-0382",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0382"
"name": "PK54565",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PK54565"
}
]
}

122
2011/1xxx/CVE-2011-1239.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1239",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-1239",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other \"Vulnerability Type 1\" CVEs listed in MS11-034, aka \"Win32k Use After Free Vulnerability.\""
"lang": "eng",
"value": "Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages incorrect driver object management, a different vulnerability than other \"Vulnerability Type 1\" CVEs listed in MS11-034, aka \"Win32k Use After Free Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx",
"refsource" : "MISC",
"url" : "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx"
"name": "TA11-102A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"
},
{
"name" : "http://support.avaya.com/css/P8/documents/100133352",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/css/P8/documents/100133352"
"name": "mswin-win32k-var27-priv-escalation(66421)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66421"
},
{
"name" : "MS11-034",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034"
"name": "MS11-034",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-034"
},
{
"name" : "TA11-102A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-102A.html"
"name": "ADV-2011-0952",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0952"
},
{
"name" : "47216",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/47216"
"name": "http://support.avaya.com/css/P8/documents/100133352",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100133352"
},
{
"name" : "71754",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/71754"
"name": "47216",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47216"
},
{
"name" : "oval:org.mitre.oval:def:11726",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11726"
"name": "71754",
"refsource": "OSVDB",
"url": "http://osvdb.org/71754"
},
{
"name" : "1025345",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025345"
"name": "44156",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44156"
},
{
"name" : "44156",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44156"
"name": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx",
"refsource": "MISC",
"url": "http://blogs.technet.com/b/srd/archive/2011/04/12/ms11-034-addressing-vulnerabilities-in-the-win32k-subsystem.aspx"
},
{
"name" : "ADV-2011-0952",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0952"
"name": "oval:org.mitre.oval:def:11726",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11726"
},
{
"name" : "mswin-win32k-var27-priv-escalation(66421)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66421"
"name": "1025345",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025345"
}
]
}

92
2011/1xxx/CVE-2011-1394.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1394",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1394",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allow remote attackers to cause a denial of service (memory consumption) by establishing many UI sessions within one HTTP session."
"lang": "eng",
"value": "IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allow remote attackers to cause a denial of service (memory consumption) by establishing many UI sessions within one HTTP session."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg21584666",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg21584666"
"name": "http://www.ibm.com/support/docview.wss?uid=swg21584666",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21584666"
},
{
"name" : "IV09157",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV09157"
"name": "48299",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48299"
},
{
"name" : "52333",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/52333"
"name": "maximo-uisession-dos(71985)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71985"
},
{
"name" : "48299",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48299"
"name": "48305",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48305"
},
{
"name" : "48305",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48305"
"name": "IV09157",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV09157"
},
{
"name" : "maximo-uisession-dos(71985)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71985"
"name": "52333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52333"
}
]
}

92
2011/1xxx/CVE-2011-1535.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1535",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2011-1535",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors."
"lang": "eng",
"value": "Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux) before 6.3 allows remote authenticated users to obtain sensitive information, modify data, or cause a denial of service via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "HPSBMA02658",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
"name": "47716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47716"
},
{
"name" : "SSRT100413",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
"name": "hp-insight-unspec-priv-esc(66867)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66867"
},
{
"name" : "47716",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/47716"
"name": "1025413",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025413"
},
{
"name" : "1025413",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1025413"
"name": "HPSBMA02658",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
},
{
"name" : "44269",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/44269"
"name": "SSRT100413",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
},
{
"name" : "hp-insight-unspec-priv-esc(66867)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66867"
"name": "44269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44269"
}
]
}

