admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 01:59:32 +00:00
parent 35e0f2a997
commit 2207de46d6
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
61 changed files with 3677 additions and 3677 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
2002/0xxx/CVE-2002-0139.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0139", "ID": "CVE-2002-0139",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020120 Bounce vulnerability in SpoonFTP 1.1.0.1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://online.securityfocus.com/archive/1/251422" "lang": "eng",
}, "value": "Pi-Soft SpoonFTP 1.1 and earlier allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command."
{ }
"name" : "http://www.pi-soft.com/spoonftp/index.shtml", ]
"refsource" : "CONFIRM", },
"url" : "http://www.pi-soft.com/spoonftp/index.shtml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3910", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/3910" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "spoonftp-ftp-bounce(7943)", ]
"refsource" : "XF", }
"url" : "http://www.iss.net/security_center/static/7943.php" ]
} },
] "references": {
} "reference_data": [
} {
"name": "http://www.pi-soft.com/spoonftp/index.shtml",
"refsource": "CONFIRM",
"url": "http://www.pi-soft.com/spoonftp/index.shtml"
},
{
"name": "3910",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3910"
},
{
"name": "spoonftp-ftp-bounce(7943)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/7943.php"
},
{
"name": "20020120 Bounce vulnerability in SpoonFTP 1.1.0.1",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/251422"
}
]
}
}

140
2002/0xxx/CVE-2002-0434.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0434", "ID": "CVE-2002-0434",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020310 Marcus S. Xenakis \"directory.php\" allows arbitrary code execution", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/261512" "lang": "eng",
}, "value": "Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter."
{ }
"name" : "4278", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/4278" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "xenakis-directory-execute-commands(8440)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/8440.php" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "4278",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4278"
},
{
"name": "20020310 Marcus S. Xenakis \"directory.php\" allows arbitrary code execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/261512"
},
{
"name": "xenakis-directory-execute-commands(8440)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8440.php"
}
]
}
}

150
2002/0xxx/CVE-2002-0469.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0469", "ID": "CVE-2002-0469",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, \"lock-to-user\" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020310 Ecartis/Listar multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/261209" "lang": "eng",
}, "value": "Ecartis (formerly Listar) 1.0.0 in snapshot 20020125 and earlier does not properly drop privileges when Ecartis is installed setuid-root, \"lock-to-user\" is not set, and ecartis is called by certain MTA's, which could allow local users to gain privileges."
{ }
"name" : "4277", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/4277" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ecartis-root-privileges(8444)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/8444.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities", ]
"refsource" : "VULNWATCH", }
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ecartis-root-privileges(8444)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8444.php"
},
{
"name": "20020311 [VulnWatch] Ecartis/Listar multiple vulnerabilities",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0063.html"
},
{
"name": "20020310 Ecartis/Listar multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/261209"
},
{
"name": "4277",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4277"
}
]
}
}

140
2002/0xxx/CVE-2002-0470.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0470", "ID": "CVE-2002-0470",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHPNetToolpack 0.1 relies on its environment's PATH to find and execute the traceroute program, which could allow local users to gain privileges by inserting a Trojan horse program into the search path."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020318 PHP Net Toolpack: input validation error", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://seclists.org/bugtraq/2002/Mar/0263.html" "lang": "eng",
}, "value": "PHPNetToolpack 0.1 relies on its environment's PATH to find and execute the traceroute program, which could allow local users to gain privileges by inserting a Trojan horse program into the search path."
{ }
"name" : "4304", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/4304" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "phpnettoolpack-traceroute-insecure-path(8484)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/8484.php" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20020318 PHP Net Toolpack: input validation error",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2002/Mar/0263.html"
},
{
"name": "phpnettoolpack-traceroute-insecure-path(8484)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8484.php"
},
{
"name": "4304",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4304"
}
]
}
}

160
2002/0xxx/CVE-2002-0710.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0710", "ID": "CVE-2002-0710",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in sendform.cgi 1.44 and earlier allows remote attackers to read arbitrary files by specifying the desired files in the BlurbFilePath parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020730 Directory traversal vulnerability in sendform.cgi", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=102809084218422&w=2" "lang": "eng",
}, "value": "Directory traversal vulnerability in sendform.cgi 1.44 and earlier allows remote attackers to read arbitrary files by specifying the desired files in the BlurbFilePath parameter."
{ }
"name" : "http://www.scn.org/~bb615/scripts/sendform.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.scn.org/~bb615/scripts/sendform.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "sendform-blurbfile-directory-traversal(9725)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/9725.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "5286", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/5286" ]
}, },
{ "references": {
"name" : "3568", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/3568" "name": "3568",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/3568"
} },
} {
"name": "http://www.scn.org/~bb615/scripts/sendform.html",
"refsource": "CONFIRM",
"url": "http://www.scn.org/~bb615/scripts/sendform.html"
},
{
"name": "20020730 Directory traversal vulnerability in sendform.cgi",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=102809084218422&w=2"
},
{
"name": "5286",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5286"
},
{
"name": "sendform-blurbfile-directory-traversal(9725)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9725.php"
}
]
}
}

150
2002/0xxx/CVE-2002-0847.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-0847", "ID": "CVE-2002-0847",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "DSA-145", "description_data": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2002/dsa-145" "lang": "eng",
}, "value": "tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free)."
{ }
"name" : "http://sourceforge.net/project/shownotes.php?release_id=88790", ]
"refsource" : "CONFIRM", },
"url" : "http://sourceforge.net/project/shownotes.php?release_id=88790" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "tinyproxy-memory-corruption(9079)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/9079.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "4731", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/4731" ]
} },
] "references": {
} "reference_data": [
} {
"name": "DSA-145",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2002/dsa-145"
},
{
"name": "tinyproxy-memory-corruption(9079)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9079.php"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=88790",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=88790"
},
{
"name": "4731",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4731"
}
]
}
}

