From 209faead2f88863bd22b0b709088d68ee0b61e7a Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 12 Feb 2023 23:03:03 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2015/7xxx/CVE-2015-7547.json | 163 ++------------------------ 2015/7xxx/CVE-2015-7548.json | 73 ++++++------ 2015/7xxx/CVE-2015-7557.json | 73 ++++++------ 2015/7xxx/CVE-2015-7566.json | 217 ++++++++++++++++++----------------- 2015/8xxx/CVE-2015-8077.json | 117 +++++++++---------- 5 files changed, 252 insertions(+), 391 deletions(-) diff --git a/2015/7xxx/CVE-2015-7547.json b/2015/7xxx/CVE-2015-7547.json index da8977ef32a..b2823dc5cd1 100644 --- a/2015/7xxx/CVE-2015-7547.json +++ b/2015/7xxx/CVE-2015-7547.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module." + "value": "Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing \"dual A/AAAA DNS queries\" and the libnss_dns.so.2 NSS module." } ] }, @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "Stack-based Buffer Overflow", - "cweId": "CWE-121" + "value": "n/a" } ] } @@ -32,108 +31,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Red Hat Enterprise Linux 6", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "0:2.12-1.166.el6_7.7", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat Enterprise Linux 6.2 Advanced Update Support", - "version": { - "version_data": [ - { - "version_value": "0:2.12-1.47.el6_2.17", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat Enterprise Linux 6.4 Advanced Update Support", - "version": { - "version_data": [ - { - "version_value": "0:2.12-1.107.el6_4.9", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat Enterprise Linux 6.5 Advanced Update Support", - "version": { - "version_data": [ - { - "version_value": "0:2.12-1.132.el6_5.7", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat Enterprise Linux 6.6 Extended Update Support", - "version": { - "version_data": [ - { - "version_value": "0:2.12-1.149.el6_6.11", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat Enterprise Linux 7", - "version": { - "version_data": [ - { - "version_value": "0:2.17-106.el7_2.4", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat Enterprise Linux 7.1 Extended Update Support", - "version": { - "version_data": [ - { - "version_value": "0:2.17-79.ael7b_1.4", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6", - "version": { - "version_data": [ - { - "version_value": "0:6.7-20160104.2.el6ev", - "version_affected": "!" - }, - { - "version_value": "0:7.2-20160105.2.el6ev", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "RHEV 3.X Hypervisor and Agents for RHEL-7", - "version": { - "version_data": [ - { - "version_value": "0:7.2-20160105.2.el7ev", - "version_affected": "!" + "version_affected": "=", + "version_value": "n/a" } ] } @@ -191,11 +98,6 @@ "refsource": "MISC", "name": "http://rhn.redhat.com/errata/RHSA-2016-0176.html" }, - { - "url": "https://access.redhat.com/errata/RHSA-2016:0176", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2016:0176" - }, { "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10150", "refsource": "MISC", @@ -376,26 +278,6 @@ "refsource": "MISC", "name": "https://access.redhat.com/articles/2161461" }, - { - "url": "https://access.redhat.com/errata/RHSA-2016:0175", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2016:0175" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2016:0225", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2016:0225" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2016:0277", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2016:0277" - }, - { - "url": "https://access.redhat.com/security/cve/CVE-2015-7547", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2015-7547" - }, { "url": "https://blogs.sophos.com/2016/02/24/utm-up2date-9-355-released/", "refsource": "MISC", @@ -411,11 +293,6 @@ "refsource": "MISC", "name": "https://bto.bluecoat.com/security-advisory/sa114" }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293532", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1293532" - }, { "url": "https://googleonlinesecurity.blogspot.com/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html", "refsource": "MISC", @@ -545,31 +422,11 @@ "url": "https://www.tenable.com/security/research/tra-2017-08", "refsource": "MISC", "name": "https://www.tenable.com/security/research/tra-2017-08" - } - ] - }, - "impact": { - "cvss": [ + }, { - "accessComplexity": "MEDIUM", - "accessVector": "NETWORK", - "authentication": "NONE", - "availabilityImpact": "PARTIAL", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 6.8, - "collateralDamagePotential": "NOT_DEFINED", - "confidentialityImpact": "PARTIAL", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 0, - "exploitability": "NOT_DEFINED", - "integrityImpact": "PARTIAL", - "integrityRequirement": "NOT_DEFINED", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "targetDistribution": "NOT_DEFINED", - "temporalScore": 0, - "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", - "version": "2.0" + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293532", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1293532" } ] } diff --git a/2015/7xxx/CVE-2015-7548.json b/2015/7xxx/CVE-2015-7548.json index c70fb5cd7f2..43028ce84dd 100644 --- a/2015/7xxx/CVE-2015-7548.json +++ b/2015/7xxx/CVE-2015-7548.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-7548", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,22 +27,46 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "80176", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/80176" + "url": "http://rhn.redhat.com/errata/RHSA-2016-0018.