164
2011/1xxx/CVE-2011-1676.json
View File

@ -1,146 +1,146 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1676",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1676",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations."
"lang": "eng",
"value": "mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multiple invocations."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/04/11"
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/5"
},
{
"name" : "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/04/9"
"name": "[oss-security] 20110303 Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/9"
},
{
"name" : "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/04/10"
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/6"
},
{
"name" : "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/04/12"
"name": "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/22/4"
},
{
"name" : "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/05/3"
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/7"
},
{
"name" : "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/05/7"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
},
{
"name" : "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/07/9"
"name": "utillinux-mount-sec-bypass(66704)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66704"
},
{
"name" : "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/14/5"
"name": "[oss-security] 20110307 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/07/9"
},
{
"name" : "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/14/7"
"name": "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/01/2"
},
{
"name" : "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/14/16"
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/10"
},
{
"name" : "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/15/6"
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/16"
},
{
"name" : "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/22/4"
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/4"
},
{
"name" : "[oss-security] 20110322 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/22/6"
"name": "[oss-security] 20110304 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/12"
},
{
"name" : "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/31/3"
"name": "[oss-security] 20110314 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/14/7"
},
{
"name" : "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/03/31/4"
"name": "[oss-security] 20110303 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/04/11"
},
{
"name" : "[oss-security] 20110401 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/04/01/2"
"name": "[oss-security] 20110305 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/05/3"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=688980",
"refsource" : "MISC",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=688980"
"name": "[oss-security] 20110331 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/31/3"
},
{
"name" : "utillinux-mount-sec-bypass(66704)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66704"
"name": "[oss-security] 20110315 Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/03/15/6"
}
]
}

74
2011/1xxx/CVE-2011-1998.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1998",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-1998",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka \"Jscript9.dll Remote Code Execution Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka \"Jscript9.dll Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS11-081",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081"
"name": "MS11-081",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-081"
},
{
"name" : "49963",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/49963"
"name": "49963",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49963"
},
{
"name" : "oval:org.mitre.oval:def:13199",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13199"
"name": "oval:org.mitre.oval:def:13199",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13199"
}
]
}

68
2011/3xxx/CVE-2011-3254.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3254",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2011-3254",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Calendar in Apple iOS before 5 allows remote attackers to inject arbitrary web script or HTML via an invitation note."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://support.apple.com/kb/HT4999",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT4999"
"name": "APPLE-SA-2011-10-12-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
},
{
"name" : "APPLE-SA-2011-10-12-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
"name": "http://support.apple.com/kb/HT4999",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT4999"
}
]
}

22
2011/3xxx/CVE-2011-3675.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3675",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-3675",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}

74
2011/3xxx/CVE-2011-3808.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3808",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3808",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Bug Genie 2.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/svn_integration/config.inc.php and certain other files."
"lang": "eng",
"value": "The Bug Genie 2.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/svn_integration/config.inc.php and certain other files."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6"
"name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource" : "MISC",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/thebuggenie_2.1.2",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/thebuggenie_2.1.2"
},
{
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/thebuggenie_2.1.2",
"refsource" : "MISC",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/thebuggenie_2.1.2"
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
}
]
}

74
2011/4xxx/CVE-2011-4037.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4037",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4037",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file."
"lang": "eng",
"value": "Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf"
"name": "47078",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47078"
},
{
"name" : "1026388",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1026388"
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-298-01.pdf"
},
{
"name" : "47078",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47078"
"name": "1026388",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1026388"
}
]
}

68
2011/4xxx/CVE-2011-4186.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4186",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4186",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705."
"lang": "eng",
"value": "Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.novell.com/support/viewContent.do?externalId=7008708",
"refsource" : "CONFIRM",
"url" : "http://www.novell.com/support/viewContent.do?externalId=7008708"
"name": "http://www.novell.com/support/viewContent.do?externalId=7008708",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7008708"
},
{
"name" : "http://www.novell.com/support/viewContent.do?externalId=7010145",
"refsource" : "CONFIRM",
"url" : "http://www.novell.com/support/viewContent.do?externalId=7010145"
"name": "http://www.novell.com/support/viewContent.do?externalId=7010145",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/viewContent.do?externalId=7010145"
}
]
}

22
2011/4xxx/CVE-2011-4417.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4417",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-4417",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}