140
2002/1xxx/CVE-2002-1064.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1064", "ID": "CVE-2002-1064",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020726 SECURITY.NNOV: multiple vulnerabilities in JanaServer", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html" "lang": "eng",
}, "value": "Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server."
{ }
"name" : "jana-pop3-bruteforce(9688)", ]
"refsource" : "XF", },
"url" : "http://www.iss.net/security_center/static/9688.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "5326", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/5326" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20020726 SECURITY.NNOV: multiple vulnerabilities in JanaServer",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0329.html"
},
{
"name": "5326",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5326"
},
{
"name": "jana-pop3-bruteforce(9688)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9688.php"
}
]
}
}

180
2002/1xxx/CVE-2002-1159.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1159", "ID": "CVE-2002-1159",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "DSA-224", "description_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2003/dsa-224" "lang": "eng",
}, "value": "Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak."
{ }
"name" : "RHSA-2002:246", ]
"refsource" : "REDHAT", },
"url" : "http://www.redhat.com/support/errata/RHSA-2002-246.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2002:261", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2002-261.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2003:115", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2003-115.html" ]
}, },
{ "references": {
"name" : "http://canna.sourceforge.jp/sec/Canna-2002-01.txt", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://canna.sourceforge.jp/sec/Canna-2002-01.txt" "name": "DSA-224",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2003/dsa-224"
"name" : "6354", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/6354" "name": "6354",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/6354"
"name" : "canna-improper-request-validation(10832)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/10832" "name": "RHSA-2002:246",
} "refsource": "REDHAT",
] "url": "http://www.redhat.com/support/errata/RHSA-2002-246.html"
} },
} {
"name": "RHSA-2002:261",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-261.html"
},
{
"name": "canna-improper-request-validation(10832)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10832"
},
{
"name": "RHSA-2003:115",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-115.html"
},
{
"name": "http://canna.sourceforge.jp/sec/Canna-2002-01.txt",
"refsource": "CONFIRM",
"url": "http://canna.sourceforge.jp/sec/Canna-2002-01.txt"
}
]
}
}

220
2002/1xxx/CVE-2002-1617.json
View File

@ -1,112 +1,112 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1617", "ID": "CVE-2002-1617",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020902 Happy Labor Day from Snosoft", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/290115" "lang": "eng",
}, "value": "Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm."
{ }
"name" : "20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt", ]
"refsource" : "MISC", }
"url" : "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt" ]
}, },
{ "references": {
"name" : "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt" "name": "20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html"
"name" : "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt", },
"refsource" : "MISC", {
"url" : "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt" "name": "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt",
}, "refsource": "MISC",
{ "url": "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtterm.txt"
"name" : "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt", },
"refsource" : "MISC", {
"url" : "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt" "name": "VU#931579",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/931579"
"name" : "VU#836275", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/836275" "name": "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt",
}, "refsource": "MISC",
{ "url": "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtprintinfo.txt"
"name" : "VU#600699", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/600699" "name": "VU#836275",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/836275"
"name" : "VU#931579", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/931579" "name": "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt",
}, "refsource": "MISC",
{ "url": "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dxterm.txt"
"name" : "VU#202939", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/202939" "name": "20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification",
} "refsource": "BUGTRAQ",
] "url": "http://archives.neohapsis.com/archives/fulldisclosure/2002-q3/1203.html"
} },
} {
"name": "VU#202939",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/202939"
},
{
"name": "20020902 Happy Labor Day from Snosoft",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/290115"
},
{
"name": "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt",
"refsource": "MISC",
"url": "http://www.blacksheepnetworks.com/security/hack/tru64/TRU64_dtaction.txt"
},
{
"name": "VU#600699",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/600699"
}
]
}
}

140
2002/1xxx/CVE-2002-1696.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1696", "ID": "CVE-2002-1696",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when \"Automatically decrypt/verify when opening messages\" option is checked, \"Always use Secure Viewer when decrypting\" option is not checked, and the user replies to an encrypted message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020108 PGP 7.0 Outlook Plug-in flaw", "description_data": [
"refsource" : "NTBUGTRAQ", {
"url" : "http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0201&L=ntbugtraq&F=P&S=&P=528" "lang": "eng",
}, "value": "Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when \"Automatically decrypt/verify when opening messages\" option is checked, \"Always use Secure Viewer when decrypting\" option is not checked, and the user replies to an encrypted message."
{ }
"name" : "pgp-outlook-decrypted-copy(7900)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/7900" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "3825", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/3825" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "pgp-outlook-decrypted-copy(7900)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7900"
},
{
"name": "3825",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3825"
},
{
"name": "20020108 PGP 7.0 Outlook Plug-in flaw",
"refsource": "NTBUGTRAQ",
"url": "http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0201&L=ntbugtraq&F=P&S=&P=528"
}
]
}
}

