diff --git a/2006/0xxx/CVE-2006-0524.json b/2006/0xxx/CVE-2006-0524.json
index d680fcfc27b..82bec53be09 100644
--- a/2006/0xxx/CVE-2006-0524.json
+++ b/2006/0xxx/CVE-2006-0524.json
@@ -1,92 +1,92 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2006-0524",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Cross-site scripting (XSS) vulnerability in ashnews.php in Derek Ashauer ashNews 0.83 allows remote attackers to inject arbitrary web script or HTML via the id parameter."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2006-0524",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20060130 ashnews Cross-Site Scripting Vulnerability",
- "refsource" : "FULLDISC",
- "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0955.html"
- },
- {
- "name" : "20060130 Re: ashnews Cross-Site Scripting Vulnerability",
- "refsource" : "FULLDISC",
- "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0969.html"
- },
- {
- "name" : "20060131 Re: ashnews Cross-Site Scripting Vulnerability",
- "refsource" : "FULLDISC",
- "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0979.html"
- },
- {
- "name" : "16426",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/16426"
- },
- {
- "name" : "22934",
- "refsource" : "OSVDB",
- "url" : "http://www.osvdb.org/22934"
- },
- {
- "name" : "9331",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/9331"
- },
- {
- "name" : "ashnews-ashnews-xss(24365)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24365"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Cross-site scripting (XSS) vulnerability in ashnews.php in Derek Ashauer ashNews 0.83 allows remote attackers to inject arbitrary web script or HTML via the id parameter."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "ashnews-ashnews-xss(24365)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24365"
+ },
+ {
+ "name": "9331",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/9331"
+ },
+ {
+ "name": "22934",
+ "refsource": "OSVDB",
+ "url": "http://www.osvdb.org/22934"
+ },
+ {
+ "name": "20060131 Re: ashnews Cross-Site Scripting Vulnerability",
+ "refsource": "FULLDISC",
+ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0979.html"
+ },
+ {
+ "name": "20060130 Re: ashnews Cross-Site Scripting Vulnerability",
+ "refsource": "FULLDISC",
+ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0969.html"
+ },
+ {
+ "name": "20060130 ashnews Cross-Site Scripting Vulnerability",
+ "refsource": "FULLDISC",
+ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0955.html"
+ },
+ {
+ "name": "16426",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/16426"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2006/0xxx/CVE-2006-0571.json b/2006/0xxx/CVE-2006-0571.json
index aa5e4820b6b..2fde4cba109 100644
--- a/2006/0xxx/CVE-2006-0571.json
+++ b/2006/0xxx/CVE-2006-0571.json
@@ -1,87 +1,87 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2006-0571",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in the administrative interface."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2006-0571",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20060212 [eVuln] phpstatus Authentication Bypass",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/424842/100/0/threaded"
- },
- {
- "name" : "http://evuln.com/vulns/61/summary.html",
- "refsource" : "MISC",
- "url" : "http://evuln.com/vulns/61/summary.html"
- },
- {
- "name" : "16587",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/16587"
- },
- {
- "name" : "ADV-2006-0450",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2006/0450"
- },
- {
- "name" : "18791",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/18791"
- },
- {
- "name" : "427",
- "refsource" : "SREASON",
- "url" : "http://securityreason.com/securityalert/427"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple cross-site scripting (XSS) vulnerabilities in phpstatus 1.0 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in the administrative interface."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://evuln.com/vulns/61/summary.html",
+ "refsource": "MISC",
+ "url": "http://evuln.com/vulns/61/summary.html"
+ },
+ {
+ "name": "18791",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/18791"
+ },
+ {
+ "name": "16587",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/16587"
+ },
+ {
+ "name": "427",
+ "refsource": "SREASON",
+ "url": "http://securityreason.com/securityalert/427"
+ },
+ {
+ "name": "20060212 [eVuln] phpstatus Authentication Bypass",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/424842/100/0/threaded"
+ },
+ {
+ "name": "ADV-2006-0450",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2006/0450"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2006/0xxx/CVE-2006-0982.json b/2006/0xxx/CVE-2006-0982.json
index 2caa3cd7679..d9f790db026 100644
--- a/2006/0xxx/CVE-2006-0982.json
+++ b/2006/0xxx/CVE-2006-0982.json
@@ -1,62 +1,62 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2006-0982",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The on-access scanner for McAfee Virex 7.7 for Macintosh, in some circumstances, might not activate when malicious content is accessed from the web browser, and might not prevent the content from being saved, which allows remote attackers to bypass virus protection, as demonstrated using the EICAR test file."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2006-0982",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20060228 Virex on-access scanning unreliable",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/426348/100/0/threaded"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The on-access scanner for McAfee Virex 7.7 for Macintosh, in some circumstances, might not activate when malicious content is accessed from the web browser, and might not prevent the content from being saved, which allows remote attackers to bypass virus protection, as demonstrated using the EICAR test file."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "20060228 Virex on-access scanning unreliable",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/426348/100/0/threaded"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2006/1xxx/CVE-2006-1680.json b/2006/1xxx/CVE-2006-1680.json
index 0c2abb27844..78f4c1e39aa 100644
--- a/2006/1xxx/CVE-2006-1680.json
+++ b/2006/1xxx/CVE-2006-1680.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2006-1680",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Jupiter CMS 1.1.5, when display_errors is enabled, allows remote attackers to obtain the full server path via a direct request to modules/online.php."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2006-1680",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20060407 Multiple vulnerability in jupiter CMS",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/430391/100/0/threaded"
- },
- {
- "name" : "ADV-2006-1302",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2006/1302"
- },
- {
- "name" : "19582",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/19582"
- },
- {
- "name" : "jupitercm-online-path-disclosure(25703)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25703"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Jupiter CMS 1.1.5, when display_errors is enabled, allows remote attackers to obtain the full server path via a direct request to modules/online.php."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "20060407 Multiple vulnerability in jupiter CMS",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/430391/100/0/threaded"
+ },
+ {
+ "name": "jupitercm-online-path-disclosure(25703)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25703"
+ },
+ {
+ "name": "ADV-2006-1302",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2006/1302"
+ },
+ {
+ "name": "19582",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/19582"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2006/1xxx/CVE-2006-1764.json b/2006/1xxx/CVE-2006-1764.json
index 825d24b3739..a0427aba465 100644
--- a/2006/1xxx/CVE-2006-1764.json
+++ b/2006/1xxx/CVE-2006-1764.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2006-1764",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2006-1764",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "ADV-2006-1268",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2006/1268"
- },
- {
- "name" : "24447",
- "refsource" : "OSVDB",
- "url" : "http://www.osvdb.org/24447"
- },
- {
- "name" : "19569",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/19569"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Hosting Controller 6.1 stores forum/db/forum.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as user name and password credentials. NOTE: the provenance of this information is unknown; the details are obtained from third party information."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "ADV-2006-1268",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2006/1268"
+ },
+ {
+ "name": "19569",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/19569"
+ },
+ {
+ "name": "24447",
+ "refsource": "OSVDB",
+ "url": "http://www.osvdb.org/24447"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2006/1xxx/CVE-2006-1851.json b/2006/1xxx/CVE-2006-1851.json
index 93f7411e31a..53d6f1441d2 100644
--- a/2006/1xxx/CVE-2006-1851.json
+++ b/2006/1xxx/CVE-2006-1851.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2006-1851",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "xFlow 5.46.11 and earlier allows remote attackers to determine the installation path of the application via the (1) action parameter to members_only/index.cgi and (2) page parameter customer_area/index.cgi, probably due to invalid values."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2006-1851",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://pridels0.blogspot.com/2006/04/xflow-v5x-multiple-vuln.html",
- "refsource" : "MISC",
- "url" : "http://pridels0.blogspot.com/2006/04/xflow-v5x-multiple-vuln.html"
- },
- {
- "name" : "17614",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/17614"
- },
- {
- "name" : "xflow-index-path-disclosure(25855)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25855"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "xFlow 5.46.11 and earlier allows remote attackers to determine the installation path of the application via the (1) action parameter to members_only/index.cgi and (2) page parameter customer_area/index.cgi, probably due to invalid values."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "17614",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/17614"
+ },
+ {
+ "name": "http://pridels0.blogspot.com/2006/04/xflow-v5x-multiple-vuln.html",
+ "refsource": "MISC",
+ "url": "http://pridels0.blogspot.com/2006/04/xflow-v5x-multiple-vuln.html"
+ },
+ {
+ "name": "xflow-index-path-disclosure(25855)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25855"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2006/1xxx/CVE-2006-1935.json b/2006/1xxx/CVE-2006-1935.json
index f208b79b641..9eb18e8680d 100644
--- a/2006/1xxx/CVE-2006-1935.json
+++ b/2006/1xxx/CVE-2006-1935.json
@@ -1,177 +1,177 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2006-1935",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the COPS dissector."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert@redhat.com",
+ "ID": "CVE-2006-1935",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.ethereal.com/appnotes/enpa-sa-00023.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.ethereal.com/appnotes/enpa-sa-00023.html"
- },
- {
- "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-128.htm",
- "refsource" : "CONFIRM",
- "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-128.htm"
- },
- {
- "name" : "DSA-1049",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2006/dsa-1049"
- },
- {
- "name" : "FEDORA-2006-456",
- "refsource" : "FEDORA",
- "url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00194.html"
- },
- {
- "name" : "FEDORA-2006-461",
- "refsource" : "FEDORA",
- "url" : "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00195.html"
- },
- {
- "name" : "GLSA-200604-17",
- "refsource" : "GENTOO",