218
2011/4xxx/CVE-2011-4619.json
View File

@ -1,191 +1,191 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4619",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4619",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors."
"lang": "eng",
"value": "The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.openssl.org/news/secadv_20120104.txt",
"refsource" : "CONFIRM",
"url" : "http://www.openssl.org/news/secadv_20120104.txt"
"name": "48528",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48528"
},
{
"name" : "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc",
"refsource" : "CONFIRM",
"url" : "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc"
"name": "HPSBMU02786",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name" : "http://support.apple.com/kb/HT5784",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5784"
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
"name": "openSUSE-SU-2012:0083",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00017.html"
},
{
"name" : "APPLE-SA-2013-06-04-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
"name": "MDVSA-2012:006",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:006"
},
{
"name" : "DSA-2390",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2012/dsa-2390"
"name": "FEDORA-2012-18035",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
},
{
"name" : "FEDORA-2012-18035",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092905.html"
"name": "http://www.openssl.org/news/secadv_20120104.txt",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/secadv_20120104.txt"
},
{
"name" : "HPSBMU02786",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
"name": "SUSE-SU-2012:0084",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00018.html"
},
{
"name" : "SSRT100877",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
"name": "RHSA-2012:1308",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
},
{
"name" : "HPSBOV02793",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=134039053214295&w=2"
"name": "RHSA-2012:1307",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
},
{
"name" : "SSRT100891",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=134039053214295&w=2"
"name": "http://support.apple.com/kb/HT5784",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5784"
},
{
"name" : "HPSBUX02734",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=132750648501816&w=2"
"name": "APPLE-SA-2013-06-04-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html"
},
{
"name" : "SSRT100729",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=132750648501816&w=2"
"name": "VU#737740",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/737740"
},
{
"name" : "HPSBMU02776",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=133951357207000&w=2"
"name": "HPSBUX02734",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=132750648501816&w=2"
},
{
"name" : "HPSBUX02782",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=133728068926468&w=2"
"name": "MDVSA-2012:007",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:007"
},
{
"name" : "SSRT100844",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=133728068926468&w=2"
"name": "RHSA-2012:1306",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
},
{
"name" : "SSRT100852",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=133951357207000&w=2"
"name": "HPSBOV02793",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134039053214295&w=2"
},
{
"name" : "MDVSA-2012:006",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:006"
"name": "57353",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57353"
},
{
"name" : "MDVSA-2012:007",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:007"
"name": "HPSBUX02782",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=133728068926468&w=2"
},
{
"name" : "RHSA-2012:1306",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1306.html"
"name": "SSRT100891",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134039053214295&w=2"
},
{
"name" : "RHSA-2012:1307",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1307.html"
"name": "SSRT100852",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=133951357207000&w=2"
},
{
"name" : "RHSA-2012:1308",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1308.html"
"name": "SSRT100729",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=132750648501816&w=2"
},
{
"name" : "SUSE-SU-2012:0084",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00018.html"
"name": "SSRT100877",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041"
},
{
"name" : "openSUSE-SU-2012:0083",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00017.html"
"name": "DSA-2390",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2390"
},
{
"name" : "VU#737740",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/737740"
"name": "HPSBMU02776",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=133951357207000&w=2"
},
{
"name" : "48528",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48528"
"name": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc",
"refsource": "CONFIRM",
"url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory3.asc"
},
{
"name" : "57353",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57353"
"name": "SSRT100844",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=133728068926468&w=2"
}
]
}

22
2011/4xxx/CVE-2011-4936.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4936",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-4936",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0822. Reason: This candidate is a reservation duplicate of CVE-2012-0822. Notes: All CVE users should reference CVE-2012-0822 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0822. Reason: This candidate is a reservation duplicate of CVE-2012-0822. Notes: All CVE users should reference CVE-2012-0822 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