150
2002/1xxx/CVE-2002-1777.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1777", "ID": "CVE-2002-1777",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded extension such as .nch or .dbx, but a malicious extension in the Content-Disposition field, which is used by Outlook to obtain the file name. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but Norton AntiVirus or the Office plug-in would detect the virus before it is executed."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020307 Various Vulnerabilities in Norton Anti-Virus 2002", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://online.securityfocus.com/archive/1/260271" "lang": "eng",
}, "value": "** DISPUTED ** NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded extension such as .nch or .dbx, but a malicious extension in the Content-Disposition field, which is used by Outlook to obtain the file name. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but Norton AntiVirus or the Office plug-in would detect the virus before it is executed."
{ }
"name" : "20020308 Re: Edvice Security Services <support@edvicesecurity.com, 000701c1c5fb$c168f970$5a01010a@mic2000", ]
"refsource" : "BUGTRAQ", },
"url" : "http://online.securityfocus.com/archive/1/260678" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "4246", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/4246" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "nav-contenttype-bypass-protection(8392)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/8392" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20020308 Re: Edvice Security Services <support@edvicesecurity.com, 000701c1c5fb$c168f970$5a01010a@mic2000",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/260678"
},
{
"name": "4246",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4246"
},
{
"name": "nav-contenttype-bypass-protection(8392)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8392"
},
{
"name": "20020307 Various Vulnerabilities in Norton Anti-Virus 2002",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/260271"
}
]
}
}

140
2002/1xxx/CVE-2002-1903.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2002-1903", "ID": "CVE-2002-1903",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20020607 Pine 4.44 Privacy Patch", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://online.securityfocus.com/archive/1/276029" "lang": "eng",
}, "value": "Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which could allow remote attackers to obtain sensitive information."
{ }
"name" : "4963", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/4963" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "pine-username-disclosure(9297)", "description": [
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/9297.php" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "pine-username-disclosure(9297)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9297.php"
},
{
"name": "20020607 Pine 4.44 Privacy Patch",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/276029"
},
{
"name": "4963",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4963"
}
]
}
}

180
2003/0xxx/CVE-2003-0146.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0146", "ID": "CVE-2003-0146",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via \"maths overflow errors\" such as (1) integer signedness errors or (2) integer overflows, which lead to buffer overflows."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030228 NetPBM, multiple vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=104644687816522&w=2" "lang": "eng",
}, "value": "Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via \"maths overflow errors\" such as (1) integer signedness errors or (2) integer overflows, which lead to buffer overflows."
{ }
"name" : "CLSA-2003:656", ]
"refsource" : "CONECTIVA", },
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000656" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-263", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2003/dsa-263" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2003:060", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2003-060.html" ]
}, },
{ "references": {
"name" : "VU#630433", "reference_data": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/630433" "name": "DSA-263",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2003/dsa-263"
"name" : "6979", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/6979" "name": "6979",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/6979"
"name" : "netpbm-multiple-bo(11463)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11463" "name": "VU#630433",
} "refsource": "CERT-VN",
] "url": "http://www.kb.cert.org/vuls/id/630433"
} },
} {
"name": "CLSA-2003:656",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000656"
},
{
"name": "netpbm-multiple-bo(11463)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11463"
},
{
"name": "RHSA-2003:060",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-060.html"
},
{
"name": "20030228 NetPBM, multiple vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=104644687816522&w=2"
}
]
}
}

160
2003/0xxx/CVE-2003-0290.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0290", "ID": "CVE-2003-0290",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030511 eServ Memory Leak Enables Denial of Service Attacks", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=105284630228137&w=2" "lang": "eng",
}, "value": "Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated."
{ }
"name" : "20030513 eServ Memory Leak Solution", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=105284631428187&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20030511 eServ Memory Leak Enables Denial of Service Attacks", "description": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0064.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "7552", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/7552" ]
}, },
{ "references": {
"name" : "eserv-multiple-connections-dos(11973)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11973" "name": "eserv-multiple-connections-dos(11973)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11973"
} },
} {
"name": "20030511 eServ Memory Leak Enables Denial of Service Attacks",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0064.html"
},
{
"name": "7552",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7552"
},
{
"name": "20030513 eServ Memory Leak Solution",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105284631428187&w=2"
},
{
"name": "20030511 eServ Memory Leak Enables Denial of Service Attacks",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105284630228137&w=2"
}
]
}
}

130
2003/0xxx/CVE-2003-0329.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0329", "ID": "CVE-2003-0329",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030520 Plaintext Password in Settings.ini of CesarFTP", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=105344578100315&w=2" "lang": "eng",
}, "value": "CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges."
{ }
"name" : "20030520 Plaintext Password in Settings.ini of CesarFTP", ]
"refsource" : "VULNWATCH", },
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0074.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030520 Plaintext Password in Settings.ini of CesarFTP",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105344578100315&w=2"
},
{
"name": "20030520 Plaintext Password in Settings.ini of CesarFTP",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0074.html"
}
]
}
}

130
2003/0xxx/CVE-2003-0426.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0426", "ID": "CVE-2003-0426",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a \"Setup Assistant\" page that allows remote attackers to set the administrator password and gain privileges before the real administrator."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030723 R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server", "description_data": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0040.html" "lang": "eng",
}, "value": "The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a \"Setup Assistant\" page that allows remote attackers to set the administrator password and gain privileges before the real administrator."
{ }
"name" : "http://www.rapid7.com/advisories/R7-0015.html", ]
"refsource" : "MISC", },
"url" : "http://www.rapid7.com/advisories/R7-0015.html" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030723 R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0040.html"
},
{
"name": "http://www.rapid7.com/advisories/R7-0015.html",
"refsource": "MISC",
"url": "http://www.rapid7.com/advisories/R7-0015.html"
}
]
}
}

130
2003/0xxx/CVE-2003-0882.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0882", "ID": "CVE-2003-0882",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://lists.apple.com/mhonarc/security-announce/msg00038.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://lists.apple.com/mhonarc/security-announce/msg00038.html" "lang": "eng",
}, "value": "Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet."
{ }
"name" : "http://docs.info.apple.com/article.html?artnum=61798", ]
"refsource" : "CONFIRM", },
"url" : "http://docs.info.apple.com/article.html?artnum=61798" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.apple.com/mhonarc/security-announce/msg00038.html",
"refsource": "CONFIRM",
"url": "http://lists.apple.com/mhonarc/security-announce/msg00038.html"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=61798",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=61798"
}
]
}
}