- "url" : "http://www.gentoo.org/security/en/glsa/glsa-200604-17.xml"
- },
- {
- "name" : "MDKSA-2006:077",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:077"
- },
- {
- "name" : "RHSA-2006:0420",
- "refsource" : "REDHAT",
- "url" : "http://www.redhat.com/support/errata/RHSA-2006-0420.html"
- },
- {
- "name" : "20060501-01-U",
- "refsource" : "SGI",
- "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
- },
- {
- "name" : "SUSE-SR:2006:010",
- "refsource" : "SUSE",
- "url" : "http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html"
- },
- {
- "name" : "17682",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/17682"
- },
- {
- "name" : "oval:org.mitre.oval:def:10811",
- "refsource" : "OVAL",
- "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10811"
- },
- {
- "name" : "ADV-2006-1501",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2006/1501"
- },
- {
- "name" : "1015985",
- "refsource" : "SECTRACK",
- "url" : "http://securitytracker.com/id?1015985"
- },
- {
- "name" : "19769",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/19769"
- },
- {
- "name" : "19805",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/19805"
- },
- {
- "name" : "19828",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/19828"
- },
- {
- "name" : "19839",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/19839"
- },
- {
- "name" : "19958",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/19958"
- },
- {
- "name" : "19962",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/19962"
- },
- {
- "name" : "20117",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/20117"
- },
- {
- "name" : "20944",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/20944"
- },
- {
- "name" : "20210",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/20210"
- },
- {
- "name" : "ethereal-cops-dissector-bo(26013)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26013"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Buffer overflow in Ethereal 0.9.15 up to 0.10.14 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the COPS dissector."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "19828",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/19828"
+ },
+ {
+ "name": "19839",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/19839"
+ },
+ {
+ "name": "20210",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/20210"
+ },
+ {
+ "name": "FEDORA-2006-456",
+ "refsource": "FEDORA",
+ "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00194.html"
+ },
+ {
+ "name": "MDKSA-2006:077",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:077"
+ },
+ {
+ "name": "http://www.ethereal.com/appnotes/enpa-sa-00023.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.ethereal.com/appnotes/enpa-sa-00023.html"
+ },
+ {
+ "name": "19769",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/19769"
+ },
+ {
+ "name": "19962",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/19962"
+ },
+ {
+ "name": "FEDORA-2006-461",
+ "refsource": "FEDORA",
+ "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00195.html"
+ },
+ {
+ "name": "1015985",
+ "refsource": "SECTRACK",
+ "url": "http://securitytracker.com/id?1015985"
+ },
+ {
+ "name": "oval:org.mitre.oval:def:10811",
+ "refsource": "OVAL",
+ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10811"
+ },
+ {
+ "name": "GLSA-200604-17",
+ "refsource": "GENTOO",
+ "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-17.xml"
+ },
+ {
+ "name": "ADV-2006-1501",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2006/1501"
+ },
+ {
+ "name": "DSA-1049",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2006/dsa-1049"
+ },
+ {
+ "name": "19805",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/19805"
+ },
+ {
+ "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-128.htm",
+ "refsource": "CONFIRM",
+ "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-128.htm"
+ },
+ {
+ "name": "20060501-01-U",
+ "refsource": "SGI",
+ "url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
+ },
+ {
+ "name": "SUSE-SR:2006:010",
+ "refsource": "SUSE",
+ "url": "http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html"
+ },
+ {
+ "name": "20117",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/20117"
+ },
+ {
+ "name": "17682",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/17682"
+ },
+ {
+ "name": "20944",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/20944"
+ },
+ {
+ "name": "RHSA-2006:0420",
+ "refsource": "REDHAT",
+ "url": "http://www.redhat.com/support/errata/RHSA-2006-0420.html"
+ },
+ {
+ "name": "19958",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/19958"
+ },
+ {
+ "name": "ethereal-cops-dissector-bo(26013)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26013"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2006/5xxx/CVE-2006-5646.json b/2006/5xxx/CVE-2006-5646.json
index c039c182c1e..6b710c2bf18 100644
--- a/2006/5xxx/CVE-2006-5646.json
+++ b/2006/5xxx/CVE-2006-5646.json
@@ -1,87 +1,87 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2006-5646",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2006-5646",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20061208 Sophos Antivirus CHM File Heap Overflow Vulnerability",
- "refsource" : "IDEFENSE",
- "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=452"
- },
- {
- "name" : "http://www.sophos.com/support/knowledgebase/article/7609.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.sophos.com/support/knowledgebase/article/7609.html"
- },
- {
- "name" : "20816",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/20816"
- },
- {
- "name" : "ADV-2006-4239",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2006/4239"
- },
- {
- "name" : "1017132",
- "refsource" : "SECTRACK",
- "url" : "http://securitytracker.com/id?1017132"
- },
- {
- "name" : "22591",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/22591"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Heap-based buffer overflow in Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when archive scanning is enabled, allows remote attackers to trigger a denial of service (memory corruption) via a CHM file with an LZX decompression header that specifies a Window_size of 0."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://www.sophos.com/support/knowledgebase/article/7609.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
+ },
+ {
+ "name": "1017132",
+ "refsource": "SECTRACK",
+ "url": "http://securitytracker.com/id?1017132"
+ },
+ {
+ "name": "ADV-2006-4239",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2006/4239"
+ },
+ {
+ "name": "20061208 Sophos Antivirus CHM File Heap Overflow Vulnerability",
+ "refsource": "IDEFENSE",
+ "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=452"
+ },
+ {
+ "name": "20816",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/20816"
+ },
+ {
+ "name": "22591",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/22591"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2006/5xxx/CVE-2006-5725.json b/2006/5xxx/CVE-2006-5725.json
index 7d618f53f94..1cfdff1da37 100644
--- a/2006/5xxx/CVE-2006-5725.json
+++ b/2006/5xxx/CVE-2006-5725.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2006-5725",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The SSL server in AEP Smartgate 4.3b allows remote attackers to determine existence of directories via a direct request for a directory URI, which returns different HTTP status codes for existing and non-existing directories."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2006-5725",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "2637",
- "refsource" : "EXPLOIT-DB",
- "url" : "https://www.exploit-db.com/exploits/2637"
- },
- {
- "name" : "https://prdelka.blackart.org.uk/exploitz/prdelka-vs-AEP-smartgate.c",
- "refsource" : "MISC",
- "url" : "https://prdelka.blackart.org.uk/exploitz/prdelka-vs-AEP-smartgate.c"
- },
- {
- "name" : "ADV-2006-4224",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2006/4224"
- },
- {
- "name" : "22550",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/22550"
- },
- {
- "name" : "smartgate-header-information-disclosure(29802)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29802"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The SSL server in AEP Smartgate 4.3b allows remote attackers to determine existence of directories via a direct request for a directory URI, which returns different HTTP status codes for existing and non-existing directories."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "22550",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/22550"
+ },
+ {
+ "name": "ADV-2006-4224",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2006/4224"
+ },
+ {
+ "name": "2637",
+ "refsource": "EXPLOIT-DB",
+ "url": "https://www.exploit-db.com/exploits/2637"
+ },
+ {
+ "name": "https://prdelka.blackart.org.uk/exploitz/prdelka-vs-AEP-smartgate.c",
+ "refsource": "MISC",
+ "url": "https://prdelka.blackart.org.uk/exploitz/prdelka-vs-AEP-smartgate.c"
+ },
+ {
+ "name": "smartgate-header-information-disclosure(29802)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29802"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2006/5xxx/CVE-2006-5828.json b/2006/5xxx/CVE-2006-5828.json
index d3805dc5f52..a73709d2d84 100644
--- a/2006/5xxx/CVE-2006-5828.json
+++ b/2006/5xxx/CVE-2006-5828.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2006-5828",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2006-5828",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "2720",
- "refsource" : "EXPLOIT-DB",
- "url" : "https://www.exploit-db.com/exploits/2720"
- },
- {
- "name" : "20935",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/20935"
- },
- {
- "name" : "ADV-2006-4403",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2006/4403"
- },
- {
- "name" : "22704",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/22704"
- },
- {
- "name" : "phpclassifieds-detail-sql-injection(30023)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30023"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "phpclassifieds-detail-sql-injection(30023)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30023"
+ },
+ {
+ "name": "20935",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/20935"
+ },
+ {
+ "name": "2720",
+ "refsource": "EXPLOIT-DB",
+ "url": "https://www.exploit-db.com/exploits/2720"
+ },
+ {
+ "name": "ADV-2006-4403",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2006/4403"
+ },
+ {
+ "name": "22704",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/22704"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/0xxx/CVE-2010-0200.json b/2010/0xxx/CVE-2010-0200.json
index dd83d48d3f8..4fd507679bb 100644
--- a/2010/0xxx/CVE-2010-0200.json
+++ b/2010/0xxx/CVE-2010-0200.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-0200",
- "STATE" : "REJECT"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1241. Reason: This candidate is a duplicate of CVE-2010-1241. Notes: All CVE users should reference CVE-2010-1241 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
- }
- ]
- }
-}
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2010-0200",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "REJECT"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1241. Reason: This candidate is a duplicate of CVE-2010-1241. Notes: All CVE users should reference CVE-2010-1241 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/0xxx/CVE-2010-0397.json b/2010/0xxx/CVE-2010-0397.json
index b649944a8ac..658899f554d 100644
--- a/2010/0xxx/CVE-2010-0397.json
+++ b/2010/0xxx/CVE-2010-0397.json
@@ -1,132 +1,132 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-0397",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2010-0397",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "[oss-security] 20100312 CVE-2010-0397: NULL pointer dereference in PHP's xmlrpc extension",
- "refsource" : "MLIST",
- "url" : "http://www.openwall.com/lists/oss-security/2010/03/12/5"
- },
- {
- "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573573",
- "refsource" : "CONFIRM",
- "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573573"