86
2013/5xxx/CVE-2013-5383.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5383",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-5383",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5382."
"lang": "eng",
"value": "IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 before 7.1.1.12, and 7.5 before 7.5.0.5 allows remote authenticated users to gain privileges via unspecified vectors, a different vulnerability than CVE-2013-5382."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21651085",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21651085"
"name": "55070",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55070"
},
{
"name" : "IV40704",
"refsource" : "AIXAPAR",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40704"
"name": "IV40704",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40704"
},
{
"name" : "55068",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/55068"
"name": "55068",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55068"
},
{
"name" : "55070",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/55070"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21651085",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21651085"
},
{
"name" : "maximo-cve20135383-priv-esc(86934)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86934"
"name": "maximo-cve20135383-priv-esc(86934)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86934"
}
]
}

22
2013/5xxx/CVE-2013-5571.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5571",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5571",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2014/2xxx/CVE-2014-2011.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2011",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2011",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2014/2xxx/CVE-2014-2133.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2133",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2133",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file that triggers improper LZW decompression, aka Bug ID CSCuj87565."
"lang": "eng",
"value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file that triggers improper LZW decompression, aka Bug ID CSCuj87565."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
]
}

68
2014/2xxx/CVE-2014-2274.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2274",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2274",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site request forgery (CSRF) vulnerability in the Subscribe To Comments Reloaded plugin before 140219 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via a request to the subscribe-to-comments-reloaded/options/index.php page to wp-admin/admin.php."
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the Subscribe To Comments Reloaded plugin before 140219 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via a request to the subscribe-to-comments-reloaded/options/index.php page to wp-admin/admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://security.dxw.com/advisories/stored-xss-and-csrf-vulnerabilities-in-subscribe-to-comments-reloaded-140129/",
"refsource" : "MISC",
"url" : "https://security.dxw.com/advisories/stored-xss-and-csrf-vulnerabilities-in-subscribe-to-comments-reloaded-140129/"
"name": "https://wordpress.org/plugins/subscribe-to-comments-reloaded/#developers",
"refsource": "CONFIRM",
"url": "https://wordpress.org/plugins/subscribe-to-comments-reloaded/#developers"
},
{
"name" : "https://wordpress.org/plugins/subscribe-to-comments-reloaded/#developers",
"refsource" : "CONFIRM",
"url" : "https://wordpress.org/plugins/subscribe-to-comments-reloaded/#developers"
"name": "https://security.dxw.com/advisories/stored-xss-and-csrf-vulnerabilities-in-subscribe-to-comments-reloaded-140129/",
"refsource": "MISC",
"url": "https://security.dxw.com/advisories/stored-xss-and-csrf-vulnerabilities-in-subscribe-to-comments-reloaded-140129/"
}
]
}

62
2014/2xxx/CVE-2014-2356.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2356",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2014-2356",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request."
"lang": "eng",
"value": "Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot downloads, which allows remote attackers to obtain sensitive information via a crafted HTTPS request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-189-02",
"refsource" : "MISC",
"url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-189-02"
"name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-189-02",
"refsource": "MISC",
"url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-189-02"
}
]
}

68
2014/2xxx/CVE-2014-2475.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2475",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-2475",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv)."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv)."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name" : "1031034",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031034"
"name": "1031034",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031034"
}
]
}

68
2014/2xxx/CVE-2014-2554.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2554",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2554",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element."
"lang": "eng",
"value": "OTRS 3.1.x before 3.1.21, 3.2.x before 3.2.16, and 3.3.x before 3.3.6 allows remote attackers to conduct clickjacking attacks via an IFRAME element."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.otrs.com/security-advisory-2014-05-clickjacking-issue/",
"refsource" : "CONFIRM",
"url" : "http://www.otrs.com/security-advisory-2014-05-clickjacking-issue/"
"name": "http://www.otrs.com/security-advisory-2014-05-clickjacking-issue/",
"refsource": "CONFIRM",
"url": "http://www.otrs.com/security-advisory-2014-05-clickjacking-issue/"
},
{
"name" : "openSUSE-SU-2014:0561",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-04/msg00062.html"
"name": "openSUSE-SU-2014:0561",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00062.html"
}
]
}