120
2003/0xxx/CVE-2003-0968.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-0968", "ID": "CVE-2003-0968",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20031126 FreeRADIUS <= 0.9.3 rlm_smb module stack overflow vulnerability", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=106986437621130&w=2" "lang": "eng",
} "value": "Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20031126 FreeRADIUS <= 0.9.3 rlm_smb module stack overflow vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=106986437621130&w=2"
}
]
}
}

180
2012/0xxx/CVE-2012-0146.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2012-0146", "ID": "CVE-2012-0146",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka \"UAG Blind HTTP Redirect Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS12-026", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-026" "lang": "eng",
}, "value": "Open redirect vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 SP1 and SP1 Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka \"UAG Blind HTTP Redirect Vulnerability.\""
{ }
"name" : "52903", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/52903" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "81131", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/81131" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "oval:org.mitre.oval:def:15476", ]
"refsource" : "OVAL", }
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15476" ]
}, },
{ "references": {
"name" : "1026909", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1026909" "name": "oval:org.mitre.oval:def:15476",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15476"
"name" : "48787", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48787" "name": "ms-forefront-spoofing(74367)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74367"
"name" : "ms-forefront-spoofing(74367)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/74367" "name": "1026909",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id?1026909"
} },
} {
"name": "MS12-026",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-026"
},
{
"name": "81131",
"refsource": "OSVDB",
"url": "http://osvdb.org/81131"
},
{
"name": "48787",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48787"
},
{
"name": "52903",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52903"
}
]
}
}

34
2012/0xxx/CVE-2012-0377.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-0377", "ID": "CVE-2012-0377",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

210
2012/0xxx/CVE-2012-0485.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-0485", "ID": "CVE-2012-0485",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html" "lang": "eng",
}, "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.x and 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0112, CVE-2012-0115, CVE-2012-0119, CVE-2012-0120, and CVE-2012-0492."
{ }
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687", ]
"refsource" : "CONFIRM", },
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2429", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2012/dsa-2429" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201308-06", ]
"refsource" : "GENTOO", }
"url" : "http://security.gentoo.org/glsa/glsa-201308-06.xml" ]
}, },
{ "references": {
"name" : "USN-1397-1", "reference_data": [
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1397-1" "name": "78383",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/78383"
"name" : "51513", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/51513" "name": "USN-1397-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1397-1"
"name" : "78383", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/78383" "name": "51513",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/51513"
"name" : "53372", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/53372" "name": "53372",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/53372"
"name" : "48250", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48250" "name": "GLSA-201308-06",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
"name" : "mysql-serveruns4-dos(72526)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72526" "name": "48250",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/48250"
} },
} {
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
},
{
"name": "mysql-serveruns4-dos(72526)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72526"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659687"
},
{
"name": "DSA-2429",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2429"
}
]
}
}

180
2012/1xxx/CVE-2012-1243.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2012-1243", "ID": "CVE-2012-1243",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TwitRocker2 application before 1.0.23 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://play.google.com/store/apps/details?id=com.studiohitori.twitrocker2", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://play.google.com/store/apps/details?id=com.studiohitori.twitrocker2" "lang": "eng",
}, "value": "The TwitRocker2 application before 1.0.23 for Android does not properly implement the WebView class, which allows remote attackers to obtain sensitive information via a crafted application."
{ }
"name" : "JVN#00000601", ]
"refsource" : "JVN", },
"url" : "http://jvn.jp/en/jp/JVN00000601/index.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "JVNDB-2012-000033", "description": [
"refsource" : "JVNDB", {
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000033" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "53173", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/53173" ]
}, },
{ "references": {
"name" : "81447", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/81447" "name": "JVN#00000601",
}, "refsource": "JVN",
{ "url": "http://jvn.jp/en/jp/JVN00000601/index.html"
"name" : "48894", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48894" "name": "53173",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/53173"
"name" : "twitrocker2-webview-sec-bypass(75036)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75036" "name": "JVNDB-2012-000033",
} "refsource": "JVNDB",
] "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000033"
} },
} {
"name": "48894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48894"
},
{
"name": "https://play.google.com/store/apps/details?id=com.studiohitori.twitrocker2",
"refsource": "CONFIRM",
"url": "https://play.google.com/store/apps/details?id=com.studiohitori.twitrocker2"
},
{
"name": "twitrocker2-webview-sec-bypass(75036)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75036"
},
{
"name": "81447",
"refsource": "OSVDB",
"url": "http://osvdb.org/81447"
}
]
}
}

34
2012/1xxx/CVE-2012-1548.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1548", "ID": "CVE-2012-1548",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

210
2012/1xxx/CVE-2012-1675.json
View File

@ -1,107 +1,107 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2012-1675", "ID": "CVE-2012-1675",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka \"TNS Poison.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20120418 The history of a -probably- 13 years old Oracle bug: TNS Poison", "description_data": [
"refsource" : "FULLDISC", {
"url" : "http://seclists.org/fulldisclosure/2012/Apr/204" "lang": "eng",
}, "value": "The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka \"TNS Poison.\""
{ }
"name" : "20120428 Oracle TNS Poison vulnerability is actually a 0day with no patch available", ]
"refsource" : "FULLDISC", },
"url" : "http://seclists.org/fulldisclosure/2012/Apr/343" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012", ]
"refsource" : "CONFIRM", }
"url" : "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012" ]
}, },
{ "references": {
"name" : "MDVSA-2013:150", "reference_data": [
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150" "name": "SUSE-SU-2012:0765",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html"
"name" : "SUSE-SU-2012:0765", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00018.html" "name": "53308",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/53308"
"name" : "VU#359816", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/359816" "name": "1027000",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1027000"
"name" : "53308", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/53308" "name": "20120428 Oracle TNS Poison vulnerability is actually a 0day with no patch available",
}, "refsource": "FULLDISC",
{ "url": "http://seclists.org/fulldisclosure/2012/Apr/343"
"name" : "1027000", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1027000" "name": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012",
}, "refsource": "CONFIRM",
{ "url": "https://blogs.oracle.com/security/entry/security_alert_for_cve_2012"
"name" : "oracledatabase-tnslistener-spoofing(75303)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/75303" "name": "VU#359816",
} "refsource": "CERT-VN",
] "url": "http://www.kb.cert.org/vuls/id/359816"
} },
} {
"name": "20120418 The history of a -probably- 13 years old Oracle bug: TNS Poison",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2012/Apr/204"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "oracledatabase-tnslistener-spoofing(75303)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75303"
}
]
}
}