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2016-0018.html" }, { - "name": "RHSA-2016:0018", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2016-0018.html" + "url": "http://www.securityfocus.com/bid/80176", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/80176" }, { - "name": "https://security.openstack.org/ossa/OSSA-2016-001.html", - "refsource": "CONFIRM", - "url": "https://security.openstack.org/ossa/OSSA-2016-001.html" + "url": "https://security.openstack.org/ossa/OSSA-2016-001.html", + "refsource": "MISC", + "name": "https://security.openstack.org/ossa/OSSA-2016-001.html" } ] } diff --git a/2015/7xxx/CVE-2015-7557.json b/2015/7xxx/CVE-2015-7557.json index 16fd070fa86..86e8a398d5e 100644 --- a/2015/7xxx/CVE-2015-7557.json +++ b/2015/7xxx/CVE-2015-7557.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-7557", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,22 +27,46 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "[oss-security] 20151221 CVE-2015-7557, CVE-2015-7558 librsvg2: Out-of-bounds heap read and stack exhaustion", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2015/12/21/5" + "url": "http://www.openwall.com/lists/oss-security/2015/12/21/5", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2015/12/21/5" }, { - "name": "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df", - "refsource": "CONFIRM", - "url": "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df" + "url": "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df", + "refsource": "MISC", + "name": "https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df" }, { - "name": "https://git.gnome.org/browse/librsvg/tree/NEWS", - "refsource": "CONFIRM", - "url": "https://git.gnome.org/browse/librsvg/tree/NEWS" + "url": "https://git.gnome.org/browse/librsvg/tree/NEWS", + "refsource": "MISC", + "name": "https://git.gnome.org/browse/librsvg/tree/NEWS" } ] } diff --git a/2015/7xxx/CVE-2015-7566.json b/2015/7xxx/CVE-2015-7566.json index 6c1308d5461..e95edb953ef 100644 --- a/2015/7xxx/CVE-2015-7566.json +++ b/2015/7xxx/CVE-2015-7566.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-7566", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,142 +27,166 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "USN-2930-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2930-1" + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" }, { - "name": "https://security-tracker.debian.org/tracker/CVE-2015-7566", - "refsource": "CONFIRM", - "url": "https://security-tracker.debian.org/tracker/CVE-2015-7566" + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html" }, { - "name": "82975", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/82975" + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" }, { - "name": "USN-2967-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2967-1" + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" }, { - "name": "FEDORA-2016-26e19f042a", - "refsource": "FEDORA", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html" + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html" }, { - "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb3232138e37129e88240a98a1d2aba2187ff57c", - "refsource": "CONFIRM", - "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb3232138e37129e88240a98a1d2aba2187ff57c" + "url": "http://www.debian.org/security/2016/dsa-3448", + "refsource": "MISC", + "name": "http://www.debian.org/security/2016/dsa-3448" }, { - "name": "USN-2930-2", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2930-2" + "url": "http://www.debian.org/security/2016/dsa-3503", + "refsource": "MISC", + "name": "http://www.debian.org/security/2016/dsa-3503" }, { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1283371", - "refsource": "CONFIRM", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283371" + "url": "http://www.ubuntu.com/usn/USN-2929-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2929-1" }, { - "name": "DSA-3503", - "refsource": "DEBIAN", - "url": "http://www.debian.org/security/2016/dsa-3503" + "url": "http://www.ubuntu.com/usn/USN-2929-2", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2929-2" }, { - "name": "USN-2967-2", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2967-2" + "url": "http://www.ubuntu.com/usn/USN-2930-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2930-1" }, { - "name": "FEDORA-2016-b59fd603be", - "refsource": "FEDORA", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html" + "url": "http://www.ubuntu.com/usn/USN-2930-2", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2930-2" }, { - "name": "SUSE-SU-2016:1764", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" + "url": "http://www.ubuntu.com/usn/USN-2930-3", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2930-3" }, { - "name": "USN-2930-3", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2930-3" + "url": "http://www.ubuntu.com/usn/USN-2932-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2932-1" }, { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1296466", - "refsource": "CONFIRM", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1296466" + "url": "http://www.ubuntu.com/usn/USN-2948-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2948-1" }, { - "name": "20160309 OS-S 2016-09 Linux visor clie_5_attach Nullpointer Dereference CVE-2015-7566", - "refsource": "BUGTRAQ", - "url": "http://www.securityfocus.com/archive/1/537733/100/0/threaded" + "url": "http://www.ubuntu.com/usn/USN-2948-2", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2948-2" }, { - "name": "SUSE-SU-2016:1707", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html" + "url": "http://www.ubuntu.com/usn/USN-2967-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2967-1" }, { - "name": "SUSE-SU-2016:1672", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" + "url": "http://www.ubuntu.com/usn/USN-2967-2", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2967-2" }, { - "name": "USN-2929-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2929-1" + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html" }, { - "name": "USN-2932-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2932-1" + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html" }, { - "name": "FEDORA-2016-5d43766e33", - "refsource": "FEDORA", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html" + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb3232138e37129e88240a98a1d2aba2187ff57c", + "refsource": "MISC", + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cb3232138e37129e88240a98a1d2aba2187ff57c" }, { - "name": "SUSE-SU-2016:2074", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" + "url": "http://www.securityfocus.com/archive/1/537733/100/0/threaded", + "refsource": "MISC", + "name": "http://www.securityfocus.com/archive/1/537733/100/0/threaded" }, { - "name": "USN-2948-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2948-1" + "url": "http://www.securityfocus.com/bid/82975", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/82975" }, { - "name": "DSA-3448", - "refsource": "DEBIAN", - "url": "http://www.debian.org/security/2016/dsa-3448" + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283371", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1283371" }, { - "name": "USN-2929-2", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2929-2" + "url": "https://github.com/torvalds/linux/commit/cb3232138e37129e88240a98a1d2aba2187ff57c", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/cb3232138e37129e88240a98a1d2aba2187ff57c" }, { - "name": "39540", - "refsource": "EXPLOIT-DB", - "url": "https://www.exploit-db.com/exploits/39540/" + "url": "https://security-tracker.debian.org/tracker/CVE-2015-7566", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2015-7566" }, { - "name": "USN-2948-2", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2948-2" + "url": "https://www.exploit-db.com/exploits/39540/", + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/39540/" }, { - "name": "https://github.com/torvalds/linux/commit/cb3232138e37129e88240a98a1d2aba2187ff57c", - "refsource": "CONFIRM", - "url": "https://github.com/torvalds/linux/commit/cb3232138e37129e88240a98a1d2aba2187ff57c" + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1296466", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1296466" } ] } diff --git a/2015/8xxx/CVE-2015-8077.json b/2015/8xxx/CVE-2015-8077.json index 61dd1f63562..310716930ae 100644 --- a/2015/8xxx/CVE-2015-8077.json +++ b/2015/8xxx/CVE-2015-8077.json @@ -1,40 +1,17 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-8077", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the start_octet variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076." + "value": "Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks and the start_octet variable. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-8076." } ] }, @@ -50,57 +27,81 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "[Cyrus-devel] 20151005 Recent security fixes", - "refsource": "MLIST", - "url": "https://lists.andrew.cmu.edu/pipermail/cyrus-devel/2015-October/003534.html" + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html" }, { - "name": "https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.7.html", - "refsource": "CONFIRM", - "url": "https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.7.html" + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html" }, { - "name": "[oss-security] 20151104 Re: CVE request: urlfetch range handling flaw in Cyrus IMAP", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2015/11/04/3" + "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00156.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00156.html" }, { - "name": "[oss-security] 20150930 Re: CVE request: urlfetch range handling flaw in Cyrus IMAP", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2015/09/30/3" + "url": "http://www.openwall.com/lists/oss-security/2015/11/04/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2015/11/04/3" }, { - "name": "openSUSE-SU-2015:2130", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00156.html" + "url": "http://www.securitytracker.com/id/1034282", + "refsource": "MISC", + "name": "http://www.securitytracker.com/id/1034282" }, { - "name": "https://cyrus.foundation/cyrus-imapd/commit/?id=745e161c834f1eb6d62fc14477f51dae799e1e08", - "refsource": "CONFIRM", - "url": "https://cyrus.foundation/cyrus-imapd/commit/?id=745e161c834f1eb6d62fc14477f51dae799e1e08" + "url": "https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.7.html", + "refsource": "MISC", + "name": "https://docs.cyrus.foundation/imap/release-notes/2.5/x/2.5.7.html" }, { - "name": "SUSE-SU-2016:1459", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00000.html" + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00015.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00015.html" }, { - "name": "1034282", - "refsource": "SECTRACK", - "url": "http://www.securitytracker.com/id/1034282" + "url": "http://www.openwall.com/lists/oss-security/2015/09/30/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2015/09/30/3" }, { - "name": "SUSE-SU-2016:1457", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00066.html" + "url": "https://cyrus.foundation/cyrus-imapd/commit/?id=745e161c834f1eb6d62fc14477f51dae799e1e08", + "refsource": "MISC", + "name": "https://cyrus.foundation/cyrus-imapd/commit/?id=745e161c834f1eb6d62fc14477f51dae799e1e08" }, { - "name": "openSUSE-SU-2015:2200", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00015.html" + "url": "https://lists.andrew.cmu.edu/pipermail/cyrus-devel/2015-October/003534.html", + "refsource": "MISC", + "name": "https://lists.andrew.cmu.edu/pipermail/cyrus-devel/2015-October/003534.html" } ] }