22
2014/6xxx/CVE-2014-6207.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6207",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6207",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2014/6xxx/CVE-2014-6341.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6341",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-6341",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-4143."
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-4143."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-065",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-065"
"name": "1031185",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031185"
},
{
"name" : "70338",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70338"
"name": "70338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70338"
},
{
"name" : "1031185",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031185"
"name": "MS14-065",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-065"
}
]
}

74
2014/6xxx/CVE-2014-6353.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6353",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2014-6353",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS14-065",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-065"
"name": "1031185",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031185"
},
{
"name" : "70333",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70333"
"name": "MS14-065",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-065"
},
{
"name" : "1031185",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031185"
"name": "70333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70333"
}
]
}

74
2014/6xxx/CVE-2014-6858.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6858",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6858",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Mostafa Shemeas (aka com.mostafa.shemeas.website) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Mostafa Shemeas (aka com.mostafa.shemeas.website) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#873337",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/873337"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#873337",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/873337"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7388.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7388",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7388",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Sunday Indian Oriya (aka com.magzter.thesundayindianoriya) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Sunday Indian Oriya (aka com.magzter.thesundayindianoriya) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#542633",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/542633"
},
{
"name" : "VU#542633",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/542633"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

22
2014/7xxx/CVE-2014-7679.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7679",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-7679",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
}
]
}

74
2014/7xxx/CVE-2014-7728.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7728",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7728",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Logan Banner (aka com.soln.S8B5C1F53B8CBE06D5DE0A0E7E23DCDA7) application 1.0010.b0010 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Logan Banner (aka com.soln.S8B5C1F53B8CBE06D5DE0A0E7E23DCDA7) application 1.0010.b0010 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#149537",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/149537"
},
{
"name" : "VU#149537",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/149537"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7748.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7748",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7748",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Garip Ve Ilginc Olaylar (aka com.wGaripveeIlgincOlay) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Garip Ve Ilginc Olaylar (aka com.wGaripveeIlgincOlay) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#283297",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/283297"
},
{
"name" : "VU#283297",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/283297"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

80
2014/7xxx/CVE-2014-7834.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7834",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-7834",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service."
"lang": "eng",
"value": "mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20141117 Moodle security issues are now public",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2014/11/17/11"
"name": "1031215",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031215"
},
{
"name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45303",
"refsource" : "CONFIRM",
"url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45303"
"name": "[oss-security] 20141117 Moodle security issues are now public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/11/17/11"
},
{
"name" : "https://moodle.org/mod/forum/discuss.php?d=275159",
"refsource" : "CONFIRM",
"url" : "https://moodle.org/mod/forum/discuss.php?d=275159"
"name": "https://moodle.org/mod/forum/discuss.php?d=275159",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=275159"
},
{
"name" : "1031215",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1031215"
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45303",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45303"
}
]
}

80
2017/0xxx/CVE-2017-0111.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0111",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0111",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Windows Uniscribe",
"version" : {
"version_data" : [
"product_name": "Windows Uniscribe",
"version": {
"version_data": [
{
"version_value" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1"
"version_value": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1"
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Uniscribe Information Disclosure Vulnerability.\" CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-2017-0112, CVE-2017-0113, CVE-2017-0114, CVE-2017-0115, CVE-2017-0116, CVE-2017-0117, CVE-2017-0118, CVE-2017-0119, CVE-2017-0120, CVE-2017-0121, CVE-2017-0122, CVE-2017-0123, CVE-2017-0124, CVE-2017-0125, CVE-2017-0126, CVE-2017-0127, and CVE-2017-0128."
"lang": "eng",
"value": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Uniscribe Information Disclosure Vulnerability.\" CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-2017-0112, CVE-2017-0113, CVE-2017-0114, CVE-2017-0115, CVE-2017-0116, CVE-2017-0117, CVE-2017-0118, CVE-2017-0119, CVE-2017-0120, CVE-2017-0121, CVE-2017-0122, CVE-2017-0123, CVE-2017-0124, CVE-2017-0125, CVE-2017-0126, CVE-2017-0127, and CVE-2017-0128."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information Disclosure"
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "41655",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41655/"
"name": "96658",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96658"
},
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0111",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0111"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0111",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0111"
},
{
"name" : "96658",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96658"
"name": "1037992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037992"
},
{
"name" : "1037992",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037992"
"name": "41655",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41655/"
}
]
}