140
2012/1xxx/CVE-2012-1870.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2012-1870", "ID": "CVE-2012-1870",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and other products, allows remote web servers to obtain plaintext data by triggering multiple requests to a third-party HTTPS server and sniffing the network during the resulting HTTPS session, aka \"TLS Protocol Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS12-049", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-049" "lang": "eng",
}, "value": "The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and other products, allows remote web servers to obtain plaintext data by triggering multiple requests to a third-party HTTPS server and sniffing the network during the resulting HTTPS session, aka \"TLS Protocol Vulnerability.\""
{ }
"name" : "TA12-192A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-192A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:15644", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15644" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "TA12-192A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA12-192A.html"
},
{
"name": "MS12-049",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-049"
},
{
"name": "oval:org.mitre.oval:def:15644",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15644"
}
]
}
}

140
2012/1xxx/CVE-2012-1879.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@microsoft.com",
"ID" : "CVE-2012-1879", "ID": "CVE-2012-1879",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka \"insertAdjacentText Remote Code Execution Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "MS12-037", "description_data": [
"refsource" : "MS", {
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037" "lang": "eng",
}, "value": "Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access an undefined memory location, aka \"insertAdjacentText Remote Code Execution Vulnerability.\""
{ }
"name" : "TA12-164A", ]
"refsource" : "CERT", },
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-164A.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "oval:org.mitre.oval:def:15588", "description": [
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15588" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "TA12-164A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA12-164A.html"
},
{
"name": "oval:org.mitre.oval:def:15588",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15588"
},
{
"name": "MS12-037",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-037"
}
]
}
}

160
2012/3xxx/CVE-2012-3293.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@us.ibm.com",
"ID" : "CVE-2012-3293", "ID": "CVE-2012-3293",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a cross-frame scripting (XFS) issue."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21606096", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21606096" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.45, 7.0.x before 7.0.0.25, 8.0.x before 8.0.0.4, and 8.5.x before 8.5.0.1 allows remote attackers to inject arbitrary web script or HTML via vectors involving FRAME elements, related to a cross-frame scripting (XFS) issue."
{ }
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg27022958", ]
"refsource" : "CONFIRM", },
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg27022958" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "PM60839", "description": [
"refsource" : "AIXAPAR", {
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PM60839" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "55149", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/55149" ]
}, },
{ "references": {
"name" : "was-ac-xss(77179)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77179" "name": "was-ac-xss(77179)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77179"
} },
} {
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21606096",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21606096"
},
{
"name": "55149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55149"
},
{
"name": "PM60839",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM60839"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg27022958",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg27022958"
}
]
}
}

130
2012/3xxx/CVE-2012-3565.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-3565", "ID": "CVE-2012-3565",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by \"IDNA2008 tests.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.opera.com/docs/changelogs/windows/1200b/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.opera.com/docs/changelogs/windows/1200b/" "lang": "eng",
}, "value": "Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by \"IDNA2008 tests.\""
{ }
"name" : "opera-domainnames-dos(76360)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/76360" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.opera.com/docs/changelogs/windows/1200b/",
"refsource": "CONFIRM",
"url": "http://www.opera.com/docs/changelogs/windows/1200b/"
},
{
"name": "opera-domainnames-dos(76360)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76360"
}
]
}
}

130
2012/4xxx/CVE-2012-4014.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "vultures@jpcert.or.jp",
"ID" : "CVE-2012-4014", "ID": "CVE-2012-4014",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "JVN#50701493", "description_data": [
"refsource" : "JVN", {
"url" : "http://jvn.jp/en/jp/JVN50701493/index.html" "lang": "eng",
}, "value": "Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors."
{ }
"name" : "JVNDB-2012-000086", ]
"refsource" : "JVNDB", },
"url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000086" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#50701493",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN50701493/index.html"
},
{
"name": "JVNDB-2012-000086",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000086"
}
]
}
}

120
2012/4xxx/CVE-2012-4161.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2012-4161", "ID": "CVE-2012-4161",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4162."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb12-16.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb12-16.html" "lang": "eng",
} "value": "Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4162."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.adobe.com/support/security/bulletins/apsb12-16.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb12-16.html"
}
]
}
}

150
2012/4xxx/CVE-2012-4280.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4280", "ID": "CVE-2012-4280",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote attackers to hijack the authentication of administrators for requests that (1) add an agent via an addagent action or (2) modify an agent."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "18874", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "http://www.exploit-db.com/exploits/18874" "lang": "eng",
}, "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote attackers to hijack the authentication of administrators for requests that (1) add an agent via an addagent action or (2) modify an agent."
{ }
"name" : "http://www.vulnerability-lab.com/get_content.php?id=513", ]
"refsource" : "MISC", },
"url" : "http://www.vulnerability-lab.com/get_content.php?id=513" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "53491", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/53491" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "49132", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/49132" ]
} },
] "references": {
} "reference_data": [
} {
"name": "18874",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18874"
},
{
"name": "53491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53491"
},
{
"name": "http://www.vulnerability-lab.com/get_content.php?id=513",
"refsource": "MISC",
"url": "http://www.vulnerability-lab.com/get_content.php?id=513"
},
{
"name": "49132",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49132"
}
]
}
}