- },
- {
- "name" : "http://support.apple.com/kb/HT4312",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/kb/HT4312"
- },
- {
- "name" : "http://support.apple.com/kb/HT4435",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/kb/HT4435"
- },
- {
- "name" : "APPLE-SA-2010-08-24-1",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
- },
- {
- "name" : "APPLE-SA-2010-11-10-1",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
- },
- {
- "name" : "MDVSA-2010:068",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:068"
- },
- {
- "name" : "RHSA-2010:0919",
- "refsource" : "REDHAT",
- "url" : "http://www.redhat.com/support/errata/RHSA-2010-0919.html"
- },
- {
- "name" : "SUSE-SR:2010:012",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"
- },
- {
- "name" : "SUSE-SR:2010:013",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
- },
- {
- "name" : "SUSE-SR:2010:017",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
- },
- {
- "name" : "38708",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/38708"
- },
- {
- "name" : "42410",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/42410"
- },
- {
- "name" : "ADV-2010-0724",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2010/0724"
- },
- {
- "name" : "ADV-2010-3081",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2010/3081"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573573",
+ "refsource": "CONFIRM",
+ "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573573"
+ },
+ {
+ "name": "http://support.apple.com/kb/HT4435",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/kb/HT4435"
+ },
+ {
+ "name": "[oss-security] 20100312 CVE-2010-0397: NULL pointer dereference in PHP's xmlrpc extension",
+ "refsource": "MLIST",
+ "url": "http://www.openwall.com/lists/oss-security/2010/03/12/5"
+ },
+ {
+ "name": "APPLE-SA-2010-11-10-1",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
+ },
+ {
+ "name": "SUSE-SR:2010:013",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
+ },
+ {
+ "name": "38708",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/38708"
+ },
+ {
+ "name": "RHSA-2010:0919",
+ "refsource": "REDHAT",
+ "url": "http://www.redhat.com/support/errata/RHSA-2010-0919.html"
+ },
+ {
+ "name": "APPLE-SA-2010-08-24-1",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html"
+ },
+ {
+ "name": "http://support.apple.com/kb/HT4312",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/kb/HT4312"
+ },
+ {
+ "name": "SUSE-SR:2010:012",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"
+ },
+ {
+ "name": "42410",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/42410"
+ },
+ {
+ "name": "SUSE-SR:2010:017",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
+ },
+ {
+ "name": "ADV-2010-0724",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2010/0724"
+ },
+ {
+ "name": "MDVSA-2010:068",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:068"
+ },
+ {
+ "name": "ADV-2010-3081",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2010/3081"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/0xxx/CVE-2010-0420.json b/2010/0xxx/CVE-2010-0420.json
index e583866c2cb..e6f06eed8ba 100644
--- a/2010/0xxx/CVE-2010-0420.json
+++ b/2010/0xxx/CVE-2010-0420.json
@@ -1,187 +1,187 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-0420",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing
sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert@redhat.com",
+ "ID": "CVE-2010-0420",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://developer.pidgin.im/wiki/ChangeLog",
- "refsource" : "CONFIRM",
- "url" : "http://developer.pidgin.im/wiki/ChangeLog"
- },
- {
- "name" : "http://pidgin.im/news/security/?id=44",
- "refsource" : "CONFIRM",
- "url" : "http://pidgin.im/news/security/?id=44"
- },
- {
- "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=565786",
- "refsource" : "CONFIRM",
- "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=565786"
- },
- {
- "name" : "DSA-2038",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2010/dsa-2038"
- },
- {
- "name" : "FEDORA-2010-1279",
- "refsource" : "FEDORA",
- "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035332.html"
- },
- {
- "name" : "FEDORA-2010-1383",
- "refsource" : "FEDORA",
- "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035409.html"
- },
- {
- "name" : "FEDORA-2010-1934",
- "refsource" : "FEDORA",
- "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035347.html"
- },
- {
- "name" : "MDVSA-2010:041",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:041"
- },
- {
- "name" : "MDVSA-2010:085",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:085"
- },
- {
- "name" : "RHSA-2010:0115",
- "refsource" : "REDHAT",
- "url" : "https://rhn.redhat.com/errata/RHSA-2010-0115.html"
- },
- {
- "name" : "SUSE-SR:2010:006",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
- },
- {
- "name" : "USN-902-1",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/USN-902-1"
- },
- {
- "name" : "38294",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/38294"
- },
- {
- "name" : "62439",
- "refsource" : "OSVDB",
- "url" : "http://www.osvdb.org/62439"
- },
- {
- "name" : "oval:org.mitre.oval:def:11485",
- "refsource" : "OVAL",
- "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11485"
- },
- {
- "name" : "oval:org.mitre.oval:def:18230",
- "refsource" : "OVAL",
- "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18230"
- },
- {
- "name" : "38563",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/38563"
- },
- {
- "name" : "38640",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/38640"
- },
- {
- "name" : "38658",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/38658"
- },
- {
- "name" : "38712",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/38712"
- },
- {
- "name" : "38915",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/38915"
- },
- {
- "name" : "39509",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/39509"
- },
- {
- "name" : "ADV-2010-0413",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2010/0413"
- },
- {
- "name" : "ADV-2010-1020",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2010/1020"
- },
- {
- "name" : "ADV-2010-0914",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2010/0914"
- },
- {
- "name" : "pidgin-xmpp-nickname-dos(56399)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56399"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing
sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nickname."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "FEDORA-2010-1279",
+ "refsource": "FEDORA",
+ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035332.html"
+ },
+ {
+ "name": "38294",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/38294"
+ },
+ {
+ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=565786",
+ "refsource": "CONFIRM",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=565786"
+ },
+ {
+ "name": "RHSA-2010:0115",
+ "refsource": "REDHAT",
+ "url": "https://rhn.redhat.com/errata/RHSA-2010-0115.html"
+ },
+ {
+ "name": "ADV-2010-0413",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2010/0413"
+ },
+ {
+ "name": "38563",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/38563"
+ },
+ {
+ "name": "MDVSA-2010:085",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:085"
+ },
+ {
+ "name": "USN-902-1",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-902-1"
+ },
+ {
+ "name": "38640",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/38640"
+ },
+ {
+ "name": "ADV-2010-0914",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2010/0914"
+ },
+ {
+ "name": "38658",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/38658"
+ },
+ {
+ "name": "oval:org.mitre.oval:def:18230",
+ "refsource": "OVAL",
+ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18230"
+ },
+ {
+ "name": "FEDORA-2010-1934",
+ "refsource": "FEDORA",
+ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035347.html"
+ },
+ {
+ "name": "ADV-2010-1020",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2010/1020"
+ },
+ {
+ "name": "SUSE-SR:2010:006",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
+ },
+ {
+ "name": "FEDORA-2010-1383",
+ "refsource": "FEDORA",
+ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035409.html"
+ },
+ {
+ "name": "62439",
+ "refsource": "OSVDB",
+ "url": "http://www.osvdb.org/62439"
+ },
+ {
+ "name": "DSA-2038",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2010/dsa-2038"
+ },
+ {
+ "name": "38712",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/38712"
+ },
+ {
+ "name": "pidgin-xmpp-nickname-dos(56399)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56399"
+ },
+ {
+ "name": "http://pidgin.im/news/security/?id=44",
+ "refsource": "CONFIRM",
+ "url": "http://pidgin.im/news/security/?id=44"
+ },
+ {
+ "name": "39509",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/39509"
+ },
+ {
+ "name": "oval:org.mitre.oval:def:11485",
+ "refsource": "OVAL",
+ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11485"
+ },
+ {
+ "name": "MDVSA-2010:041",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:041"
+ },
+ {
+ "name": "38915",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/38915"
+ },
+ {
+ "name": "http://developer.pidgin.im/wiki/ChangeLog",
+ "refsource": "CONFIRM",
+ "url": "http://developer.pidgin.im/wiki/ChangeLog"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/0xxx/CVE-2010-0679.json b/2010/0xxx/CVE-2010-0679.json
index ad59f73f5d5..10d2c6b5e7b 100644
--- a/2010/0xxx/CVE-2010-0679.json
+++ b/2010/0xxx/CVE-2010-0679.json
@@ -1,92 +1,92 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-0679",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control (HyleosChemView.ocx) in Hyleos ChemView 1.9.5.1 allow remote attackers to execute arbitrary code via a large number of white space characters in the filename argument to the (1) SaveasMolFile and (2) ReadMolFile methods."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2010-0679",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://packetstormsecurity.org/1002-advisories/chemviewx-overflow.txt",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.org/1002-advisories/chemviewx-overflow.txt"
- },
- {
- "name" : "http://packetstormsecurity.org/1002-exploits/hyleoschemview-heap.rb.txt",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.org/1002-exploits/hyleoschemview-heap.rb.txt"
- },
- {
- "name" : "11422",
- "refsource" : "EXPLOIT-DB",
- "url" : "http://www.exploit-db.com/exploits/11422"
- },
- {
- "name" : "http://www.security-assessment.com/files/advisories/2010-02-11_ChemviewX_Activex.pdf",
- "refsource" : "MISC",
- "url" : "http://www.security-assessment.com/files/advisories/2010-02-11_ChemviewX_Activex.pdf"
- },
- {
- "name" : "38225",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/38225"
- },
- {
- "name" : "62276",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/62276"
- },
- {
- "name" : "38523",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/38523"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control (HyleosChemView.ocx) in Hyleos ChemView 1.9.5.1 allow remote attackers to execute arbitrary code via a large number of white space characters in the filename argument to the (1) SaveasMolFile and (2) ReadMolFile methods."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://packetstormsecurity.org/1002-exploits/hyleoschemview-heap.rb.txt",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.org/1002-exploits/hyleoschemview-heap.rb.txt"
+ },
+ {
+ "name": "38523",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/38523"
+ },
+ {
+ "name": "http://www.security-assessment.com/files/advisories/2010-02-11_ChemviewX_Activex.pdf",
+ "refsource": "MISC",
+ "url": "http://www.security-assessment.com/files/advisories/2010-02-11_ChemviewX_Activex.pdf"
+ },
+ {
+ "name": "38225",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/38225"
+ },
+ {
+ "name": "62276",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/62276"
+ },
+ {
+ "name": "http://packetstormsecurity.org/1002-advisories/chemviewx-overflow.txt",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.org/1002-advisories/chemviewx-overflow.txt"
+ },
+ {
+ "name": "11422",
+ "refsource": "EXPLOIT-DB",
+ "url": "http://www.exploit-db.com/exploits/11422"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/0xxx/CVE-2010-0937.json b/2010/0xxx/CVE-2010-0937.json
index 98ed7a6aded..f4f0ed3b792 100644
--- a/2010/0xxx/CVE-2010-0937.json
+++ b/2010/0xxx/CVE-2010-0937.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-0937",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple unspecified vulnerabilities in Visualization Library before 2009.08.812 have unknown impact and attack vectors."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2010-0937",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://visualizationlibrary.com/documentation/pagchangelog.html",
- "refsource" : "CONFIRM",
- "url" : "http://visualizationlibrary.com/documentation/pagchangelog.html"
- },
- {
- "name" : "37644",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/37644"
- },
- {
- "name" : "ADV-2010-0050",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2010/0050"
- },
- {
- "name" : "visualizationlibrary-multiple-unspecified(55478)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55478"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple unspecified vulnerabilities in Visualization Library before 2009.08.812 have unknown impact and attack vectors."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "37644",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/37644"
+ },
+ {
+ "name": "ADV-2010-0050",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2010/0050"
+ },
+ {
+ "name": "visualizationlibrary-multiple-unspecified(55478)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55478"
+ },
+ {
+ "name": "http://visualizationlibrary.com/documentation/pagchangelog.html",
+ "refsource": "CONFIRM",
+ "url": "http://visualizationlibrary.com/documentation/pagchangelog.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/1xxx/CVE-2010-1476.json b/2010/1xxx/CVE-2010-1476.json
index 93f1876f59a..1620a1470a5 100644
--- a/2010/1xxx/CVE-2010-1476.json
+++ b/2010/1xxx/CVE-2010-1476.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-1476",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2010-1476",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://packetstormsecurity.org/1004-exploits/joomlaalphauserpoints-lfi.txt",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.org/1004-exploits/joomlaalphauserpoints-lfi.txt"
- },
- {
- "name" : "12150",
- "refsource" : "EXPLOIT-DB",
- "url" : "http://www.exploit-db.com/exploits/12150"
- },
- {
- "name" : "http://www.alphaplug.com/",
- "refsource" : "CONFIRM",
- "url" : "http://www.alphaplug.com/"
- },
- {
- "name" : "39393",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/39393"
- },
- {
- "name" : "39250",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/39250"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the view parameter to index.php."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "12150",
+ "refsource": "EXPLOIT-DB",
+ "url": "http://www.exploit-db.com/exploits/12150"
+ },
+ {
+ "name": "http://www.alphaplug.com/",
+ "refsource": "CONFIRM",
+ "url": "http://www.alphaplug.com/"
+ },
+ {
+ "name": "39250",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/39250"
+ },
+ {
+ "name": "39393",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/39393"
+ },
+ {
+ "name": "http://packetstormsecurity.org/1004-exploits/joomlaalphauserpoints-lfi.txt",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.org/1004-exploits/joomlaalphauserpoints-lfi.txt"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/3xxx/CVE-2010-3161.json b/2010/3xxx/CVE-2010-3161.json
index 1404eea1aee..8a829b8557b 100644
--- a/2010/3xxx/CVE-2010-3161.json
+++ b/2010/3xxx/CVE-2010-3161.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-3161",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Untrusted search path vulnerability in TeraPad before 1.00 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "vultures@jpcert.or.jp",
+ "ID": "CVE-2010-3161",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www5f.biglobe.ne.jp/~t-susumu/dl/tpad/History.txt",
- "refsource" : "CONFIRM",
- "url" : "http://www5f.biglobe.ne.jp/~t-susumu/dl/tpad/History.txt"
- },
- {
- "name" : "JVN#48097065",
- "refsource" : "JVN",
- "url" : "http://jvn.jp/en/jp/JVN48097065/index.html"
- },
- {
- "name" : "JVNDB-2010-000045",
- "refsource" : "JVNDB",
- "url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000045.html"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Untrusted search path vulnerability in TeraPad before 1.00 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "JVN#48097065",
+ "refsource": "JVN",
+ "url": "http://jvn.jp/en/jp/JVN48097065/index.html"
+ },
+ {
+ "name": "http://www5f.biglobe.ne.jp/~t-susumu/dl/tpad/History.txt",
+ "refsource": "CONFIRM",
+ "url": "http://www5f.biglobe.ne.jp/~t-susumu/dl/tpad/History.txt"
+ },
+ {
+ "name": "JVNDB-2010-000045",
+ "refsource": "JVNDB",
+ "url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000045.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/3xxx/CVE-2010-3928.json b/2010/3xxx/CVE-2010-3928.json
index 9947ee5b206..eb2c17a0169 100644
--- a/2010/3xxx/CVE-2010-3928.json
+++ b/2010/3xxx/CVE-2010-3928.json
@@ -1,92 +1,92 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-3928",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Ruby Version Manager (RVM) before 1.2.1 writes file contents to a terminal without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via a crafted file, related to an \"escape sequence injection vulnerability.\" NOTE: some of these details are obtained from third party information."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "vultures@jpcert.or.jp",
+ "ID": "CVE-2010-3928",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "JVN#30414126",
- "refsource" : "JVN",
- "url" : "http://jvn.jp/en/jp/JVN30414126/index.html"
- },
- {
- "name" : "JVNDB-2011-000005",
- "refsource" : "JVNDB",
- "url" : "http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000005.html"
- },
- {
- "name" : "45841",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/45841"
- },
- {
- "name" : "70521",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/70521"
- },
- {
- "name" : "42952",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/42952"
- },
- {
- "name" : "ADV-2011-0174",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2011/0174"
- },
- {
- "name" : "ruby-manager-escape-command-execution(64746)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64746"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Ruby Version Manager (RVM) before 1.2.1 writes file contents to a terminal without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via a crafted file, related to an \"escape sequence injection vulnerability.\" NOTE: some of these details are obtained from third party information."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "JVNDB-2011-000005",
+ "refsource": "JVNDB",
+ "url": "http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000005.html"
+ },
+ {
+ "name": "45841",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/45841"
+ },
+ {
+ "name": "42952",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/42952"
+ },
+ {
+ "name": "JVN#30414126",
+ "refsource": "JVN",
+ "url": "http://jvn.jp/en/jp/JVN30414126/index.html"
+ },
+ {
+ "name": "ruby-manager-escape-command-execution(64746)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64746"
+ },
+ {
+ "name": "70521",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/70521"
+ },
+ {
+ "name": "ADV-2011-0174",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2011/0174"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/4xxx/CVE-2010-4509.json b/2010/4xxx/CVE-2010-4509.json
index 3ead525462f..eb4b08184d1 100644
--- a/2010/4xxx/CVE-2010-4509.json
+++ b/2010/4xxx/CVE-2010-4509.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-4509",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 and 5.x before 5.04 have unknown impact and attack vectors related to the (1) mt:AssetProperty and (2) mt:EntryFlag tags."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2010-4509",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html"
- },
- {
- "name" : "45383",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/45383"
- },
- {
- "name" : "movable-type-multiple-unspec(64130)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64130"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 and 5.x before 5.04 have unknown impact and attack vectors related to the (1) mt:AssetProperty and (2) mt:EntryFlag tags."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "movable-type-multiple-unspec(64130)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64130"
+ },
+ {
+ "name": "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.movabletype.org/documentation/appendices/release-notes/movable-type-504-435-release-notes.html"
+ },
+ {
+ "name": "45383",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/45383"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/4xxx/CVE-2010-4561.json b/2010/4xxx/CVE-2010-4561.json
index 389604ef7e9..dffe8440cdb 100644
--- a/2010/4xxx/CVE-2010-4561.json
+++ b/2010/4xxx/CVE-2010-4561.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-4561",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2010-4561",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2010/4xxx/CVE-2010-4852.json b/2010/4xxx/CVE-2010-4852.json
index b93bdf105be..cd3a6d77961 100644
--- a/2010/4xxx/CVE-2010-4852.json
+++ b/2010/4xxx/CVE-2010-4852.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2010-4852",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b allows remote attackers to inject arbitrary web script or HTML via the reason parameter in a fail action."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2010-4852",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "15644",
- "refsource" : "EXPLOIT-DB",
- "url" : "http://www.exploit-db.com/exploits/15644"
- },
- {
- "name" : "http://packetstormsecurity.org/files/view/96228/eclime112b-sql.txt",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.org/files/view/96228/eclime112b-sql.txt"
- },
- {
- "name" : "http://www.htbridge.ch/advisory/xss_in_eclime.html",
- "refsource" : "MISC",
- "url" : "http://www.htbridge.ch/advisory/xss_in_eclime.html"
- },
- {
- "name" : "45124",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/45124"
- },
- {
- "name" : "8399",
- "refsource" : "SREASON",
- "url" : "http://securityreason.com/securityalert/8399"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b allows remote attackers to inject arbitrary web script or HTML via the reason parameter in a fail action."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "8399",
+ "refsource": "SREASON",
+ "url": "http://securityreason.com/securityalert/8399"
+ },
+ {
+ "name": "45124",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/45124"
+ },
+ {
+ "name": "http://www.htbridge.ch/advisory/xss_in_eclime.html",
+ "refsource": "MISC",
+ "url": "http://www.htbridge.ch/advisory/xss_in_eclime.html"
+ },
+ {
+ "name": "15644",
+ "refsource": "EXPLOIT-DB",
+ "url": "http://www.exploit-db.com/exploits/15644"
+ },
+ {
+ "name": "http://packetstormsecurity.org/files/view/96228/eclime112b-sql.txt",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.org/files/view/96228/eclime112b-sql.txt"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/0xxx/CVE-2014-0110.json b/2014/0xxx/CVE-2014-0110.json
index 5a65030e2f0..de1757cb417 100644
--- a/2014/0xxx/CVE-2014-0110.json
+++ b/2014/0xxx/CVE-2014-0110.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-0110",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (/tmp disk consumption) via a large invalid SOAP message."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert@redhat.com",
+ "ID": "CVE-2014-0110",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://cxf.apache.org/security-advisories.data/CVE-2014-0110.txt.asc?version=1&modificationDate=1398873378628&api=v2",
- "refsource" : "CONFIRM",