80
2017/0xxx/CVE-2017-0121.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0121",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0121",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Windows Uniscribe",
"version" : {
"version_data" : [
"product_name": "Windows Uniscribe",
"version": {
"version_data": [
{
"version_value" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016"
"version_value": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016"
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Uniscribe Information Disclosure Vulnerability.\" CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-2017-0111, CVE-2017-0112, CVE-2017-0113, CVE-2017-0114, CVE-2017-0115, CVE-2017-0116, CVE-2017-0117, CVE-2017-0118, CVE-2017-0119, CVE-2017-0120, CVE-2017-0122, CVE-2017-0123, CVE-2017-0124, CVE-2017-0125, CVE-2017-0126, CVE-2017-0127, and CVE-2017-0128."
"lang": "eng",
"value": "Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka \"Uniscribe Information Disclosure Vulnerability.\" CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-2017-0111, CVE-2017-0112, CVE-2017-0113, CVE-2017-0114, CVE-2017-0115, CVE-2017-0116, CVE-2017-0117, CVE-2017-0118, CVE-2017-0119, CVE-2017-0120, CVE-2017-0122, CVE-2017-0123, CVE-2017-0124, CVE-2017-0125, CVE-2017-0126, CVE-2017-0127, and CVE-2017-0128."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information Disclosure"
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "41655",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41655/"
"name": "96678",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96678"
},
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0121",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0121"
"name": "1037992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037992"
},
{
"name" : "96678",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96678"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0121",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0121"
},
{
"name" : "1037992",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037992"
"name": "41655",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41655/"
}
]
}

80
2017/0xxx/CVE-2017-0267.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0267",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0267",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Server Message Block 1.0",
"version" : {
"version_data" : [
"product_name": "Server Message Block 1.0",
"version": {
"version_data": [
{
"version_value" : "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016."
"version_value": "Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016."
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, CVE-2017-0275, and CVE-2017-0276."
"lang": "eng",
"value": "Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles certain requests, aka \"Windows SMB Information Disclosure Vulnerability\". This CVE ID is unique from CVE-2017-0268, CVE-2017-0270, CVE-2017-0271, CVE-2017-0274, CVE-2017-0275, and CVE-2017-0276."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information Disclosure"
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
"name": "98259",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98259"
},
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0267",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0267"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0267",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0267"
},
{
"name" : "98259",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98259"
"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02"
},
{
"name" : "1038432",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038432"
"name": "1038432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038432"
}
]
}