160
2012/4xxx/CVE-2012-4739.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-4739", "ID": "CVE-2012-4739",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20120731 Barracuda SSL VPN 680 - Cross Site Scripting Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-08/0003.html" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) resourcePrefix, or (3) actionPath parameter in showUserResourceCategories.do; (4) list or (5) path parameter to fileSystem.do; or (6) return-To parameter to launchAgent.do."
{ }
"name" : "https://www.barracudanetworks.com/ns/support/tech_alert.php", ]
"refsource" : "CONFIRM", },
"url" : "https://www.barracudanetworks.com/ns/support/tech_alert.php" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "54761", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/54761" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "1027279", ]
"refsource" : "SECTRACK", }
"url" : "http://www.securitytracker.com/id?1027279" ]
}, },
{ "references": {
"name" : "sslvpn680-multiple-xss(77365)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77365" "name": "54761",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/54761"
} },
} {
"name": "https://www.barracudanetworks.com/ns/support/tech_alert.php",
"refsource": "CONFIRM",
"url": "https://www.barracudanetworks.com/ns/support/tech_alert.php"
},
{
"name": "20120731 Barracuda SSL VPN 680 - Cross Site Scripting Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-08/0003.html"
},
{
"name": "1027279",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027279"
},
{
"name": "sslvpn680-multiple-xss(77365)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77365"
}
]
}
}

34
2012/5xxx/CVE-2012-5191.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5191", "ID": "CVE-2012-5191",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2017/2xxx/CVE-2017-2397.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-2397", "ID": "CVE-2017-2397",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the \"Accounts\" component. It allows physically proximate attackers to discover an Apple ID by reading an iCloud authentication prompt on the lock screen."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207617", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207617" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the \"Accounts\" component. It allows physically proximate attackers to discover an Apple ID by reading an iCloud authentication prompt on the lock screen."
{ }
"name" : "97138", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97138" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038139", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038139" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "1038139",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038139"
},
{
"name": "97138",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97138"
},
{
"name": "https://support.apple.com/HT207617",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207617"
}
]
}
}

170
2017/2xxx/CVE-2017-2444.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-2444", "ID": "CVE-2017-2444",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"CoreGraphics\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207600", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207600" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"CoreGraphics\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
{ }
"name" : "https://support.apple.com/HT207601", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT207601" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT207602", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207602" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://support.apple.com/HT207617", ]
"refsource" : "CONFIRM", }
"url" : "https://support.apple.com/HT207617" ]
}, },
{ "references": {
"name" : "97131", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/97131" "name": "1038137",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1038137"
"name" : "1038137", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038137" "name": "https://support.apple.com/HT207601",
} "refsource": "CONFIRM",
] "url": "https://support.apple.com/HT207601"
} },
} {
"name": "97131",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97131"
},
{
"name": "https://support.apple.com/HT207602",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207602"
},
{
"name": "https://support.apple.com/HT207600",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207600"
},
{
"name": "https://support.apple.com/HT207617",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207617"
}
]
}
}

34
2017/3xxx/CVE-2017-3919.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-3919", "ID": "CVE-2017-3919",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/6xxx/CVE-2017-6434.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6434", "ID": "CVE-2017-6434",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/6xxx/CVE-2017-6450.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6450", "ID": "CVE-2017-6450",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2017/6xxx/CVE-2017-6904.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-6904", "ID": "CVE-2017-6904",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2017/6xxx/CVE-2017-6985.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-6985", "ID": "CVE-2017-6985",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the \"NVIDIA Graphics Drivers\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://support.apple.com/HT207797", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207797" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. macOS before 10.12.5 is affected. The issue involves the \"NVIDIA Graphics Drivers\" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app."
{ }
"name" : "1038484", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1038484" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038484",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038484"
},
{
"name": "https://support.apple.com/HT207797",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207797"
}
]
}
}

140
2017/7xxx/CVE-2017-7004.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@apple.com", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2017-7004", "ID": "CVE-2017-7004",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"Security\" component. A race condition allows attackers to bypass intended entitlement restrictions for sending XPC messages via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "42145", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/42145/" "lang": "eng",
}, "value": "An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the \"Security\" component. A race condition allows attackers to bypass intended entitlement restrictions for sending XPC messages via a crafted app."
{ }
"name" : "https://support.apple.com/HT207797", ]
"refsource" : "CONFIRM", },
"url" : "https://support.apple.com/HT207797" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://support.apple.com/HT207798", "description": [
"refsource" : "CONFIRM", {
"url" : "https://support.apple.com/HT207798" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT207797",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207797"
},
{
"name": "42145",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42145/"
},
{
"name": "https://support.apple.com/HT207798",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207798"
}
]
}
}

34
2017/7xxx/CVE-2017-7349.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7349", "ID": "CVE-2017-7349",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

140
2017/7xxx/CVE-2017-7925.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "ics-cert@hq.dhs.gov", "ASSIGNER": "ics-cert@hq.dhs.gov",
"ID" : "CVE-2017-7925", "ID": "CVE-2017-7925",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras", "product_name": "Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras" "version_value": "Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-260"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://us.dahuasecurity.com/en/us/Security-Bulletin_030617.php", "description_data": [
"refsource" : "MISC", {
"url" : "http://us.dahuasecurity.com/en/us/Security-Bulletin_030617.php" "lang": "eng",
}, "value": "A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information."
{ }
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-02", ]
"refsource" : "MISC", },
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-02" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "98312", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/98312" "lang": "eng",
} "value": "CWE-260"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-124-02"
},
{
"name": "http://us.dahuasecurity.com/en/us/Security-Bulletin_030617.php",
"refsource": "MISC",
"url": "http://us.dahuasecurity.com/en/us/Security-Bulletin_030617.php"
},
{
"name": "98312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98312"
}
]
}
}