- "url" : "http://cxf.apache.org/security-advisories.data/CVE-2014-0110.txt.asc?version=1&modificationDate=1398873378628&api=v2"
- },
- {
- "name" : "RHSA-2014:1351",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2014-1351.html"
- },
- {
- "name" : "RHSA-2015:0850",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
- },
- {
- "name" : "RHSA-2015:0851",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
- },
- {
- "name" : "1030202",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1030202"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (/tmp disk consumption) via a large invalid SOAP message."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://cxf.apache.org/security-advisories.data/CVE-2014-0110.txt.asc?version=1&modificationDate=1398873378628&api=v2",
+ "refsource": "CONFIRM",
+ "url": "http://cxf.apache.org/security-advisories.data/CVE-2014-0110.txt.asc?version=1&modificationDate=1398873378628&api=v2"
+ },
+ {
+ "name": "RHSA-2015:0850",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
+ },
+ {
+ "name": "RHSA-2015:0851",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
+ },
+ {
+ "name": "1030202",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1030202"
+ },
+ {
+ "name": "RHSA-2014:1351",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/0xxx/CVE-2014-0770.json b/2014/0xxx/CVE-2014-0770.json
index fb2e71995a0..cd0eb5a66c6 100644
--- a/2014/0xxx/CVE-2014-0770.json
+++ b/2014/0xxx/CVE-2014-0770.json
@@ -1,62 +1,62 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-0770",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long UserName parameter."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "ics-cert@hq.dhs.gov",
+ "ID": "CVE-2014-0770",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03",
- "refsource" : "MISC",
- "url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long UserName parameter."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03",
+ "refsource": "MISC",
+ "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/10xxx/CVE-2014-10012.json b/2014/10xxx/CVE-2014-10012.json
index 71601e84c27..cae17b56dc5 100644
--- a/2014/10xxx/CVE-2014-10012.json
+++ b/2014/10xxx/CVE-2014-10012.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-10012",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Cross-site scripting (XSS) vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2014-10012",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html"
- },
- {
- "name" : "wp-anotherwpclassifieds-url-xss(98588)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/98588"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Cross-site scripting (XSS) vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.com/files/129035/Another-WordPress-Classifieds-Cross-Site-Scripting-SQL-Injection.html"
+ },
+ {
+ "name": "wp-anotherwpclassifieds-url-xss(98588)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98588"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/3xxx/CVE-2014-3991.json b/2014/3xxx/CVE-2014-3991.json
index 642010020c4..7bc10498ee2 100644
--- a/2014/3xxx/CVE-2014-3991.json
+++ b/2014/3xxx/CVE-2014-3991.json
@@ -1,62 +1,62 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-3991",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) dol_use_jmobile, (2) dol_optimize_smallscreen, (3) dol_no_mouse_hover, (4) dol_hide_topmenu, (5) dol_hide_leftmenu, (6) mainmenu, or (7) leftmenu parameter to index.php; the (8) dol_use_jmobile, (9) dol_optimize_smallscreen, (10) dol_no_mouse_hover, (11) dol_hide_topmenu, or (12) dol_hide_leftmenu parameter to user/index.php; the (13) dol_use_jmobile, (14) dol_optimize_smallscreen, (15) dol_no_mouse_hover, (16) dol_hide_topmenu, or (17) dol_hide_leftmenu parameter to user/logout.php; the (18) email, (19) firstname, (20) job, (21) lastname, or (22) login parameter in an update action in a \"User Card\" to user/fiche.php; or the (23) modulepart or (24) file parameter to viewimage.php."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2014-3991",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://packetstormsecurity.com/files/127389/Dolibarr-CMS-3.5.3-SQL-Injection-Cross-Site-Scripting.html",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.com/files/127389/Dolibarr-CMS-3.5.3-SQL-Injection-Cross-Site-Scripting.html"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) dol_use_jmobile, (2) dol_optimize_smallscreen, (3) dol_no_mouse_hover, (4) dol_hide_topmenu, (5) dol_hide_leftmenu, (6) mainmenu, or (7) leftmenu parameter to index.php; the (8) dol_use_jmobile, (9) dol_optimize_smallscreen, (10) dol_no_mouse_hover, (11) dol_hide_topmenu, or (12) dol_hide_leftmenu parameter to user/index.php; the (13) dol_use_jmobile, (14) dol_optimize_smallscreen, (15) dol_no_mouse_hover, (16) dol_hide_topmenu, or (17) dol_hide_leftmenu parameter to user/logout.php; the (18) email, (19) firstname, (20) job, (21) lastname, or (22) login parameter in an update action in a \"User Card\" to user/fiche.php; or the (23) modulepart or (24) file parameter to viewimage.php."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://packetstormsecurity.com/files/127389/Dolibarr-CMS-3.5.3-SQL-Injection-Cross-Site-Scripting.html",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.com/files/127389/Dolibarr-CMS-3.5.3-SQL-Injection-Cross-Site-Scripting.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/4xxx/CVE-2014-4399.json b/2014/4xxx/CVE-2014-4399.json
index f5084e8e131..c53620814ac 100644
--- a/2014/4xxx/CVE-2014-4399.json
+++ b/2014/4xxx/CVE-2014-4399.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-4399",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2014-4399",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://code.google.com/p/google-security-research/issues/detail?id=30",
- "refsource" : "MISC",
- "url" : "https://code.google.com/p/google-security-research/issues/detail?id=30"
- },
- {
- "name" : "http://support.apple.com/kb/HT6443",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/kb/HT6443"
- },
- {
- "name" : "69895",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/69895"
- },
- {
- "name" : "1030868",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1030868"
- },
- {
- "name" : "macosx-cve20144399-code-exec(96059)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96059"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "An unspecified integrated graphics driver routine in the Intel Graphics Driver subsystem in Apple OS X before 10.9.5 does not properly validate calls, which allows attackers to execute arbitrary code in a privileged context via a crafted application, a different vulnerability than CVE-2014-4394, CVE-2014-4395, CVE-2014-4396, CVE-2014-4397, CVE-2014-4398, CVE-2014-4400, CVE-2014-4401, and CVE-2014-4416."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "69895",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/69895"
+ },
+ {
+ "name": "https://code.google.com/p/google-security-research/issues/detail?id=30",
+ "refsource": "MISC",
+ "url": "https://code.google.com/p/google-security-research/issues/detail?id=30"
+ },
+ {
+ "name": "1030868",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1030868"
+ },
+ {
+ "name": "http://support.apple.com/kb/HT6443",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/kb/HT6443"
+ },
+ {
+ "name": "macosx-cve20144399-code-exec(96059)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96059"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/4xxx/CVE-2014-4466.json b/2014/4xxx/CVE-2014-4466.json
index 8ee6bb7bf12..22d1a8d4446 100644
--- a/2014/4xxx/CVE-2014-4466.json
+++ b/2014/4xxx/CVE-2014-4466.json
@@ -1,102 +1,102 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-4466",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2014-4466",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://support.apple.com/kb/HT6596",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/kb/HT6596"
- },
- {
- "name" : "http://support.apple.com/HT204245",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/HT204245"
- },
- {
- "name" : "http://support.apple.com/HT204246",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/HT204246"
- },
- {
- "name" : "https://support.apple.com/kb/HT204949",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/kb/HT204949"
- },
- {
- "name" : "APPLE-SA-2014-12-2-1",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html"
- },
- {
- "name" : "APPLE-SA-2015-01-27-1",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
- },
- {
- "name" : "APPLE-SA-2015-01-27-2",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
- },
- {
- "name" : "APPLE-SA-2015-06-30-6",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
- },
- {
- "name" : "71445",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/71445"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "WebKit, as used in Apple Safari before 6.2.1, 7.x before 7.1.1, and 8.x before 8.0.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-12-2-1."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://support.apple.com/HT204245",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/HT204245"
+ },
+ {
+ "name": "http://support.apple.com/HT204246",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/HT204246"
+ },
+ {
+ "name": "APPLE-SA-2015-06-30-6",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00006.html"
+ },
+ {
+ "name": "APPLE-SA-2015-01-27-2",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
+ },
+ {
+ "name": "https://support.apple.com/kb/HT204949",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/kb/HT204949"
+ },
+ {
+ "name": "71445",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/71445"
+ },
+ {
+ "name": "APPLE-SA-2015-01-27-1",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
+ },
+ {
+ "name": "http://support.apple.com/kb/HT6596",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/kb/HT6596"
+ },
+ {
+ "name": "APPLE-SA-2014-12-2-1",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2014/Dec/msg00000.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/4xxx/CVE-2014-4491.json b/2014/4xxx/CVE-2014-4491.json
index 2b13d5b3161..1dace28e6c7 100644
--- a/2014/4xxx/CVE-2014-4491.json
+++ b/2014/4xxx/CVE-2014-4491.json
@@ -1,92 +1,92 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-4491",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2014-4491",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://support.apple.com/HT204244",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/HT204244"
- },
- {
- "name" : "http://support.apple.com/HT204245",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/HT204245"
- },
- {
- "name" : "http://support.apple.com/HT204246",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/HT204246"
- },
- {
- "name" : "APPLE-SA-2015-01-27-1",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
- },
- {
- "name" : "APPLE-SA-2015-01-27-2",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
- },
- {
- "name" : "APPLE-SA-2015-01-27-4",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
- },
- {
- "name" : "1031650",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1031650"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The extension APIs in the kernel in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 do not prevent the presence of addresses within an OSBundleMachOHeaders key in a response, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://support.apple.com/HT204245",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/HT204245"
+ },
+ {
+ "name": "http://support.apple.com/HT204246",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/HT204246"
+ },
+ {
+ "name": "1031650",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1031650"
+ },
+ {
+ "name": "APPLE-SA-2015-01-27-2",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00001.html"
+ },
+ {
+ "name": "http://support.apple.com/HT204244",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/HT204244"
+ },
+ {
+ "name": "APPLE-SA-2015-01-27-1",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00000.html"
+ },
+ {
+ "name": "APPLE-SA-2015-01-27-4",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/4xxx/CVE-2014-4769.json b/2014/4xxx/CVE-2014-4769.json