92
2017/0xxx/CVE-2017-0283.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@microsoft.com",
"ID" : "CVE-2017-0283",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2017-0283",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Uniscribe",
"version" : {
"version_data" : [
"product_name": "Uniscribe",
"version": {
"version_data": [
{
"version_value" : "Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for Business 2016, Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows, and Microsoft Silverlight 5 when installed on Microsoft Windows."
"version_value": "Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for Business 2016, Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows, and Microsoft Silverlight 5 when installed on Microsoft Windows."
}
]
}
}
]
},
"vendor_name" : "Microsoft Corporation"
"vendor_name": "Microsoft Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for Business 2016, Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows, and Microsoft Silverlight 5 when installed on Microsoft Windows allows a remote code execution vulnerability due to the way it handles objects in memory, aka \"Windows Uniscribe Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-8528."
"lang": "eng",
"value": "Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office Word Viewer, Microsoft Lync 2013 SP1, Skype for Business 2016, Microsoft Silverlight 5 Developer Runtime when installed on Microsoft Windows, and Microsoft Silverlight 5 when installed on Microsoft Windows allows a remote code execution vulnerability due to the way it handles objects in memory, aka \"Windows Uniscribe Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-8528."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote Code Execution"
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "42234",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/42234/"
"name": "42234",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42234/"
},
{
"name" : "https://0patch.blogspot.com/2017/07/0patching-quick-brown-fox-of-cve-2017.html",
"refsource" : "MISC",
"url" : "https://0patch.blogspot.com/2017/07/0patching-quick-brown-fox-of-cve-2017.html"
"name": "1038675",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038675"
},
{
"name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1198",
"refsource" : "MISC",
"url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1198"
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0283",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0283"
},
{
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0283",
"refsource" : "CONFIRM",
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0283"
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1198",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1198"
},
{
"name" : "98920",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98920"
"name": "98920",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98920"
},
{
"name" : "1038675",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038675"
"name": "https://0patch.blogspot.com/2017/07/0patching-quick-brown-fox-of-cve-2017.html",
"refsource": "MISC",
"url": "https://0patch.blogspot.com/2017/07/0patching-quick-brown-fox-of-cve-2017.html"
}
]
}

80
2017/0xxx/CVE-2017-0534.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-0534",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2017-0534",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Kernel-3.18"
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32508732. References: QC-CR#1088206."
"lang": "eng",
"value": "An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32508732. References: QC-CR#1088206."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Information disclosure"
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-03-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-03-01"
"name": "https://source.android.com/security/bulletin/2017-03-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-03-01"
},
{
"name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f",
"refsource" : "CONFIRM",
"url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"
"name": "1037968",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037968"
},
{
"name" : "96734",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96734"
"name": "96734",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96734"
},
{
"name" : "1037968",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037968"
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3af5e89426f1c8d4e703d415eff5435b925649f"
}
]
}

72
2017/18xxx/CVE-2017-18090.json
View File

@ -1,70 +1,70 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-02-16T00:00:00",
"ID" : "CVE-2017-18090",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-02-16T00:00:00",
"ID": "CVE-2017-18090",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Fisheye",
"version" : {
"version_data" : [
"product_name": "Fisheye",
"version": {
"version_data": [
{
"version_value" : "prior to 4.5.1"
"version_value": "prior to 4.5.1"
},
{
"version_value" : "prior to 4.6.0"
"version_value": "prior to 4.6.0"
}
]
}
}
]
},
"vendor_name" : "Atlassian"
"vendor_name": "Atlassian"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Various resources in Atlassian Fisheye before version 4.5.1 (the fixed version for 4.5.x) and before version 4.6.0 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a commit author."
"lang": "eng",
"value": "Various resources in Atlassian Fisheye before version 4.5.1 (the fixed version for 4.5.x) and before version 4.6.0 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a commit author."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://jira.atlassian.com/browse/FE-7000",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/FE-7000"
"name": "https://jira.atlassian.com/browse/FE-7000",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/FE-7000"
},
{
"name" : "103076",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103076"
"name": "103076",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103076"
}
]
}

68
2017/1xxx/CVE-2017-1141.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2017-1141",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1141",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "IBM Insights Foundation for Energy",
"version" : {
"version_data" : [
"product_name": "IBM Insights Foundation for Energy",
"version": {
"version_data": [
{
"version_value" : "1.0, 1.5, 1.6"
"version_value": "1.0, 1.5, 1.6"
}
]
}
}
]
},
"vendor_name" : "IBM Corporation"
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Insights Foundation for Energy 1.0, 1.5, and 1.6 could allow an authenticated user to obtain sensitive information from error messages. IBM X-Force ID: 121907."
"lang": "eng",
"value": "IBM Insights Foundation for Energy 1.0, 1.5, and 1.6 could allow an authenticated user to obtain sensitive information from error messages. IBM X-Force ID: 121907."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22002620",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22002620"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22002620",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22002620"
},
{
"name" : "98161",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/98161"
"name": "98161",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98161"
}
]
}