130
2017/7xxx/CVE-2017-7939.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-7939", "ID": "CVE-2017-7939",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The read_next_pam_token function in imagew-pnm.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/jsummers/imageworsener/issues/13", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/jsummers/imageworsener/issues/13" "lang": "eng",
}, "value": "The read_next_pam_token function in imagew-pnm.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted file."
{ }
"name" : "GLSA-201706-06", ]
"refsource" : "GENTOO", },
"url" : "https://security.gentoo.org/glsa/201706-06" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201706-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201706-06"
},
{
"name": "https://github.com/jsummers/imageworsener/issues/13",
"refsource": "CONFIRM",
"url": "https://github.com/jsummers/imageworsener/issues/13"
}
]
}
}

34
2018/10xxx/CVE-2018-10015.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10015", "ID": "CVE-2018-10015",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

240
2018/10xxx/CVE-2018-10237.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10237", "ID": "CVE-2018-10237",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion" "lang": "eng",
}, "value": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable."
{ }
"name" : "RHSA-2018:2423", ]
"refsource" : "REDHAT", },
"url" : "https://access.redhat.com/errata/RHSA-2018:2423" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2018:2424", "description": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2424" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2018:2425", ]
"refsource" : "REDHAT", }
"url" : "https://access.redhat.com/errata/RHSA-2018:2425" ]
}, },
{ "references": {
"name" : "RHSA-2018:2428", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2428" "name": "RHSA-2018:2428",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2428"
"name" : "RHSA-2018:2598", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2598" "name": "RHSA-2018:2740",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2740"
"name" : "RHSA-2018:2643", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2643" "name": "RHSA-2018:2741",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2741"
"name" : "RHSA-2018:2740", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2740" "name": "RHSA-2018:2742",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2742"
"name" : "RHSA-2018:2741", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2741" "name": "RHSA-2018:2598",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2598"
"name" : "RHSA-2018:2742", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2742" "name": "RHSA-2018:2643",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2643"
"name" : "RHSA-2018:2743", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2743" "name": "RHSA-2018:2424",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2424"
"name" : "RHSA-2018:2927", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:2927" "name": "RHSA-2018:2423",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:2423"
"name" : "1041707", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041707" "name": "RHSA-2018:2425",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2018:2425"
} },
} {
"name": "RHSA-2018:2927",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2927"
},
{
"name": "1041707",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041707"
},
{
"name": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion",
"refsource": "CONFIRM",
"url": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
},
{
"name": "RHSA-2018:2743",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2743"
}
]
}
}

120
2018/10xxx/CVE-2018-10268.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10268", "ID": "CVE-2018-10268",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in FastAdmin V1.0.0.20180417_beta. There is XSS via the application\\api\\controller\\User.php avatar parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://gitee.com/karson/fastadmin/issues/IJ7YZ", "description_data": [
"refsource" : "MISC", {
"url" : "https://gitee.com/karson/fastadmin/issues/IJ7YZ" "lang": "eng",
} "value": "An issue was discovered in FastAdmin V1.0.0.20180417_beta. There is XSS via the application\\api\\controller\\User.php avatar parameter."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://gitee.com/karson/fastadmin/issues/IJ7YZ",
"refsource": "MISC",
"url": "https://gitee.com/karson/fastadmin/issues/IJ7YZ"
}
]
}
}

34
2018/10xxx/CVE-2018-10278.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-10278", "ID": "CVE-2018-10278",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

180
2018/10xxx/CVE-2018-10851.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psampaio@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2018-10851", "ID": "CVE-2018-10851",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "pdns", "product_name": "pdns",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.3.0 to 4.1.4, excluding 4.1.5 and 4.0.6" "version_value": "3.3.0 to 4.1.4, excluding 4.1.5 and 4.0.6"
} }
] ]
} }
}, },
{ {
"product_name" : "pdns-recursor", "product_name": "pdns-recursor",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "3.2 to 4.1.4, excluding 4.1.5 and 4.0.9" "version_value": "3.2 to 4.1.4, excluding 4.1.5 and 4.0.9"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "The PowerDNS Project" "vendor_name": "The PowerDNS Project"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "5.3/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-400"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10851", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10851" "lang": "eng",
}, "value": "PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service."
{ }
"name" : "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-03.html", ]
"refsource" : "CONFIRM", },
"url" : "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-03.html" "impact": {
}, "cvss": [
{ [
"name" : "https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.html", {
"refsource" : "CONFIRM", "vectorString": "5.3/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"url" : "https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.html" "version": "3.0"
} }
] ]
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.html",
"refsource": "CONFIRM",
"url": "https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-2018-04.html"
},
{
"name": "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-03.html",
"refsource": "CONFIRM",
"url": "https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2018-03.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10851",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10851"
}
]
}
}