index 463d359f029..82734204eb8 100644
--- a/2014/4xxx/CVE-2014-4769.json
+++ b/2014/4xxx/CVE-2014-4769.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-4769",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8 allows remote authenticated users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@us.ibm.com",
+ "ID": "CVE-2014-4769",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685464",
- "refsource" : "CONFIRM",
- "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21685464"
- },
- {
- "name" : "JR49897",
- "refsource" : "AIXAPAR",
- "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR49897"
- },
- {
- "name" : "JR50553",
- "refsource" : "AIXAPAR",
- "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR50553"
- },
- {
- "name" : "70872",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/70872"
- },
- {
- "name" : "ibm-websphere-cve20144769-info-disc(94836)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94836"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x through 7.0.0.8 allows remote authenticated users to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "JR50553",
+ "refsource": "AIXAPAR",
+ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR50553"
+ },
+ {
+ "name": "JR49897",
+ "refsource": "AIXAPAR",
+ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR49897"
+ },
+ {
+ "name": "ibm-websphere-cve20144769-info-disc(94836)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94836"
+ },
+ {
+ "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21685464",
+ "refsource": "CONFIRM",
+ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21685464"
+ },
+ {
+ "name": "70872",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/70872"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/4xxx/CVE-2014-4806.json b/2014/4xxx/CVE-2014-4806.json
index 349c01859ae..0237ae6d3b8 100644
--- a/2014/4xxx/CVE-2014-4806.json
+++ b/2014/4xxx/CVE-2014-4806.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-4806",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x before 8.7.0.1 iFix 003, 8.8.x before 8.8.0.1 iFix 002, and 9.0.x before 9.0.0.1 iFix 001 on Linux places a cleartext password in a temporary file, which allows local users to obtain sensitive information by reading this file."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@us.ibm.com",
+ "ID": "CVE-2014-4806",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21682642",
- "refsource" : "CONFIRM",
- "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21682642"
- },
- {
- "name" : "69435",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/69435"
- },
- {
- "name" : "ibm-appscan-cve20144806-cleartext(95354)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95354"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x before 8.7.0.1 iFix 003, 8.8.x before 8.8.0.1 iFix 002, and 9.0.x before 9.0.0.1 iFix 001 on Linux places a cleartext password in a temporary file, which allows local users to obtain sensitive information by reading this file."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "69435",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/69435"
+ },
+ {
+ "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21682642",
+ "refsource": "CONFIRM",
+ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21682642"
+ },
+ {
+ "name": "ibm-appscan-cve20144806-cleartext(95354)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95354"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/4xxx/CVE-2014-4849.json b/2014/4xxx/CVE-2014-4849.json
index 0b1d213cd21..f326a358800 100644
--- a/2014/4xxx/CVE-2014-4849.json
+++ b/2014/4xxx/CVE-2014-4849.json
@@ -1,62 +1,62 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-4849",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple cross-site scripting (XSS) vulnerabilities in msg.php in FoeCMS allow remote attackers to inject arbitrary web script or HTML via the (1) e or (2) r parameter."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2014-4849",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://packetstormsecurity.com/files/127358/FoeCMS-XSS-SQL-Injection-Open-Redirect.html",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.com/files/127358/FoeCMS-XSS-SQL-Injection-Open-Redirect.html"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple cross-site scripting (XSS) vulnerabilities in msg.php in FoeCMS allow remote attackers to inject arbitrary web script or HTML via the (1) e or (2) r parameter."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://packetstormsecurity.com/files/127358/FoeCMS-XSS-SQL-Injection-Open-Redirect.html",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.com/files/127358/FoeCMS-XSS-SQL-Injection-Open-Redirect.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/8xxx/CVE-2014-8319.json b/2014/8xxx/CVE-2014-8319.json
index ac718f82dcf..4bca57767c6 100644
--- a/2014/8xxx/CVE-2014-8319.json
+++ b/2014/8xxx/CVE-2014-8319.json
@@ -1,87 +1,87 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-8319",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Cross-site scripting (XSS) vulnerability in the easy_social_admin_summary function in the Easy Social module 7.x-2.x before 7.x-2.11 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a block title."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2014-8319",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://drupal.org/node/2194809",
- "refsource" : "MISC",
- "url" : "https://drupal.org/node/2194809"
- },
- {
- "name" : "https://www.drupal.org/node/2194401",
- "refsource" : "CONFIRM",
- "url" : "https://www.drupal.org/node/2194401"
- },
- {
- "name" : "65527",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/65527"
- },
- {
- "name" : "103264",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/103264"
- },
- {
- "name" : "56857",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/56857"
- },
- {
- "name" : "easy-social-drupal-xss(91157)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91157"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Cross-site scripting (XSS) vulnerability in the easy_social_admin_summary function in the Easy Social module 7.x-2.x before 7.x-2.11 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a block title."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "56857",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/56857"
+ },
+ {
+ "name": "https://drupal.org/node/2194809",
+ "refsource": "MISC",
+ "url": "https://drupal.org/node/2194809"
+ },
+ {
+ "name": "https://www.drupal.org/node/2194401",
+ "refsource": "CONFIRM",
+ "url": "https://www.drupal.org/node/2194401"
+ },
+ {
+ "name": "easy-social-drupal-xss(91157)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91157"
+ },
+ {
+ "name": "103264",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/103264"
+ },
+ {
+ "name": "65527",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/65527"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/8xxx/CVE-2014-8347.json b/2014/8xxx/CVE-2014-8347.json
index d3a5d6f1dbc..e1faaa216c8 100644
--- a/2014/8xxx/CVE-2014-8347.json
+++ b/2014/8xxx/CVE-2014-8347.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-8347",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2014-8347",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/8xxx/CVE-2014-8535.json b/2014/8xxx/CVE-2014-8535.json
index 411a8b6ee2a..2bd4398897f 100644
--- a/2014/8xxx/CVE-2014-8535.json
+++ b/2014/8xxx/CVE-2014-8535.json
@@ -1,62 +1,62 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-8535",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to bypass intended restriction on unspecified functionality via unknown vectors."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2014-8535",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10044",
- "refsource" : "CONFIRM",
- "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10044"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to bypass intended restriction on unspecified functionality via unknown vectors."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10044",
+ "refsource": "CONFIRM",
+ "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10044"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/8xxx/CVE-2014-8906.json b/2014/8xxx/CVE-2014-8906.json
index f49217fba5a..21a047c6094 100644
--- a/2014/8xxx/CVE-2014-8906.json
+++ b/2014/8xxx/CVE-2014-8906.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-8906",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2014-8906",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/9xxx/CVE-2014-9291.json b/2014/9xxx/CVE-2014-9291.json
index 206de53ccdc..8d53236fa79 100644
--- a/2014/9xxx/CVE-2014-9291.json
+++ b/2014/9xxx/CVE-2014-9291.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-9291",
- "STATE" : "REJECT"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
- }
- ]
- }
-}
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2014-9291",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "REJECT"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/9xxx/CVE-2014-9526.json b/2014/9xxx/CVE-2014-9526.json
index 057a5539458..f167934be5c 100644
--- a/2014/9xxx/CVE-2014-9526.json
+++ b/2014/9xxx/CVE-2014-9526.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-9526",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple cross-site scripting (XSS) vulnerabilities in concrete5 5.7.2.1, 5.7.2, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gName parameter in single_pages/dashboard/users/groups/bulkupdate.php or (2) instance_id parameter in tools/dashboard/sitemap_drag_request.php."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2014-9526",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20141209 Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/534189/100/0/threaded"
- },
- {
- "name" : "20141209 Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities",
- "refsource" : "FULLDISC",
- "url" : "http://seclists.org/fulldisclosure/2014/Dec/38"
- },
- {
- "name" : "http://morxploit.com/morxploits/morxconxss.txt",
- "refsource" : "MISC",
- "url" : "http://morxploit.com/morxploits/morxconxss.txt"
- },
- {
- "name" : "http://packetstormsecurity.com/files/129446/Concrete5-CMS-5.7.2-5.7.2.1-Cross-Site-Scripting.html",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.com/files/129446/Concrete5-CMS-5.7.2-5.7.2.1-Cross-Site-Scripting.html"
- },
- {
- "name" : "concrete5-multiple-xss(99264)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99264"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple cross-site scripting (XSS) vulnerabilities in concrete5 5.7.2.1, 5.7.2, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gName parameter in single_pages/dashboard/users/groups/bulkupdate.php or (2) instance_id parameter in tools/dashboard/sitemap_drag_request.php."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "concrete5-multiple-xss(99264)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99264"
+ },
+ {
+ "name": "20141209 Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/534189/100/0/threaded"
+ },
+ {
+ "name": "http://morxploit.com/morxploits/morxconxss.txt",
+ "refsource": "MISC",
+ "url": "http://morxploit.com/morxploits/morxconxss.txt"
+ },
+ {
+ "name": "http://packetstormsecurity.com/files/129446/Concrete5-CMS-5.7.2-5.7.2.1-Cross-Site-Scripting.html",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.com/files/129446/Concrete5-CMS-5.7.2-5.7.2.1-Cross-Site-Scripting.html"
+ },
+ {
+ "name": "20141209 Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities",
+ "refsource": "FULLDISC",
+ "url": "http://seclists.org/fulldisclosure/2014/Dec/38"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2014/9xxx/CVE-2014-9999.json b/2014/9xxx/CVE-2014-9999.json
index 918d1018047..24d83573b68 100644
--- a/2014/9xxx/CVE-2014-9999.json
+++ b/2014/9xxx/CVE-2014-9999.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2014-9999",
- "STATE" : "REJECT"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: This ID is frequently used as an example of the 2014 CVE-ID syntax change, which allows more than 4 digits in the sequence number. Notes: See references."
- }
- ]
- }
-}
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2014-9999",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "REJECT"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: This ID is frequently used as an example of the 2014 CVE-ID syntax change, which allows more than 4 digits in the sequence number. Notes: See references."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/2xxx/CVE-2016-2950.json b/2016/2xxx/CVE-2016-2950.json
index c5a4cb854ba..11d68082e75 100644
--- a/2016/2xxx/CVE-2016-2950.json
+++ b/2016/2xxx/CVE-2016-2950.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-2950",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "SQL injection vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@us.ibm.com",
+ "ID": "CVE-2016-2950",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21991886",
- "refsource" : "CONFIRM",
- "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21991886"
- },
- {
- "name" : "IV89784",
- "refsource" : "AIXAPAR",
- "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV89784"
- },
- {
- "name" : "94607",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/94607"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "SQL injection vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21991886",
+ "refsource": "CONFIRM",
+ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21991886"
+ },
+ {
+ "name": "IV89784",
+ "refsource": "AIXAPAR",
+ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV89784"
+ },
+ {
+ "name": "94607",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/94607"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/3xxx/CVE-2016-3067.json b/2016/3xxx/CVE-2016-3067.json
index 07ae42121ea..e7be98e8d96 100644
--- a/2016/3xxx/CVE-2016-3067.json
+++ b/2016/3xxx/CVE-2016-3067.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-3067",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert@redhat.com",
+ "ID": "CVE-2016-3067",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "[cygwin-announce] 20160218 TEST RELEASE: Cygwin 2.5.0-0.4",
- "refsource" : "MLIST",
- "url" : "https://cygwin.com/ml/cygwin-announce/2016-02/msg00023.html"
- },
- {
- "name" : "[cygwin-announce] 20160411 Cygwin 2.5.0-1",
- "refsource" : "MLIST",
- "url" : "https://cygwin.com/ml/cygwin-announce/2016-04/msg00020.html"
- },
- {
- "name" : "[cygwin-announce] 20160419 CVE-2016-3067: network privilege escalation in Cygwin set(e)ui",
- "refsource" : "MLIST",
- "url" : "https://cygwin.com/ml/cygwin-announce/2016-04/msg00054.html"
- },
- {
- "name" : "[cygwin] 20160208 Possible Security Hole in SSHD w/ CYGWIN?",
- "refsource" : "MLIST",
- "url" : "https://cygwin.com/ml/cygwin/2016-02/msg00129.html"
- },
- {
- "name" : "https://sourceware.org/git/?p=newlib-cygwin.git;a=commit;h=205862ed08649df8f50b926a2c58c963f571b044",
- "refsource" : "CONFIRM",
- "url" : "https://sourceware.org/git/?p=newlib-cygwin.git;a=commit;h=205862ed08649df8f50b926a2c58c963f571b044"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "[cygwin-announce] 20160411 Cygwin 2.5.0-1",
+ "refsource": "MLIST",
+ "url": "https://cygwin.com/ml/cygwin-announce/2016-04/msg00020.html"
+ },
+ {
+ "name": "[cygwin-announce] 20160419 CVE-2016-3067: network privilege escalation in Cygwin set(e)ui",
+ "refsource": "MLIST",
+ "url": "https://cygwin.com/ml/cygwin-announce/2016-04/msg00054.html"
+ },
+ {
+ "name": "[cygwin] 20160208 Possible Security Hole in SSHD w/ CYGWIN?",
+ "refsource": "MLIST",
+ "url": "https://cygwin.com/ml/cygwin/2016-02/msg00129.html"
+ },
+ {
+ "name": "[cygwin-announce] 20160218 TEST RELEASE: Cygwin 2.5.0-0.4",
+ "refsource": "MLIST",
+ "url": "https://cygwin.com/ml/cygwin-announce/2016-02/msg00023.html"
+ },
+ {
+ "name": "https://sourceware.org/git/?p=newlib-cygwin.git;a=commit;h=205862ed08649df8f50b926a2c58c963f571b044",
+ "refsource": "CONFIRM",
+ "url": "https://sourceware.org/git/?p=newlib-cygwin.git;a=commit;h=205862ed08649df8f50b926a2c58c963f571b044"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/3xxx/CVE-2016-3095.json b/2016/3xxx/CVE-2016-3095.json
index 31685e36d07..02ba51764f8 100644
--- a/2016/3xxx/CVE-2016-3095.json
+++ b/2016/3xxx/CVE-2016-3095.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-3095",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local users to read the generated private key."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert@redhat.com",
+ "ID": "CVE-2016-3095",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "[oss-security] 20160406 Pulp 2.8.2 release for CVE-2016-3095",
- "refsource" : "MLIST",
- "url" : "http://www.openwall.com/lists/oss-security/2016/04/06/3"
- },
- {
- "name" : "[oss-security] 20160418 CVE-2013-7450: Pulp < 2.3.0 distributed the same CA key to all users",
- "refsource" : "MLIST",
- "url" : "http://www.openwall.com/lists/oss-security/2016/04/18/11"
- },
- {
- "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1322706",
- "refsource" : "CONFIRM",
- "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1322706"
- },
- {
- "name" : "https://github.com/pulp/pulp/pull/2503/commits/9f969b94c4b4f310865455d36db207de6cffebca",
- "refsource" : "CONFIRM",
- "url" : "https://github.com/pulp/pulp/pull/2503/commits/9f969b94c4b4f310865455d36db207de6cffebca"
- },
- {
- "name" : "FEDORA-2016-f75bd73891",
- "refsource" : "FEDORA",
- "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182006.html"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "server/bin/pulp-gen-ca-certificate in Pulp before 2.8.2 allows local users to read the generated private key."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://github.com/pulp/pulp/pull/2503/commits/9f969b94c4b4f310865455d36db207de6cffebca",
+ "refsource": "CONFIRM",
+ "url": "https://github.com/pulp/pulp/pull/2503/commits/9f969b94c4b4f310865455d36db207de6cffebca"
+ },
+ {
+ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1322706",
+ "refsource": "CONFIRM",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1322706"
+ },
+ {
+ "name": "[oss-security] 20160406 Pulp 2.8.2 release for CVE-2016-3095",
+ "refsource": "MLIST",
+ "url": "http://www.openwall.com/lists/oss-security/2016/04/06/3"
+ },
+ {
+ "name": "FEDORA-2016-f75bd73891",
+ "refsource": "FEDORA",
+ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182006.html"
+ },
+ {
+ "name": "[oss-security] 20160418 CVE-2013-7450: Pulp < 2.3.0 distributed the same CA key to all users",
+ "refsource": "MLIST",
+ "url": "http://www.openwall.com/lists/oss-security/2016/04/18/11"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/3xxx/CVE-2016-3441.json b/2016/3xxx/CVE-2016-3441.json
index e356b3c5e24..3fb90a00810 100644
--- a/2016/3xxx/CVE-2016-3441.json
+++ b/2016/3xxx/CVE-2016-3441.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-3441",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Filesystem."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert_us@oracle.com",
+ "ID": "CVE-2016-3441",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
- },
- {
- "name" : "1035629",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1035629"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect confidentiality, integrity, and availability via vectors related to Filesystem."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "1035629",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1035629"
+ },
+ {
+ "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/3xxx/CVE-2016-3664.json b/2016/3xxx/CVE-2016-3664.json
index f8e57bf8cde..a6ed49f4b58 100644
--- a/2016/3xxx/CVE-2016-3664.json
+++ b/2016/3xxx/CVE-2016-3664.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-3664",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Trend Micro Mobile Security for iOS before 3.2.1188 does not verify the X.509 certificate of the mobile application login server, which allows man-in-the-middle attackers to spoof this server and obtain sensitive information via a crafted certificate."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2016-3664",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://packetstormsecurity.com/files/137020/Trend-Micro-Mobile-Security-Man-In-The-Middle.html",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.com/files/137020/Trend-Micro-Mobile-Security-Man-In-The-Middle.html"
- },
- {
- "name" : "http://www.info-sec.ca/advisories/Trend-Micro-Mobile-Security.html",
- "refsource" : "MISC",
- "url" : "http://www.info-sec.ca/advisories/Trend-Micro-Mobile-Security.html"
- },
- {
- "name" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1114151.aspx",
- "refsource" : "CONFIRM",
- "url" : "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1114151.aspx"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Trend Micro Mobile Security for iOS before 3.2.1188 does not verify the X.509 certificate of the mobile application login server, which allows man-in-the-middle attackers to spoof this server and obtain sensitive information via a crafted certificate."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://packetstormsecurity.com/files/137020/Trend-Micro-Mobile-Security-Man-In-The-Middle.html",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.com/files/137020/Trend-Micro-Mobile-Security-Man-In-The-Middle.html"
+ },
+ {
+ "name": "http://www.info-sec.ca/advisories/Trend-Micro-Mobile-Security.html",
+ "refsource": "MISC",
+ "url": "http://www.info-sec.ca/advisories/Trend-Micro-Mobile-Security.html"
+ },
+ {
+ "name": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1114151.aspx",
+ "refsource": "CONFIRM",
+ "url": "https://esupport.trendmicro.com/en-us/home/pages/technical-support/1114151.aspx"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/3xxx/CVE-2016-3910.json b/2016/3xxx/CVE-2016-3910.json
index fb8ac5b5427..1634b3042ba 100644
--- a/2016/3xxx/CVE-2016-3910.json
+++ b/2016/3xxx/CVE-2016-3910.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-3910",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "services/soundtrigger/SoundTriggerHwService.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30148546."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "security@android.com",
+ "ID": "CVE-2016-3910",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://source.android.com/security/bulletin/2016-10-01.html",
- "refsource" : "CONFIRM",
- "url" : "http://source.android.com/security/bulletin/2016-10-01.html"
- },
- {
- "name" : "https://android.googlesource.com/platform/frameworks/av/+/035cb12f392860113dce96116a5150e2fde6f0cc",
- "refsource" : "CONFIRM",
- "url" : "https://android.googlesource.com/platform/frameworks/av/+/035cb12f392860113dce96116a5150e2fde6f0cc"
- },
- {
- "name" : "93296",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/93296"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "services/soundtrigger/SoundTriggerHwService.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 30148546."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "93296",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/93296"
+ },
+ {
+ "name": "http://source.android.com/security/bulletin/2016-10-01.html",
+ "refsource": "CONFIRM",
+ "url": "http://source.android.com/security/bulletin/2016-10-01.html"
+ },
+ {
+ "name": "https://android.googlesource.com/platform/frameworks/av/+/035cb12f392860113dce96116a5150e2fde6f0cc",
+ "refsource": "CONFIRM",
+ "url": "https://android.googlesource.com/platform/frameworks/av/+/035cb12f392860113dce96116a5150e2fde6f0cc"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/3xxx/CVE-2016-3978.json b/2016/3xxx/CVE-2016-3978.json
index c00fcd39393..1f6e6483654 100644
--- a/2016/3xxx/CVE-2016-3978.json
+++ b/2016/3xxx/CVE-2016-3978.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-3978",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the \"redirect\" parameter to \"login.\""
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2016-3978",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20160320 FortiOS (Fortinet) - Open Redirect and Cross Site Scripting",
- "refsource" : "FULLDISC",
- "url" : "http://seclists.org/fulldisclosure/2016/Mar/68"
- },
- {
- "name" : "http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability",
- "refsource" : "CONFIRM",
- "url" : "http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability"
- },
- {
- "name" : "1035332",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1035332"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the \"redirect\" parameter to \"login.\""
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "20160320 FortiOS (Fortinet) - Open Redirect and Cross Site Scripting",
+ "refsource": "FULLDISC",
+ "url": "http://seclists.org/fulldisclosure/2016/Mar/68"
+ },
+ {
+ "name": "1035332",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1035332"
+ },
+ {
+ "name": "http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability",
+ "refsource": "CONFIRM",
+ "url": "http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/6xxx/CVE-2016-6753.json b/2016/6xxx/CVE-2016-6753.json
index b0148bac430..76d6240489f 100644
--- a/2016/6xxx/CVE-2016-6753.json
+++ b/2016/6xxx/CVE-2016-6753.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "security@google.com",
- "ID" : "CVE-2016-6753",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "Android",
- "version" : {
- "version_data" : [
- {
- "version_value" : "Kernel-3.18"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "Google Inc."
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "An information disclosure vulnerability in kernel components, including the process-grouping subsystem and the networking subsystem, in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30149174."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "Information disclosure"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "security@android.com",
+ "ID": "CVE-2016-6753",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Android",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "Kernel-3.18"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "Google Inc."
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://source.android.com/security/bulletin/2016-11-01.html",
- "refsource" : "CONFIRM",
- "url" : "https://source.android.com/security/bulletin/2016-11-01.html"
- },
- {
- "name" : "94147",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/94147"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "An information disclosure vulnerability in kernel components, including the process-grouping subsystem and the networking subsystem, in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Android ID: A-30149174."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Information disclosure"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://source.android.com/security/bulletin/2016-11-01.html",
+ "refsource": "CONFIRM",
+ "url": "https://source.android.com/security/bulletin/2016-11-01.html"
+ },
+ {
+ "name": "94147",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/94147"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/6xxx/CVE-2016-6961.json b/2016/6xxx/CVE-2016-6961.json
index 06f41b128b4..5e6d32704b3 100644
--- a/2016/6xxx/CVE-2016-6961.json
+++ b/2016/6xxx/CVE-2016-6961.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-6961",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@adobe.com",
+ "ID": "CVE-2016-6961",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
- "refsource" : "CONFIRM",
- "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
- },
- {
- "name" : "93491",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/93491"
- },
- {
- "name" : "1036986",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1036986"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6965, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "1036986",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1036986"
+ },
+ {
+ "name": "93491",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/93491"
+ },
+ {
+ "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html",
+ "refsource": "CONFIRM",
+ "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/7xxx/CVE-2016-7396.json b/2016/7xxx/CVE-2016-7396.json
index b064f4aa220..c99308f4c60 100644
--- a/2016/7xxx/CVE-2016-7396.json
+++ b/2016/7xxx/CVE-2016-7396.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-7396",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2016-7396",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/7xxx/CVE-2016-7500.json b/2016/7xxx/CVE-2016-7500.json
index f19413ae80e..30ae2b0ab46 100644
--- a/2016/7xxx/CVE-2016-7500.json
+++ b/2016/7xxx/CVE-2016-7500.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-7500",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2016-7500",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/7xxx/CVE-2016-7650.json b/2016/7xxx/CVE-2016-7650.json
index a96cb057f28..9abce5bef04 100644
--- a/2016/7xxx/CVE-2016-7650.json
+++ b/2016/7xxx/CVE-2016-7650.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "product-security@apple.com",
- "ID" : "CVE-2016-7650",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the \"Safari Reader\" component, which allows remote attackers to conduct UXSS attacks via a crafted web site."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2016-7650",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://support.apple.com/HT207421",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/HT207421"
- },
- {
- "name" : "https://support.apple.com/HT207422",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/HT207422"
- },
- {
- "name" : "94915",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/94915"
- },
- {
- "name" : "1037459",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1037459"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. Safari before 10.0.2 is affected. The issue involves the \"Safari Reader\" component, which allows remote attackers to conduct UXSS attacks via a crafted web site."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "94915",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/94915"
+ },
+ {
+ "name": "https://support.apple.com/HT207421",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/HT207421"
+ },
+ {
+ "name": "1037459",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1037459"
+ },
+ {
+ "name": "https://support.apple.com/HT207422",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/HT207422"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/7xxx/CVE-2016-7966.json b/2016/7xxx/CVE-2016-7966.json
index dddff1f52ea..c39c1f617df 100644
--- a/2016/7xxx/CVE-2016-7966.json
+++ b/2016/7xxx/CVE-2016-7966.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-7966",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2016-7966",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "[oss-security] 20161004 Re: KMail vulnerabilites: need 3 CVE",
- "refsource" : "MLIST",
- "url" : "http://www.openwall.com/lists/oss-security/2016/10/05/1"
- },
- {
- "name" : "DSA-3697",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2016/dsa-3697"
- },
- {
- "name" : "FEDORA-2016-92c112a380",
- "refsource" : "FEDORA",
- "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNMM5TVPTJQFPJ3YDF4DPXDFW3GQLWLY/"
- },
- {
- "name" : "openSUSE-SU-2016:2559",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-updates/2016-10/msg00065.html"
- },
- {
- "name" : "93360",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/93360"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "93360",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/93360"
+ },
+ {
+ "name": "[oss-security] 20161004 Re: KMail vulnerabilites: need 3 CVE",
+ "refsource": "MLIST",
+ "url": "http://www.openwall.com/lists/oss-security/2016/10/05/1"
+ },
+ {
+ "name": "FEDORA-2016-92c112a380",
+ "refsource": "FEDORA",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNMM5TVPTJQFPJ3YDF4DPXDFW3GQLWLY/"
+ },
+ {
+ "name": "openSUSE-SU-2016:2559",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-updates/2016-10/msg00065.html"
+ },
+ {
+ "name": "DSA-3697",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2016/dsa-3697"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/8xxx/CVE-2016-8972.json b/2016/8xxx/CVE-2016-8972.json
index c187bc6263c..6244d170ab6 100644
--- a/2016/8xxx/CVE-2016-8972.json
+++ b/2016/8xxx/CVE-2016-8972.json
@@ -1,83 +1,83 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "psirt@us.ibm.com",
- "ID" : "CVE-2016-8972",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "AIX",
- "version" : {
- "version_data" : [
- {
- "version_value" : "6.1"
- },
- {
- "version_value" : "7.1"
- },
- {
- "version_value" : "7.2"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "IBM Corporation"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "Gain Privileges"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@us.ibm.com",
+ "ID": "CVE-2016-8972",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "AIX",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "6.1"
+ },
+ {
+ "version_value": "7.1"
+ },
+ {
+ "version_value": "7.2"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "IBM Corporation"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "40950",
- "refsource" : "EXPLOIT-DB",
- "url" : "https://www.exploit-db.com/exploits/40950/"
- },
- {
- "name" : "http://aix.software.ibm.com/aix/efixes/security/bellmail_advisory.asc",
- "refsource" : "CONFIRM",
- "url" : "http://aix.software.ibm.com/aix/efixes/security/bellmail_advisory.asc"
- },
- {
- "name" : "94979",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/94979"
- },
- {
- "name" : "1037480",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1037480"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "IBM AIX 6.1, 7.1, and 7.2 could allow a local user to gain root privileges using a specially crafted command within the bellmail client. IBM APARs: IV91006, IV91007, IV91008, IV91010, IV91011."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Gain Privileges"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "1037480",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1037480"
+ },
+ {
+ "name": "http://aix.software.ibm.com/aix/efixes/security/bellmail_advisory.asc",
+ "refsource": "CONFIRM",
+ "url": "http://aix.software.ibm.com/aix/efixes/security/bellmail_advisory.asc"
+ },
+ {
+ "name": "94979",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/94979"
+ },
+ {
+ "name": "40950",
+ "refsource": "EXPLOIT-DB",
+ "url": "https://www.exploit-db.com/exploits/40950/"
+ }
+ ]
+ }
+}
\ No newline at end of file