22
2017/1xxx/CVE-2017-1525.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1525",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1525",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

76
2017/1xxx/CVE-2017-1535.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-08-25T00:00:00",
"ID" : "CVE-2017-1535",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-25T00:00:00",
"ID": "CVE-2017-1535",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Cognos Analytics",
"version" : {
"version_data" : [
"product_name": "Cognos Analytics",
"version": {
"version_data": [
{
"version_value" : "11.0"
"version_value": "11.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130677."
"lang": "eng",
"value": "IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130677."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/130677",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/130677"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130677",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/130677"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22007242",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22007242"
"name": "100834",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100834"
},
{
"name" : "100834",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/100834"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22007242",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22007242"
}
]
}

68
2017/5xxx/CVE-2017-5162.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"ID" : "CVE-2017-5162",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5162",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "BINOM3 Electric Power Quality Meter",
"version" : {
"version_data" : [
"product_name": "BINOM3 Electric Power Quality Meter",
"version": {
"version_data": [
{
"version_value" : "BINOM3 Electric Power Quality Meter"
"version_value": "BINOM3 Electric Power Quality Meter"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration."
"lang": "eng",
"value": "An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of authentication for remote service gives access to application set up and configuration."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "BINOM3 Electric Power Quality Meter Lack of authentication"
"lang": "eng",
"value": "BINOM3 Electric Power Quality Meter Lack of authentication"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-031-01A"
},
{
"name" : "93028",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/93028"
"name": "93028",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93028"
}
]
}

74
2017/5xxx/CVE-2017-5173.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "ics-cert@hq.dhs.gov",
"ID" : "CVE-2017-5173",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-5173",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Geutebruck IP Cameras",
"version" : {
"version_data" : [
"product_name": "Geutebruck IP Cameras",
"version": {
"version_data": [
{
"version_value" : "Geutebruck IP Cameras"
"version_value": "Geutebruck IP Cameras"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call multiple parameters that can allow access to the root level operating system which could allow remote code execution."
"lang": "eng",
"value": "An Improper Neutralization of Special Elements (in an OS command) issue was discovered in Geutebruck IP Camera G-Cam/EFD-2250 Version 1.11.0.12. An improper neutralization of special elements vulnerability has been identified. If special elements are not properly neutralized, an attacker can call multiple parameters that can allow access to the root level operating system which could allow remote code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-78"
"lang": "eng",
"value": "CWE-78"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "41360",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/41360/"
"name": "96209",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96209"
},
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-045-02"
},
{
"name" : "96209",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96209"
"name": "41360",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41360/"
}
]
}

92
2017/5xxx/CVE-2017-5204.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5204",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5204",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print()."
"lang": "eng",
"value": "The IPv6 parser in tcpdump before 4.9.0 has a buffer overflow in print-ip6.c:ip6_print()."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html",
"refsource" : "CONFIRM",
"url" : "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html"
"name": "1037755",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037755"
},
{
"name" : "DSA-3775",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3775"
"name": "DSA-3775",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3775"
},
{
"name" : "GLSA-201702-30",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201702-30"
"name": "RHSA-2017:1871",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1871"
},
{
"name" : "RHSA-2017:1871",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2017:1871"
"name": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html",
"refsource": "CONFIRM",
"url": "https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1494526.html"
},
{
"name" : "95852",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95852"
"name": "95852",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95852"
},
{
"name" : "1037755",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037755"
"name": "GLSA-201702-30",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201702-30"
}
]
}

68
2017/5xxx/CVE-2017-5633.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5633",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5633",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs."
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://seclists.org/fulldisclosure/2017/Feb/70",
"refsource" : "MISC",
"url" : "http://seclists.org/fulldisclosure/2017/Feb/70"
"name": "96475",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96475"
},
{
"name" : "96475",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96475"
"name": "http://seclists.org/fulldisclosure/2017/Feb/70",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2017/Feb/70"
}
]
}