150
2018/10xxx/CVE-2018-10857.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "lpardo@redhat.com", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2018-10857", "ID": "CVE-2018-10857",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "git-annex", "product_name": "git-annex",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "[UNKNOWN]" "vendor_name": "[UNKNOWN]"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "git-annex is vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the git-annex repository, or content from a private web server on localhost or the LAN."
}
]
},
"impact" : {
"cvss" : [
[
{
"vectorString" : "5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version" : "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-200"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180905 [SECURITY] [DLA 1495-1] git-annex security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html" "lang": "eng",
}, "value": "git-annex is vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the git-annex repository, or content from a private web server on localhost or the LAN."
{ }
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10857", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10857" "impact": {
} "cvss": [
] [
} {
} "vectorString": "5.9/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[debian-lts-announce] 20180905 [SECURITY] [DLA 1495-1] git-annex security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10857",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10857"
}
]
}
}

130
2018/14xxx/CVE-2018-14005.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14005", "ID": "CVE-2018-14005",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/VenusADLab/EtherTokens/blob/master/SHARKTECH/SHARKTECH.md", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/VenusADLab/EtherTokens/blob/master/SHARKTECH/SHARKTECH.md" "lang": "eng",
}, "value": "An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance."
{ }
"name" : "https://github.com/VenusADLab/EtherTokens/tree/master/Malaysia%20coins(Xmc)", ]
"refsource" : "MISC", },
"url" : "https://github.com/VenusADLab/EtherTokens/tree/master/Malaysia%20coins(Xmc)" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/VenusADLab/EtherTokens/blob/master/SHARKTECH/SHARKTECH.md",
"refsource": "MISC",
"url": "https://github.com/VenusADLab/EtherTokens/blob/master/SHARKTECH/SHARKTECH.md"
},
{
"name": "https://github.com/VenusADLab/EtherTokens/tree/master/Malaysia%20coins(Xmc)",
"refsource": "MISC",
"url": "https://github.com/VenusADLab/EtherTokens/tree/master/Malaysia%20coins(Xmc)"
}
]
}
}

130
2018/14xxx/CVE-2018-14049.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14049", "ID": "CVE-2018-14049",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue has been found in libwav through 2017-04-20. It is a SEGV in the function print_info in wav_info/wav_info.c."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/fouzhe/security/tree/master/libwav", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/fouzhe/security/tree/master/libwav" "lang": "eng",
}, "value": "An issue has been found in libwav through 2017-04-20. It is a SEGV in the function print_info in wav_info/wav_info.c."
{ }
"name" : "https://github.com/marc-q/libwav/issues/22", ]
"refsource" : "MISC", },
"url" : "https://github.com/marc-q/libwav/issues/22" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/marc-q/libwav/issues/22",
"refsource": "MISC",
"url": "https://github.com/marc-q/libwav/issues/22"
},
{
"name": "https://github.com/fouzhe/security/tree/master/libwav",
"refsource": "MISC",
"url": "https://github.com/fouzhe/security/tree/master/libwav"
}
]
}
}

130
2018/14xxx/CVE-2018-14051.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14051", "ID": "CVE-2018-14051",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/fouzhe/security/tree/master/libwav", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/fouzhe/security/tree/master/libwav" "lang": "eng",
}, "value": "The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop."
{ }
"name" : "https://github.com/marc-q/libwav/issues/21", ]
"refsource" : "MISC", },
"url" : "https://github.com/marc-q/libwav/issues/21" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/fouzhe/security/tree/master/libwav",
"refsource": "MISC",
"url": "https://github.com/fouzhe/security/tree/master/libwav"
},
{
"name": "https://github.com/marc-q/libwav/issues/21",
"refsource": "MISC",
"url": "https://github.com/marc-q/libwav/issues/21"
}
]
}
}

130
2018/14xxx/CVE-2018-14296.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "zdi-disclosures@trendmicro.com", "ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2018-14296", "ID": "CVE-2018-14296",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Foxit Reader", "product_name": "Foxit Reader",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0.1.5096" "version_value": "9.0.1.5096"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Foxit" "vendor_name": "Foxit"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Circle annotations. By manipulating a document's elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6212."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-416-Use After Free"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://zerodayinitiative.com/advisories/ZDI-18-756", "description_data": [
"refsource" : "MISC", {
"url" : "https://zerodayinitiative.com/advisories/ZDI-18-756" "lang": "eng",
}, "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of Circle annotations. By manipulating a document's elements, an attacker can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6212."
{ }
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", ]
"refsource" : "CONFIRM", },
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-416-Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"name": "https://zerodayinitiative.com/advisories/ZDI-18-756",
"refsource": "MISC",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-756"
}
]
}
}

34
2018/14xxx/CVE-2018-14386.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-14386", "ID": "CVE-2018-14386",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/17xxx/CVE-2018-17619.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "zdi-disclosures@trendmicro.com", "ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2018-17619", "ID": "CVE-2018-17619",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Foxit Reader", "product_name": "Foxit Reader",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.0.1.5096" "version_value": "9.0.1.5096"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Foxit" "vendor_name": "Foxit"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Validate events. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6352."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-416-Use After Free"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://zerodayinitiative.com/advisories/ZDI-18-1100", "description_data": [
"refsource" : "MISC", {
"url" : "https://zerodayinitiative.com/advisories/ZDI-18-1100" "lang": "eng",
}, "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Validate events. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6352."
{ }
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", ]
"refsource" : "CONFIRM", },
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-416-Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"name": "https://zerodayinitiative.com/advisories/ZDI-18-1100",
"refsource": "MISC",
"url": "https://zerodayinitiative.com/advisories/ZDI-18-1100"
}
]
}
}

34
2018/20xxx/CVE-2018-20470.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-20470", "ID": "CVE-2018-20470",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/9xxx/CVE-2018-9296.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9296", "ID": "CVE-2018-9296",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/9xxx/CVE-2018-9435.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9435", "ID": "CVE-2018-9435",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/9xxx/CVE-2018-9647.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9647", "ID": "CVE-2018-9647",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/9xxx/CVE-2018-9898.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-9898", "ID": "CVE-2018-9898",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }