diff --git a/2001/1xxx/CVE-2001-1153.json b/2001/1xxx/CVE-2001-1153.json index 5ebf22da917..a7bb618d683 100644 --- a/2001/1xxx/CVE-2001-1153.json +++ b/2001/1xxx/CVE-2001-1153.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1153", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1153", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "CSSA-2001-SCO.15", - "refsource" : "CALDERA", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-08/0391.html" - }, - { - "name" : "openunix-lpsystem-bo(7041)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/7041.php" - }, - { - "name" : "3248", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3248" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "CSSA-2001-SCO.15", + "refsource": "CALDERA", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0391.html" + }, + { + "name": "3248", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3248" + }, + { + "name": "openunix-lpsystem-bo(7041)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/7041.php" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2509.json b/2006/2xxx/CVE-2006-2509.json index 3c314beb7ed..f7406ff949b 100644 --- a/2006/2xxx/CVE-2006-2509.json +++ b/2006/2xxx/CVE-2006-2509.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2509", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in login.php in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2509", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060519 Yourfreeworld.com Short Url & Url Tracker Script", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434530/100/0/threaded" - }, - { - "name" : "18046", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18046" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in login.php in YourFreeWorld.com Short Url & Url Tracker Script allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060519 Yourfreeworld.com Short Url & Url Tracker Script", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434530/100/0/threaded" + }, + { + "name": "18046", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18046" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2561.json b/2006/2xxx/CVE-2006-2561.json index 05930a7cf2d..d17536f0a28 100644 --- a/2006/2xxx/CVE-2006-2561.json +++ b/2006/2xxx/CVE-2006-2561.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2561", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Edimax BR-6104K router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter (possibly within NewInternalClient), which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2561", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securityview.org/dutch-student-finds-a-bug-in-upnp.html", - "refsource" : "MISC", - "url" : "http://www.securityview.org/dutch-student-finds-a-bug-in-upnp.html" - }, - { - "name" : "http://www.securityview.org/how-does-the-upnp-flaw-works.html", - "refsource" : "MISC", - "url" : "http://www.securityview.org/how-does-the-upnp-flaw-works.html" - }, - { - "name" : "ADV-2006-1911", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1911" - }, - { - "name" : "20169", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20169" - }, - { - "name" : "edimax-upnp-security-bypass(26709)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26709" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Edimax BR-6104K router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter (possibly within NewInternalClient), which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20169", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20169" + }, + { + "name": "http://www.securityview.org/how-does-the-upnp-flaw-works.html", + "refsource": "MISC", + "url": "http://www.securityview.org/how-does-the-upnp-flaw-works.html" + }, + { + "name": "ADV-2006-1911", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1911" + }, + { + "name": "http://www.securityview.org/dutch-student-finds-a-bug-in-upnp.html", + "refsource": "MISC", + "url": "http://www.securityview.org/dutch-student-finds-a-bug-in-upnp.html" + }, + { + "name": "edimax-upnp-security-bypass(26709)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26709" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2882.json b/2006/2xxx/CVE-2006-2882.json index 982fbc1cee7..ee7fca16a0c 100644 --- a/2006/2xxx/CVE-2006-2882.json +++ b/2006/2xxx/CVE-2006-2882.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2882", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities submit.asp in ASPScriptz Guest Book 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) GBOOK_UNAME, (2) GBOOK_EMAIL, (3) GBOOK_CITY, (4) GBOOK_COU, (5) GBOOK_WWW, and (6) GBOOK_MESS form fields." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2882", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060605 ASPScriptz Guest Book 2.0 XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/436028/100/0/threaded" - }, - { - "name" : "http://colander.altervista.org/advisory/ASzGB.txt", - "refsource" : "MISC", - "url" : "http://colander.altervista.org/advisory/ASzGB.txt" - }, - { - "name" : "18285", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18285" - }, - { - "name" : "ADV-2006-2150", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2150" - }, - { - "name" : "20416", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20416" - }, - { - "name" : "1056", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1056" - }, - { - "name" : "aspscriptzgb-submit-xss(26944)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26944" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities submit.asp in ASPScriptz Guest Book 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) GBOOK_UNAME, (2) GBOOK_EMAIL, (3) GBOOK_CITY, (4) GBOOK_COU, (5) GBOOK_WWW, and (6) GBOOK_MESS form fields." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060605 ASPScriptz Guest Book 2.0 XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/436028/100/0/threaded" + }, + { + "name": "ADV-2006-2150", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2150" + }, + { + "name": "20416", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20416" + }, + { + "name": "aspscriptzgb-submit-xss(26944)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26944" + }, + { + "name": "18285", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18285" + }, + { + "name": "1056", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1056" + }, + { + "name": "http://colander.altervista.org/advisory/ASzGB.txt", + "refsource": "MISC", + "url": "http://colander.altervista.org/advisory/ASzGB.txt" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2984.json b/2006/2xxx/CVE-2006-2984.json index be8639e2f8c..ad76577bb36 100644 --- a/2006/2xxx/CVE-2006-2984.json +++ b/2006/2xxx/CVE-2006-2984.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2984", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. NOTE: it is possible that this issue is resultant from SQL injection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2984", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060606 'Multiple Sql injection and XSS in integramod portal", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/436457/100/0/threaded" - }, - { - "name" : "18464", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18464" - }, - { - "name" : "ADV-2006-2236", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2236" - }, - { - "name" : "20528", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20528" - }, - { - "name" : "1085", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1085" - }, - { - "name" : "integramod-index-xss(27092)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27092" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in IntegraMOD 1.4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the STYLE_URL parameter. NOTE: it is possible that this issue is resultant from SQL injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060606 'Multiple Sql injection and XSS in integramod portal", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/436457/100/0/threaded" + }, + { + "name": "1085", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1085" + }, + { + "name": "20528", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20528" + }, + { + "name": "ADV-2006-2236", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2236" + }, + { + "name": "integramod-index-xss(27092)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27092" + }, + { + "name": "18464", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18464" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3222.json b/2006/3xxx/CVE-2006-3222.json index 4d778f9052e..acb11954977 100644 --- a/2006/3xxx/CVE-2006-3222.json +++ b/2006/3xxx/CVE-2006-3222.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3222", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3222", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060707 FortiGate issue - \"EPSV\" not \"ESPV\"", - "refsource" : "VIM", - "url" : "http://attrition.org/pipermail/vim/2006-July/000921.html" - }, - { - "name" : "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-15.html", - "refsource" : "CONFIRM", - "url" : "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-15.html" - }, - { - "name" : "18570", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18570" - }, - { - "name" : "ADV-2006-2467", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2467" - }, - { - "name" : "26736", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/26736" - }, - { - "name" : "20720", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20720" - }, - { - "name" : "fortinet-ftp-espv-security-bypass(27532)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-15.html", + "refsource": "CONFIRM", + "url": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-15.html" + }, + { + "name": "20720", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20720" + }, + { + "name": "18570", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18570" + }, + { + "name": "26736", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/26736" + }, + { + "name": "20060707 FortiGate issue - \"EPSV\" not \"ESPV\"", + "refsource": "VIM", + "url": "http://attrition.org/pipermail/vim/2006-July/000921.html" + }, + { + "name": "fortinet-ftp-espv-security-bypass(27532)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27532" + }, + { + "name": "ADV-2006-2467", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2467" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3254.json b/2006/3xxx/CVE-2006-3254.json index fcbb448b49a..5f9ad5284c9 100644 --- a/2006/3xxx/CVE-2006-3254.json +++ b/2006/3xxx/CVE-2006-3254.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3254", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in newthread.php in Woltlab Burning Board (WBB) 2.0 RC2 allows remote attackers to execute arbitrary SQL commands via the boardid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3254", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060622 WBB<<---v2.0 RC2 \"newthread.php\" SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/438252" - }, - { - "name" : "18597", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18597" - }, - { - "name" : "1016374", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016374" - }, - { - "name" : "1154", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1154" - }, - { - "name" : "wbb-newthread-sql-injection(27350)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27350" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in newthread.php in Woltlab Burning Board (WBB) 2.0 RC2 allows remote attackers to execute arbitrary SQL commands via the boardid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1154", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1154" + }, + { + "name": "18597", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18597" + }, + { + "name": "20060622 WBB<<---v2.0 RC2 \"newthread.php\" SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/438252" + }, + { + "name": "wbb-newthread-sql-injection(27350)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27350" + }, + { + "name": "1016374", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016374" + } + ] + } +} \ No newline at end of file diff --git a/2006/3xxx/CVE-2006-3503.json b/2006/3xxx/CVE-2006-3503.json index c2a818b9652..4c99b974ad4 100644 --- a/2006/3xxx/CVE-2006-3503.json +++ b/2006/3xxx/CVE-2006-3503.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-3503", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed GIF image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-3503", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2006-08-01", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html" - }, - { - "name" : "TA06-214A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-214A.html" - }, - { - "name" : "VU#605908", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/605908" - }, - { - "name" : "19289", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19289" - }, - { - "name" : "ADV-2006-3101", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3101" - }, - { - "name" : "27742", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/27742" - }, - { - "name" : "21253", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21253" - }, - { - "name" : "macosx-imageio-gif-overflow(28145)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28145" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in ImageIO in Apple Mac OS X 10.4.7 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malformed GIF image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2006-08-01", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html" + }, + { + "name": "ADV-2006-3101", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3101" + }, + { + "name": "21253", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21253" + }, + { + "name": "19289", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19289" + }, + { + "name": "TA06-214A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-214A.html" + }, + { + "name": "27742", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/27742" + }, + { + "name": "VU#605908", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/605908" + }, + { + "name": "macosx-imageio-gif-overflow(28145)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28145" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6006.json b/2006/6xxx/CVE-2006-6006.json index 280e5faf6e7..2dc1988ac1b 100644 --- a/2006/6xxx/CVE-2006-6006.json +++ b/2006/6xxx/CVE-2006-6006.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6006", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2006-6006", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2006. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6050.json b/2006/6xxx/CVE-2006-6050.json index 15380d9e9cc..9a44265ec20 100644 --- a/2006/6xxx/CVE-2006-6050.json +++ b/2006/6xxx/CVE-2006-6050.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6050", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allow remote attackers to execute arbitrary SQL commands via the (1) selPlayer parameter to player.asp or the (2) tournament_id parameter to tournaments.asp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6050", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061118 [Aria-Security's Research Team] Texas Rank'em SQL Injection Vulnerabilite", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/452017/100/0/threaded" - }, - { - "name" : "http://www.aria-security.com/forum/showthread.php?t=34", - "refsource" : "MISC", - "url" : "http://www.aria-security.com/forum/showthread.php?t=34" - }, - { - "name" : "21168", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21168" - }, - { - "name" : "texasrankem-player-sql-injection(30384)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30384" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in ClickTech Texas Rank'em allow remote attackers to execute arbitrary SQL commands via the (1) selPlayer parameter to player.asp or the (2) tournament_id parameter to tournaments.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21168", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21168" + }, + { + "name": "texasrankem-player-sql-injection(30384)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30384" + }, + { + "name": "http://www.aria-security.com/forum/showthread.php?t=34", + "refsource": "MISC", + "url": "http://www.aria-security.com/forum/showthread.php?t=34" + }, + { + "name": "20061118 [Aria-Security's Research Team] Texas Rank'em SQL Injection Vulnerabilite", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/452017/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6507.json b/2006/6xxx/CVE-2006-6507.json index 85eaedb8a99..f36dcb5cb39 100644 --- a/2006/6xxx/CVE-2006-6507.json +++ b/2006/6xxx/CVE-2006-6507.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6507", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) protection via vectors related to a Function.prototype regression error." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-6507", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-76.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-76.html" - }, - { - "name" : "GLSA-200701-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200701-02.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SUSE-SA:2006:080", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html" - }, - { - "name" : "SUSE-SA:2007:006", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html" - }, - { - "name" : "USN-398-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-398-1" - }, - { - "name" : "TA06-354A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA06-354A.html" - }, - { - "name" : "21668", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21668" - }, - { - "name" : "ADV-2006-5068", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/5068" - }, - { - "name" : "ADV-2008-0083", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0083" - }, - { - "name" : "1017422", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017422" - }, - { - "name" : "23282", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23282" - }, - { - "name" : "23589", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23589" - }, - { - "name" : "23545", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23545" - }, - { - "name" : "23614", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23614" - }, - { - "name" : "23672", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23672" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) protection via vectors related to a Function.prototype regression error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21668", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21668" + }, + { + "name": "23672", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23672" + }, + { + "name": "ADV-2006-5068", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/5068" + }, + { + "name": "1017422", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017422" + }, + { + "name": "23282", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23282" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "23614", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23614" + }, + { + "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-76.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-76.html" + }, + { + "name": "USN-398-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-398-1" + }, + { + "name": "ADV-2008-0083", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0083" + }, + { + "name": "SUSE-SA:2006:080", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_80_mozilla.html" + }, + { + "name": "23545", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23545" + }, + { + "name": "TA06-354A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA06-354A.html" + }, + { + "name": "23589", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23589" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "SUSE-SA:2007:006", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_06_mozilla.html" + }, + { + "name": "GLSA-200701-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200701-02.xml" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6921.json b/2006/6xxx/CVE-2006-6921.json index ed1a2c0d8e7..05a1ddb13d7 100644 --- a/2006/6xxx/CVE-2006-6921.json +++ b/2006/6xxx/CVE-2006-6921.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6921", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified versions of the Linux kernel allow local users to cause a denial of service (unrecoverable zombie process) via a program with certain instructions that prevent init from properly reaping a child whose parent has died." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6921", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[linux-kernel] 20061219 BUG: wedged processes, test program supplied", - "refsource" : "MLIST", - "url" : "http://uwsg.iu.edu/hypermail/linux/kernel/0612.2/0980.html" - }, - { - "name" : "[linux-kernel] 20061220 Re: BUG: wedged processes, test program supplied", - "refsource" : "MLIST", - "url" : "http://uwsg.iu.edu/hypermail/linux/kernel/0612.2/1021.html" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm" - }, - { - "name" : "RHSA-2007:0939", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0939.html" - }, - { - "name" : "RHSA-2008:0154", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0154.html" - }, - { - "name" : "oval:org.mitre.oval:def:10834", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10834" - }, - { - "name" : "27436", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27436" - }, - { - "name" : "27747", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27747" - }, - { - "name" : "29236", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29236" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified versions of the Linux kernel allow local users to cause a denial of service (unrecoverable zombie process) via a program with certain instructions that prevent init from properly reaping a child whose parent has died." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:10834", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10834" + }, + { + "name": "27747", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27747" + }, + { + "name": "RHSA-2008:0154", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0154.html" + }, + { + "name": "[linux-kernel] 20061220 Re: BUG: wedged processes, test program supplied", + "refsource": "MLIST", + "url": "http://uwsg.iu.edu/hypermail/linux/kernel/0612.2/1021.html" + }, + { + "name": "RHSA-2007:0939", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0939.html" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-474.htm" + }, + { + "name": "[linux-kernel] 20061219 BUG: wedged processes, test program supplied", + "refsource": "MLIST", + "url": "http://uwsg.iu.edu/hypermail/linux/kernel/0612.2/0980.html" + }, + { + "name": "29236", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29236" + }, + { + "name": "27436", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27436" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6978.json b/2006/6xxx/CVE-2006-6978.json index 3bc5705eb2c..86c36c217cf 100644 --- a/2006/6xxx/CVE-2006-6978.json +++ b/2006/6xxx/CVE-2006-6978.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6978", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the \"Basic Toolbar Selection\" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the (1) href or (2) onmouseover attribute of the A HTML tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6978", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060514 XSS in FreeTextBox and FCKEditor Basic Toolbar Selection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434006/30/4980/threaded" - }, - { - "name" : "http://www.newffr.com/viewtopic.php?forum=26&topic=11683", - "refsource" : "MISC", - "url" : "http://www.newffr.com/viewtopic.php?forum=26&topic=11683" - }, - { - "name" : "freetextbox-fckeditor-javascipt-xss(26539)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26539" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the \"Basic Toolbar Selection\" in FCKEditor allows remote attackers to execute arbitrary JavaScript via the javascript: URI in the (1) href or (2) onmouseover attribute of the A HTML tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.newffr.com/viewtopic.php?forum=26&topic=11683", + "refsource": "MISC", + "url": "http://www.newffr.com/viewtopic.php?forum=26&topic=11683" + }, + { + "name": "freetextbox-fckeditor-javascipt-xss(26539)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26539" + }, + { + "name": "20060514 XSS in FreeTextBox and FCKEditor Basic Toolbar Selection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434006/30/4980/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/7xxx/CVE-2006-7224.json b/2006/7xxx/CVE-2006-7224.json index 4c729da84ec..1964070ae82 100644 --- a/2006/7xxx/CVE-2006-7224.json +++ b/2006/7xxx/CVE-2006-7224.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-7224", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All CVE users should consult CVE-2006-7227, CVE-2005-4872, and CVE-2006-7228 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2006-7224", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-7227, CVE-2005-4872, CVE-2006-7228. Reason: this candidate was SPLIT into other identifiers in order to reflect different affected versions and distinct vendor fixes. Notes: All CVE users should consult CVE-2006-7227, CVE-2005-4872, and CVE-2006-7228 to determine which ID is appropriate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0325.json b/2011/0xxx/CVE-2011-0325.json index a51272b1d85..33dbe33f124 100644 --- a/2011/0xxx/CVE-2011-0325.json +++ b/2011/0xxx/CVE-2011-0325.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0325", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0325", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0745.json b/2011/0xxx/CVE-2011-0745.json index 34b4a1b9558..d044a4918d8 100644 --- a/2011/0xxx/CVE-2011-0745.json +++ b/2011/0xxx/CVE-2011-0745.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0745", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain duplicate check, which allows remote authenticated users to discover (1) the names of customers via a ShowDuplicates action to the Accounts module, reachable through index.php; or (2) the names of contact persons via a ShowDuplicates action to the Contacts module, reachable through index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0745", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110315 [RT-SA-2011-002] SugarCRM list privilege restriction bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/517027/100/0/threaded" - }, - { - "name" : "http://www.redteam-pentesting.de/advisories/rt-sa-2011-002", - "refsource" : "MISC", - "url" : "http://www.redteam-pentesting.de/advisories/rt-sa-2011-002" - }, - { - "name" : "46885", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46885" - }, - { - "name" : "1025222", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025222" - }, - { - "name" : "8141", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8141" - }, - { - "name" : "ADV-2011-0675", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0675" - }, - { - "name" : "sugarcrm-list-info-disclosure(66110)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66110" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain duplicate check, which allows remote authenticated users to discover (1) the names of customers via a ShowDuplicates action to the Accounts module, reachable through index.php; or (2) the names of contact persons via a ShowDuplicates action to the Contacts module, reachable through index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "46885", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46885" + }, + { + "name": "sugarcrm-list-info-disclosure(66110)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66110" + }, + { + "name": "ADV-2011-0675", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0675" + }, + { + "name": "http://www.redteam-pentesting.de/advisories/rt-sa-2011-002", + "refsource": "MISC", + "url": "http://www.redteam-pentesting.de/advisories/rt-sa-2011-002" + }, + { + "name": "1025222", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025222" + }, + { + "name": "8141", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8141" + }, + { + "name": "20110315 [RT-SA-2011-002] SugarCRM list privilege restriction bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/517027/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2011/0xxx/CVE-2011-0887.json b/2011/0xxx/CVE-2011-0887.json index 2ec6166c483..1a6b06e270c 100644 --- a/2011/0xxx/CVE-2011-0887.json +++ b/2011/0xxx/CVE-2011-0887.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-0887", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-0887", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110204 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2011/Feb/36" - }, - { - "name" : "20110205 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/516205/100/0/threaded" - }, - { - "name" : "16123", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/16123/" - }, - { - "name" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt", - "refsource" : "MISC", - "url" : "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt" - }, - { - "name" : "46215", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/46215" - }, - { - "name" : "43199", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43199" - }, - { - "name" : "8068", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8068" - }, - { - "name" : "smcd3gccr-weak-security(65186)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20110204 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2011/Feb/36" + }, + { + "name": "smcd3gccr-weak-security(65186)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65186" + }, + { + "name": "43199", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43199" + }, + { + "name": "8068", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8068" + }, + { + "name": "46215", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/46215" + }, + { + "name": "16123", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/16123/" + }, + { + "name": "20110205 TWSL2011-002:Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/516205/100/0/threaded" + }, + { + "name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt", + "refsource": "MISC", + "url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2011-002.txt" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1105.json b/2011/1xxx/CVE-2011-1105.json index 773fded8e44..c835f771813 100644 --- a/2011/1xxx/CVE-2011-1105.json +++ b/2011/1xxx/CVE-2011-1105.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1105", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM allow remote attackers to inject arbitrary web script or HTML via (1) a delivery address and possibly (2) a PIN." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1105", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#136612", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/136612" - }, - { - "name" : "mutare-evm-pin-xss(65768)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65768" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Mutare EVM allow remote attackers to inject arbitrary web script or HTML via (1) a delivery address and possibly (2) a PIN." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#136612", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/136612" + }, + { + "name": "mutare-evm-pin-xss(65768)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65768" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1387.json b/2011/1xxx/CVE-2011-1387.json index 645362a1a4e..3e7718aba6d 100644 --- a/2011/1xxx/CVE-2011-1387.json +++ b/2011/1xxx/CVE-2011-1387.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1387", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1387", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3713.json b/2011/3xxx/CVE-2011-3713.json index 65edd90b615..3e39c74248a 100644 --- a/2011/3xxx/CVE-2011-3713.json +++ b/2011/3xxx/CVE-2011-3713.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3713", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "cFTP r80 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/session_check.php and certain other files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "35582", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/35582" - }, - { - "name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6" - }, - { - "name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", - "refsource" : "MISC", - "url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" - }, - { - "name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/cftp-r80", - "refsource" : "MISC", - "url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/cftp-r80" - }, - { - "name" : "http://packetstormsecurity.com/files/129666", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/129666" - }, - { - "name" : "projectsend-template-path-disclosure(99551)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "cFTP r80 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/session_check.php and certain other files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/cftp-r80", + "refsource": "MISC", + "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/cftp-r80" + }, + { + "name": "35582", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/35582" + }, + { + "name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/06/27/6" + }, + { + "name": "http://packetstormsecurity.com/files/129666", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/129666" + }, + { + "name": "projectsend-template-path-disclosure(99551)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99551" + }, + { + "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", + "refsource": "MISC", + "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3766.json b/2011/3xxx/CVE-2011-3766.json index bf251541a49..55e7bdea4e7 100644 --- a/2011/3xxx/CVE-2011-3766.json +++ b/2011/3xxx/CVE-2011-3766.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3766", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/orange/menu/Menu.php and certain other files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3766", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6" - }, - { - "name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", - "refsource" : "MISC", - "url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" - }, - { - "name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/orangehrm-2.6.0.2", - "refsource" : "MISC", - "url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/orangehrm-2.6.0.2" - }, - { - "name" : "orangehrm-menu-path-disclosure(70606)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70606" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/orange/menu/Menu.php and certain other files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2011/06/27/6" + }, + { + "name": "orangehrm-menu-path-disclosure(70606)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70606" + }, + { + "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/orangehrm-2.6.0.2", + "refsource": "MISC", + "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/orangehrm-2.6.0.2" + }, + { + "name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README", + "refsource": "MISC", + "url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3942.json b/2011/3xxx/CVE-2011-3942.json index ae2e129f783..15ba5c7ce07 100644 --- a/2011/3xxx/CVE-2011-3942.json +++ b/2011/3xxx/CVE-2011-3942.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3942", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3942", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4048.json b/2011/4xxx/CVE-2011-4048.json index 90982a150f2..ac9ab6840a4 100644 --- a/2011/4xxx/CVE-2011-4048.json +++ b/2011/4xxx/CVE-2011-4048.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4048", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2011-4048", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.software.dell.com/k2000-systems-deployment-appliance/kb/115560", - "refsource" : "CONFIRM", - "url" : "https://support.software.dell.com/k2000-systems-deployment-appliance/kb/115560" - }, - { - "name" : "VU#702169", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/702169" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#702169", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/702169" + }, + { + "name": "https://support.software.dell.com/k2000-systems-deployment-appliance/kb/115560", + "refsource": "CONFIRM", + "url": "https://support.software.dell.com/k2000-systems-deployment-appliance/kb/115560" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4442.json b/2011/4xxx/CVE-2011-4442.json index 233a79b4f91..a36992db8ed 100644 --- a/2011/4xxx/CVE-2011-4442.json +++ b/2011/4xxx/CVE-2011-4442.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4442", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4442", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4444.json b/2011/4xxx/CVE-2011-4444.json index 98bedc9e01d..f787dcfb77c 100644 --- a/2011/4xxx/CVE-2011-4444.json +++ b/2011/4xxx/CVE-2011-4444.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4444", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4444", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4807.json b/2011/4xxx/CVE-2011-4807.json index 8ffe119f642..e5fa82139c2 100644 --- a/2011/4xxx/CVE-2011-4807.json +++ b/2011/4xxx/CVE-2011-4807.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4807", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-4807", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "18045", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/18045" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18045", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/18045" + } + ] + } +} \ No newline at end of file diff --git a/2011/4xxx/CVE-2011-4994.json b/2011/4xxx/CVE-2011-4994.json index b8dd118ec07..471e8f3c2fb 100644 --- a/2011/4xxx/CVE-2011-4994.json +++ b/2011/4xxx/CVE-2011-4994.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-4994", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2011-4994", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5269.json b/2013/5xxx/CVE-2013-5269.json index 5d25c5409b5..c8e6816ec48 100644 --- a/2013/5xxx/CVE-2013-5269.json +++ b/2013/5xxx/CVE-2013-5269.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5269", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-5269", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5358.json b/2013/5xxx/CVE-2013-5358.json index 883bd356331..7c6d6483a44 100644 --- a/2013/5xxx/CVE-2013-5358.json +++ b/2013/5xxx/CVE-2013-5358.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5358", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2013-5358", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://secunia.com/secunia_research/2013-14/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2013-14/" - }, - { - "name" : "https://support.google.com/picasa/answer/53209", - "refsource" : "CONFIRM", - "url" : "https://support.google.com/picasa/answer/53209" - }, - { - "name" : "1029527", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029527" - }, - { - "name" : "55555", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/55555" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Picasa3.exe in Google Picasa before 3.9.0 Build 137.69 allows remote attackers to trigger memory corruption via a crafted TIFF tag, as demonstrated using a KDC file with a DSLR-A100 model and certain sequences of tags." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "55555", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/55555" + }, + { + "name": "http://secunia.com/secunia_research/2013-14/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2013-14/" + }, + { + "name": "1029527", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029527" + }, + { + "name": "https://support.google.com/picasa/answer/53209", + "refsource": "CONFIRM", + "url": "https://support.google.com/picasa/answer/53209" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5389.json b/2013/5xxx/CVE-2013-5389.json index 7b2e1f5e0d2..5efb1dd0c35 100644 --- a/2013/5xxx/CVE-2013-5389.json +++ b/2013/5xxx/CVE-2013-5389.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5389", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK2X." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-5389", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21653149", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21653149" - }, - { - "name" : "inotes-cve20135389-xss(87125)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/87125" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in iNotes in IBM Domino 8.5.3 before FP5 IF2 and 9.0 before IF5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPR PTHN9AYK2X." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "inotes-cve20135389-xss(87125)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87125" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21653149", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653149" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5392.json b/2013/5xxx/CVE-2013-5392.json index 4d4db22f620..a3773d06428 100644 --- a/2013/5xxx/CVE-2013-5392.json +++ b/2013/5xxx/CVE-2013-5392.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5392", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-5392", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5494.json b/2013/5xxx/CVE-2013-5494.json index 9483d5343df..5fe52217ea0 100644 --- a/2013/5xxx/CVE-2013-5494.json +++ b/2013/5xxx/CVE-2013-5494.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5494", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified MeetingPlace Solution, as used in Unified MeetingPlace Web Conferencing and Unified MeetingPlace, allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCui45209 and CSCui44674." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2013-5494", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130913 Cisco Unified MeetingPlace Solution Cross-Site Request Forgery Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5494" - }, - { - "name" : "1029037", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029037" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified MeetingPlace Solution, as used in Unified MeetingPlace Web Conferencing and Unified MeetingPlace, allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCui45209 and CSCui44674." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1029037", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029037" + }, + { + "name": "20130913 Cisco Unified MeetingPlace Solution Cross-Site Request Forgery Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5494" + } + ] + } +} \ No newline at end of file diff --git a/2013/5xxx/CVE-2013-5671.json b/2013/5xxx/CVE-2013-5671.json index f12aa986f8b..492de99768c 100644 --- a/2013/5xxx/CVE-2013-5671.json +++ b/2013/5xxx/CVE-2013-5671.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-5671", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "lib/dragonfly/imagemagickutils.rb in the fog-dragonfly gem 0.8.2 for Ruby allows remote attackers to execute arbitrary commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-5671", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20130903 Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2013/Sep/18" - }, - { - "name" : "[oss-security] 20130901 Re: Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2013/q3/528" - }, - { - "name" : "[oss-security] 20130901 Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2013/q3/526" - }, - { - "name" : "http://www.vapid.dhs.org/advisories/fog-dragonfly-0.8.2-cmd-inj.html", - "refsource" : "MISC", - "url" : "http://www.vapid.dhs.org/advisories/fog-dragonfly-0.8.2-cmd-inj.html" - }, - { - "name" : "96798", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/96798" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "lib/dragonfly/imagemagickutils.rb in the fog-dragonfly gem 0.8.2 for Ruby allows remote attackers to execute arbitrary commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20130903 Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2013/Sep/18" + }, + { + "name": "[oss-security] 20130901 Re: Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2013/q3/528" + }, + { + "name": "http://www.vapid.dhs.org/advisories/fog-dragonfly-0.8.2-cmd-inj.html", + "refsource": "MISC", + "url": "http://www.vapid.dhs.org/advisories/fog-dragonfly-0.8.2-cmd-inj.html" + }, + { + "name": "[oss-security] 20130901 Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2013/q3/526" + }, + { + "name": "96798", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/96798" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2038.json b/2014/2xxx/CVE-2014-2038.json index 42304f38132..1004a059d78 100644 --- a/2014/2xxx/CVE-2014-2038.json +++ b/2014/2xxx/CVE-2014-2038.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2038", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-2038", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140221 Re: Re: CVE request: Linux kernel: nfs: information leakage", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/02/20/16" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=263b4509ec4d47e0da3e753f85a39ea12d1eff24", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=263b4509ec4d47e0da3e753f85a39ea12d1eff24" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.3", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.3" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1066939", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1066939" - }, - { - "name" : "https://github.com/torvalds/linux/commit/263b4509ec4d47e0da3e753f85a39ea12d1eff24", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/263b4509ec4d47e0da3e753f85a39ea12d1eff24" - }, - { - "name" : "USN-2137-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2137-1" - }, - { - "name" : "USN-2140-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2140-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a write delegation to extend a write operation without a certain up-to-date verification, which allows local users to obtain sensitive information from kernel memory in opportunistic circumstances by writing to a file in an NFS filesystem and then reading the same file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2137-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2137-1" + }, + { + "name": "USN-2140-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2140-1" + }, + { + "name": "https://github.com/torvalds/linux/commit/263b4509ec4d47e0da3e753f85a39ea12d1eff24", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/263b4509ec4d47e0da3e753f85a39ea12d1eff24" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=263b4509ec4d47e0da3e753f85a39ea12d1eff24", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=263b4509ec4d47e0da3e753f85a39ea12d1eff24" + }, + { + "name": "[oss-security] 20140221 Re: Re: CVE request: Linux kernel: nfs: information leakage", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/02/20/16" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.3", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.3" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1066939", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1066939" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2420.json b/2014/2xxx/CVE-2014-2420.json index e77086c3993..c8ba1094ff5 100644 --- a/2014/2xxx/CVE-2014-2420.json +++ b/2014/2xxx/CVE-2014-2420.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2420", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Deployment." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-2420", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21677387", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21677387" - }, - { - "name" : "GLSA-201502-12", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" - }, - { - "name" : "HPSBUX03091", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "HPSBUX03092", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" - }, - { - "name" : "SSRT101667", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "SSRT101668", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" - }, - { - "name" : "RHSA-2014:0413", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0413" - }, - { - "name" : "RHSA-2014:0414", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0414" - }, - { - "name" : "66919", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66919" - }, - { - "name" : "60111", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60111" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Deployment." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2014:0414", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0414" + }, + { + "name": "HPSBUX03091", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" + }, + { + "name": "RHSA-2014:0413", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0413" + }, + { + "name": "SSRT101667", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "HPSBUX03092", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" + }, + { + "name": "66919", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66919" + }, + { + "name": "SSRT101668", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21677387", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21677387" + }, + { + "name": "GLSA-201502-12", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml" + }, + { + "name": "60111", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60111" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2442.json b/2014/2xxx/CVE-2014-2442.json index bd1c7ef0adb..5f5bd9a7a24 100644 --- a/2014/2xxx/CVE-2014-2442.json +++ b/2014/2xxx/CVE-2014-2442.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2442", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-2442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to MyISAM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/2xxx/CVE-2014-2544.json b/2014/2xxx/CVE-2014-2544.json index 7b541e451e3..8ce3dc4f452 100644 --- a/2014/2xxx/CVE-2014-2544.json +++ b/2014/2xxx/CVE-2014-2544.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-2544", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-2544", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.tibco.com/mk/advisory.jsp", - "refsource" : "CONFIRM", - "url" : "http://www.tibco.com/mk/advisory.jsp" - }, - { - "name" : "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt", - "refsource" : "CONFIRM", - "url" : "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server Authentication Module in TIBCO Spotfire Server 3.3.x before 3.3.4, 4.5.x before 4.5.1, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.2; Spotfire Professional 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Web Player 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Automation Services 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Deployment Kit 4.0.x before 4.0.4, 4.5.x before 4.5.2, 5.0.x before 5.0.2, 5.5.x before 5.5.1, and 6.x before 6.0.1; Spotfire Desktop 6.x before 6.0.1; and Spotfire Analyst 6.x before 6.0.1 allows remote attackers to execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.tibco.com/mk/advisory.jsp", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/mk/advisory.jsp" + }, + { + "name": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/multimedia/spotfire_advisory_20140409_tcm8-20764.txt" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6162.json b/2014/6xxx/CVE-2014-6162.json index cff595fe279..0a3bbb13019 100644 --- a/2014/6xxx/CVE-2014-6162.json +++ b/2014/6xxx/CVE-2014-6162.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6162", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-6162", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6517.json b/2014/6xxx/CVE-2014-6517.json index c4673cfdf06..8f47fe39a6f 100644 --- a/2014/6xxx/CVE-2014-6517.json +++ b/2014/6xxx/CVE-2014-6517.json @@ -1,227 +1,227 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6517", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-6517", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-1633.html", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-1633.html" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-1634.html", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-1634.html" - }, - { - "name" : "http://linux.oracle.com/errata/ELSA-2014-1636", - "refsource" : "CONFIRM", - "url" : "http://linux.oracle.com/errata/ELSA-2014-1636" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10092", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10092" - }, - { - "name" : "DSA-3077", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3077" - }, - { - "name" : "DSA-3080", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3080" - }, - { - "name" : "GLSA-201502-12", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" - }, - { - "name" : "HPSBUX03218", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=141775382904016&w=2" - }, - { - "name" : "SSRT101770", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=141775382904016&w=2" - }, - { - "name" : "RHSA-2014:1620", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1620.html" - }, - { - "name" : "RHSA-2014:1633", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1633.html" - }, - { - "name" : "RHSA-2014:1634", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1634.html" - }, - { - "name" : "RHSA-2014:1636", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1636.html" - }, - { - "name" : "RHSA-2014:1657", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1657.html" - }, - { - "name" : "RHSA-2014:1658", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1658.html" - }, - { - "name" : "SUSE-SU-2014:1422", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html" - }, - { - "name" : "USN-2386-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2386-1" - }, - { - "name" : "USN-2388-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2388-1" - }, - { - "name" : "USN-2388-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2388-2" - }, - { - "name" : "70552", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70552" - }, - { - "name" : "60414", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60414" - }, - { - "name" : "60416", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60416" - }, - { - "name" : "60417", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60417" - }, - { - "name" : "61018", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61018" - }, - { - "name" : "61020", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61020" - }, - { - "name" : "61143", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61143" - }, - { - "name" : "61629", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61629" - }, - { - "name" : "61631", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61631" - }, - { - "name" : "61163", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61163" - }, - { - "name" : "61164", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61164" - }, - { - "name" : "61346", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61346" - }, - { - "name" : "61609", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61609" - }, - { - "name" : "61928", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61928" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "60414", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60414" + }, + { + "name": "RHSA-2014:1657", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html" + }, + { + "name": "61609", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61609" + }, + { + "name": "61928", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61928" + }, + { + "name": "61163", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61163" + }, + { + "name": "USN-2386-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2386-1" + }, + { + "name": "http://linux.oracle.com/errata/ELSA-2014-1633.html", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-1633.html" + }, + { + "name": "USN-2388-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2388-1" + }, + { + "name": "HPSBUX03218", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2" + }, + { + "name": "61629", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61629" + }, + { + "name": "61018", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61018" + }, + { + "name": "http://linux.oracle.com/errata/ELSA-2014-1634.html", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-1634.html" + }, + { + "name": "61346", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61346" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10092", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10092" + }, + { + "name": "RHSA-2014:1634", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html" + }, + { + "name": "USN-2388-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2388-2" + }, + { + "name": "SUSE-SU-2014:1422", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html" + }, + { + "name": "70552", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70552" + }, + { + "name": "DSA-3080", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3080" + }, + { + "name": "60416", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60416" + }, + { + "name": "RHSA-2014:1633", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html" + }, + { + "name": "RHSA-2014:1636", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html" + }, + { + "name": "RHSA-2014:1658", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html" + }, + { + "name": "61164", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61164" + }, + { + "name": "SSRT101770", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2" + }, + { + "name": "DSA-3077", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3077" + }, + { + "name": "http://linux.oracle.com/errata/ELSA-2014-1636", + "refsource": "CONFIRM", + "url": "http://linux.oracle.com/errata/ELSA-2014-1636" + }, + { + "name": "GLSA-201502-12", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml" + }, + { + "name": "61020", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61020" + }, + { + "name": "61143", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61143" + }, + { + "name": "60417", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60417" + }, + { + "name": "61631", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61631" + }, + { + "name": "RHSA-2014:1620", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6518.json b/2014/6xxx/CVE-2014-6518.json index 0fb5f2cb9c9..7817b066397 100644 --- a/2014/6xxx/CVE-2014-6518.json +++ b/2014/6xxx/CVE-2014-6518.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6518", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to Unix File System (UFS)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-6518", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "1031583", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031583" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Solaris 10 and 11 allows local users to affect integrity and availability via vectors related to Unix File System (UFS)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031583", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031583" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/6xxx/CVE-2014-6843.json b/2014/6xxx/CVE-2014-6843.json index 87d389aebc9..81ddb695573 100644 --- a/2014/6xxx/CVE-2014-6843.json +++ b/2014/6xxx/CVE-2014-6843.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-6843", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Sweatshop (aka com.orderingapps.sweatshop) application 2.96 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-6843", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#803641", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/803641" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Sweatshop (aka com.orderingapps.sweatshop) application 2.96 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#803641", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/803641" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/7xxx/CVE-2014-7933.json b/2014/7xxx/CVE-2014-7933.json index 269c583c996..4fe988c7ef6 100644 --- a/2014/7xxx/CVE-2014-7933.json +++ b/2014/7xxx/CVE-2014-7933.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-7933", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2014-7933", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682", - "refsource" : "CONFIRM", - "url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/01/stable-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=427266", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=427266" - }, - { - "name" : "GLSA-201502-13", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-13.xml" - }, - { - "name" : "RHSA-2015:0093", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0093.html" - }, - { - "name" : "openSUSE-SU-2015:0441", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html" - }, - { - "name" : "USN-2476-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2476-1" - }, - { - "name" : "72288", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72288" - }, - { - "name" : "1031623", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031623" - }, - { - "name" : "62575", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62575" - }, - { - "name" : "62383", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62383" - }, - { - "name" : "62665", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62665" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "62665", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62665" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=427266", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=427266" + }, + { + "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682", + "refsource": "CONFIRM", + "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=490a3ebf36821b81f73e34ad3f554cb523dd2682" + }, + { + "name": "http://googlechromereleases.blogspot.com/2015/01/stable-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/01/stable-update.html" + }, + { + "name": "62575", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62575" + }, + { + "name": "USN-2476-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2476-1" + }, + { + "name": "72288", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72288" + }, + { + "name": "GLSA-201502-13", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-13.xml" + }, + { + "name": "1031623", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031623" + }, + { + "name": "openSUSE-SU-2015:0441", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00005.html" + }, + { + "name": "RHSA-2015:0093", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0093.html" + }, + { + "name": "62383", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62383" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0173.json b/2017/0xxx/CVE-2017-0173.json index f4c951009e7..25e4f6bd8dc 100644 --- a/2017/0xxx/CVE-2017-0173.json +++ b/2017/0xxx/CVE-2017-0173.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2017-0173", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Windows", - "version" : { - "version_data" : [ - { - "version_value" : "Microsoft Windows 10 1607 and Windows Server 2016." - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka \"Device Guard Code Integrity Policy Security Feature Bypass Vulnerability.\" This CVE ID is unique from CVE-2017-0215, CVE-2017-0216, CVE-2017-0218, and CVE-2017-0219." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Security Feature Bypass" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2017-0173", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Windows", + "version": { + "version_data": [ + { + "version_value": "Microsoft Windows 10 1607 and Windows Server 2016." + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0173", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0173" - }, - { - "name" : "98873", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98873" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka \"Device Guard Code Integrity Policy Security Feature Bypass Vulnerability.\" This CVE ID is unique from CVE-2017-0215, CVE-2017-0216, CVE-2017-0218, and CVE-2017-0219." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Security Feature Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0173", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0173" + }, + { + "name": "98873", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98873" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0264.json b/2017/0xxx/CVE-2017-0264.json index b0c06cdaeec..4b59bb7f7e1 100644 --- a/2017/0xxx/CVE-2017-0264.json +++ b/2017/0xxx/CVE-2017-0264.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2017-0264", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Office", - "version" : { - "version_data" : [ - { - "version_value" : "Microsoft PowerPoint for Mac 2011" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka \"Microsoft Office Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-0254 and CVE-2017-0265." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2017-0264", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Office", + "version": { + "version_data": [ + { + "version_value": "Microsoft PowerPoint for Mac 2011" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0264", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0264" - }, - { - "name" : "98282", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98282" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft PowerPoint for Mac 2011 allows a remote code execution vulnerability when the software fails to properly handle objects in memory, aka \"Microsoft Office Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-0254 and CVE-2017-0265." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0264", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0264" + }, + { + "name": "98282", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98282" + } + ] + } +} \ No newline at end of file diff --git a/2017/0xxx/CVE-2017-0410.json b/2017/0xxx/CVE-2017-0410.json index e3a4aca3dd7..d479119a91f 100644 --- a/2017/0xxx/CVE-2017-0410.json +++ b/2017/0xxx/CVE-2017-0410.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2017-0410", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android-5.0.2" - }, - { - "version_value" : "Android-5.1.1" - }, - { - "version_value" : "Android-6.0" - }, - { - "version_value" : "Android-6.0.1" - }, - { - "version_value" : "Android-7.0" - }, - { - "version_value" : "Android-7.1.1" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31929765." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2017-0410", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-5.0.2" + }, + { + "version_value": "Android-5.1.1" + }, + { + "version_value": "Android-6.0" + }, + { + "version_value": "Android-6.0.1" + }, + { + "version_value": "Android-7.0" + }, + { + "version_value": "Android-7.1.1" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-02-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-02-01.html" - }, - { - "name" : "96056", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96056" - }, - { - "name" : "1037798", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037798" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-31929765." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037798", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037798" + }, + { + "name": "96056", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96056" + }, + { + "name": "https://source.android.com/security/bulletin/2017-02-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-02-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000003.json b/2017/1000xxx/CVE-2017-1000003.json index db0ef0036ea..0d25878c7e7 100644 --- a/2017/1000xxx/CVE-2017-1000003.json +++ b/2017/1000xxx/CVE-2017-1000003.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "ID" : "CVE-2017-1000003", - "REQUESTER" : "mattd@bugfuzz.com", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "ATutor", - "version" : { - "version_data" : [ - { - "version_value" : "2.2.1" - } - ] - } - } - ] - }, - "vendor_name" : "ATutor" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Module component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Alternative Content component resulting in privilege escalation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Incorrect Access Control" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1000003", + "REQUESTER": "mattd@bugfuzz.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.atutor.ca/atutor/mantis/changelog_page.php?version_id=55", - "refsource" : "CONFIRM", - "url" : "http://www.atutor.ca/atutor/mantis/changelog_page.php?version_id=55" - }, - { - "name" : "http://www.atutor.ca/atutor/mantis/view.php?id=5681", - "refsource" : "CONFIRM", - "url" : "http://www.atutor.ca/atutor/mantis/view.php?id=5681" - }, - { - "name" : "99599", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99599" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Module component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Alternative Content component resulting in privilege escalation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "99599", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99599" + }, + { + "name": "http://www.atutor.ca/atutor/mantis/view.php?id=5681", + "refsource": "CONFIRM", + "url": "http://www.atutor.ca/atutor/mantis/view.php?id=5681" + }, + { + "name": "http://www.atutor.ca/atutor/mantis/changelog_page.php?version_id=55", + "refsource": "CONFIRM", + "url": "http://www.atutor.ca/atutor/mantis/changelog_page.php?version_id=55" + } + ] + } +} \ No newline at end of file diff --git a/2017/1000xxx/CVE-2017-1000358.json b/2017/1000xxx/CVE-2017-1000358.json index ddcf9179916..8ab44382a18 100644 --- a/2017/1000xxx/CVE-2017-1000358.json +++ b/2017/1000xxx/CVE-2017-1000358.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve-assign@distributedweaknessfiling.org", - "ID" : "CVE-2017-1000358", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "OpenDaylight", - "version" : { - "version_data" : [ - { - "version_value" : "<=4.0" - } - ] - } - } - ] - }, - "vendor_name" : "OpenDaylight" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Controller throws an exception and does not allow user to add subsequent flow for a particular switch. Component: OpenDaylight odl-restconf feature contains this flaw. Version: OpenDaylight 4.0 is affected by this flaw." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Unspecified" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1000358", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://aaltodoc.aalto.fi/bitstream/handle/123456789/21584/master_Bidaj_Andi_2016.pdf", - "refsource" : "MISC", - "url" : "https://aaltodoc.aalto.fi/bitstream/handle/123456789/21584/master_Bidaj_Andi_2016.pdf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Controller throws an exception and does not allow user to add subsequent flow for a particular switch. Component: OpenDaylight odl-restconf feature contains this flaw. Version: OpenDaylight 4.0 is affected by this flaw." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://aaltodoc.aalto.fi/bitstream/handle/123456789/21584/master_Bidaj_Andi_2016.pdf", + "refsource": "MISC", + "url": "https://aaltodoc.aalto.fi/bitstream/handle/123456789/21584/master_Bidaj_Andi_2016.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18245.json b/2017/18xxx/CVE-2017-18245.json index 33096059181..d7db01b32bc 100644 --- a/2017/18xxx/CVE-2017-18245.json +++ b/2017/18xxx/CVE-2017-18245.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-18245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.libav.org/show_bug.cgi?id=1094", - "refsource" : "MISC", - "url" : "https://bugzilla.libav.org/show_bug.cgi?id=1094" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.libav.org/show_bug.cgi?id=1094", + "refsource": "MISC", + "url": "https://bugzilla.libav.org/show_bug.cgi?id=1094" + } + ] + } +} \ No newline at end of file diff --git a/2017/18xxx/CVE-2017-18346.json b/2017/18xxx/CVE-2017-18346.json index 106302c0fb0..1e3054c7961 100644 --- a/2017/18xxx/CVE-2017-18346.json +++ b/2017/18xxx/CVE-2017-18346.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-18346", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-18346", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1069.json b/2017/1xxx/CVE-2017-1069.json index eb7bbefe29f..2c4ad48f417 100644 --- a/2017/1xxx/CVE-2017-1069.json +++ b/2017/1xxx/CVE-2017-1069.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-1069", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-1069", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/1xxx/CVE-2017-1333.json b/2017/1xxx/CVE-2017-1333.json index 2ec256b5c97..3eefe2a742f 100644 --- a/2017/1xxx/CVE-2017-1333.json +++ b/2017/1xxx/CVE-2017-1333.json @@ -1,79 +1,79 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-10-27T00:00:00", - "ID" : "CVE-2017-1333", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "OpenPages GRC Platform", - "version" : { - "version_data" : [ - { - "version_value" : "7.1" - }, - { - "version_value" : "7.2" - }, - { - "version_value" : "7.3" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow an unauthenticated user to obtain sensitive information about the server that could be used in future attacks against the system. IBM X-Force ID: 126241." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-10-27T00:00:00", + "ID": "CVE-2017-1333", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "OpenPages GRC Platform", + "version": { + "version_data": [ + { + "version_value": "7.1" + }, + { + "version_value": "7.2" + }, + { + "version_value": "7.3" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126241", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126241" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21997796", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21997796" - }, - { - "name" : "101656", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101656" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow an unauthenticated user to obtain sensitive information about the server that could be used in future attacks against the system. IBM X-Force ID: 126241." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126241", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126241" + }, + { + "name": "101656", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101656" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21997796", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21997796" + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4240.json b/2017/4xxx/CVE-2017-4240.json index 15c6e8db63c..390b12435e3 100644 --- a/2017/4xxx/CVE-2017-4240.json +++ b/2017/4xxx/CVE-2017-4240.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4240", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4240", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4440.json b/2017/4xxx/CVE-2017-4440.json index 72a14231bfa..913700d631a 100644 --- a/2017/4xxx/CVE-2017-4440.json +++ b/2017/4xxx/CVE-2017-4440.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4440", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4440", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/4xxx/CVE-2017-4478.json b/2017/4xxx/CVE-2017-4478.json index 46c6b29818e..84a85f6100b 100644 --- a/2017/4xxx/CVE-2017-4478.json +++ b/2017/4xxx/CVE-2017-4478.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-4478", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2017-4478", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5062.json b/2017/5xxx/CVE-2017-5062.json index bac30083e7d..192921538d9 100644 --- a/2017/5xxx/CVE-2017-5062.json +++ b/2017/5xxx/CVE-2017-5062.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2017-5062", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Google Chrome prior to 58.0.3029.81 for Mac, Windows and Linux, and 58.0.3029.83 for Android", - "version" : { - "version_data" : [ - { - "version_value" : "Google Chrome prior to 58.0.3029.81 for Mac, Windows and Linux, and 58.0.3029.83 for Android" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Use After Free" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2017-5062", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Google Chrome prior to 58.0.3029.81 for Mac, Windows and Linux, and 58.0.3029.83 for Android", + "version": { + "version_data": [ + { + "version_value": "Google Chrome prior to 58.0.3029.81 for Mac, Windows and Linux, and 58.0.3029.83 for Android" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html", - "refsource" : "MISC", - "url" : "https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html" - }, - { - "name" : "https://crbug.com/702896", - "refsource" : "MISC", - "url" : "https://crbug.com/702896" - }, - { - "name" : "GLSA-201705-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201705-02" - }, - { - "name" : "RHSA-2017:1124", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1124" - }, - { - "name" : "97939", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97939" - }, - { - "name" : "1038317", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038317" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A use after free in Chrome Apps in Google Chrome prior to 58.0.3029.81 for Mac, Windows, and Linux, and 58.0.3029.83 for Android, allowed a remote attacker to potentially perform out of bounds memory access via a crafted Chrome extension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2017:1124", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1124" + }, + { + "name": "GLSA-201705-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201705-02" + }, + { + "name": "1038317", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038317" + }, + { + "name": "https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html", + "refsource": "MISC", + "url": "https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html" + }, + { + "name": "https://crbug.com/702896", + "refsource": "MISC", + "url": "https://crbug.com/702896" + }, + { + "name": "97939", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97939" + } + ] + } +} \ No newline at end of file diff --git a/2017/5xxx/CVE-2017-5110.json b/2017/5xxx/CVE-2017-5110.json index cb9132af2c3..57b42caf74c 100644 --- a/2017/5xxx/CVE-2017-5110.json +++ b/2017/5xxx/CVE-2017-5110.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2017-5110", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android", - "version" : { - "version_data" : [ - { - "version_value" : "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Inappropriate implementation" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2017-5110", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android", + "version": { + "version_data": [ + { + "version_value": "Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux and Android" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html", - "refsource" : "MISC", - "url" : "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html" - }, - { - "name" : "https://crbug.com/717476", - "refsource" : "MISC", - "url" : "https://crbug.com/717476" - }, - { - "name" : "DSA-3926", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3926" - }, - { - "name" : "GLSA-201709-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201709-15" - }, - { - "name" : "RHSA-2017:1833", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1833" - }, - { - "name" : "99950", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99950" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Inappropriate implementation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201709-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201709-15" + }, + { + "name": "DSA-3926", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3926" + }, + { + "name": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html", + "refsource": "MISC", + "url": "https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html" + }, + { + "name": "99950", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99950" + }, + { + "name": "RHSA-2017:1833", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1833" + }, + { + "name": "https://crbug.com/717476", + "refsource": "MISC", + "url": "https://crbug.com/717476" + } + ] + } +} \ No newline at end of file