admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 23:43:27 +00:00
parent 05fba406a6
commit 24e79b9c96
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 3953 additions and 3953 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

160
2003/1xxx/CVE-2003-1205.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1205", "ID": "CVE-2003-1205",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Crob FTP Server 2.60.1 allows remote authenticated users to cause a denial of service (crash) by renaming a file to the \"con\" MS-DOS device name."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030806 DoS Vulnerabilities in Crob FTP Server 2.60.1", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=106019292611151&w=2" "lang": "eng",
}, "value": "Crob FTP Server 2.60.1 allows remote authenticated users to cause a denial of service (crash) by renaming a file to the \"con\" MS-DOS device name."
{ }
"name" : "http://www.crob.net/studio/ftpserver/", ]
"refsource" : "MISC", },
"url" : "http://www.crob.net/studio/ftpserver/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2378", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/2378" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "9467", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/9467" ]
}, },
{ "references": {
"name" : "crob-rename-file-dos(12838)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/12838" "name": "2378",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/2378"
} },
} {
"name": "crob-rename-file-dos(12838)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12838"
},
{
"name": "http://www.crob.net/studio/ftpserver/",
"refsource": "MISC",
"url": "http://www.crob.net/studio/ftpserver/"
},
{
"name": "20030806 DoS Vulnerabilities in Crob FTP Server 2.60.1",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=106019292611151&w=2"
},
{
"name": "9467",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9467"
}
]
}
}

200
2003/1xxx/CVE-2003-1234.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1234", "ID": "CVE-2003-1234",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20030107 FreeBSD Security Advisory FreeBSD-SA-02:44.filedesc", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2003-01/0057.html" "lang": "eng",
}, "value": "Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop."
{ }
"name" : "20030106 PDS: Integer overflow in FreeBSD kernel", ]
"refsource" : "BUGTRAQ", },
"url" : "http://www.securityfocus.com/archive/1/305308/30/26420/threaded" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20030106 PDS: Integer overflow in FreeBSD kernel", "description": [
"refsource" : "VULNWATCH", {
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0006.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FreeBSD-SA-02:44", ]
"refsource" : "FREEBSD", }
"url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:44.filedesc.asc" ]
}, },
{ "references": {
"name" : "http://www.pine.nl/press/pine-cert-20030101.txt", "reference_data": [
"refsource" : "MISC", {
"url" : "http://www.pine.nl/press/pine-cert-20030101.txt" "name": "http://www.pine.nl/press/pine-cert-20030101.txt",
}, "refsource": "MISC",
{ "url": "http://www.pine.nl/press/pine-cert-20030101.txt"
"name" : "1005898", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1005898" "name": "20030106 PDS: Integer overflow in FreeBSD kernel",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/305308/30/26420/threaded"
"name" : "7821", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/7821" "name": "20030106 PDS: Integer overflow in FreeBSD kernel",
}, "refsource": "VULNWATCH",
{ "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0006.html"
"name" : "freebsd-kernel-integer-overflow(10993)", },
"refsource" : "XF", {
"url" : "http://www.iss.net/security_center/static/10993.php" "name": "FreeBSD-SA-02:44",
}, "refsource": "FREEBSD",
{ "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:44.filedesc.asc"
"name" : "6524", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/6524" "name": "20030107 FreeBSD Security Advisory FreeBSD-SA-02:44.filedesc",
} "refsource": "BUGTRAQ",
] "url": "http://archives.neohapsis.com/archives/bugtraq/2003-01/0057.html"
} },
} {
"name": "6524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6524"
},
{
"name": "1005898",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1005898"
},
{
"name": "freebsd-kernel-integer-overflow(10993)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10993.php"
},
{
"name": "7821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7821"
}
]
}
}

170
2003/1xxx/CVE-2003-1564.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2003-1564", "ID": "CVE-2003-1564",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the \"billion laughs attack.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[xml-dev] 20030202 Re: Elliotte Rusty Harold on Web Services", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.stylusstudio.com/xmldev/200302/post20020.html" "lang": "eng",
}, "value": "libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the \"billion laughs attack.\""
{ }
"name" : "[xml] 20080820 Security fix for libxml2", ]
"refsource" : "MLIST", },
"url" : "http://mail.gnome.org/archives/xml/2008-August/msg00034.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.reddit.com/r/programming/comments/65843/time_to_upgrade_libxml2", "description": [
"refsource" : "MISC", {
"url" : "http://www.reddit.com/r/programming/comments/65843/time_to_upgrade_libxml2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://xmlsoft.org/news.html", ]
"refsource" : "MISC", }
"url" : "http://xmlsoft.org/news.html" ]
}, },
{ "references": {
"name" : "RHSA-2008:0886", "reference_data": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2008-0886.html" "name": "31868",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31868"
"name" : "31868", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31868" "name": "http://xmlsoft.org/news.html",
} "refsource": "MISC",
] "url": "http://xmlsoft.org/news.html"
} },
} {
"name": "[xml-dev] 20030202 Re: Elliotte Rusty Harold on Web Services",
"refsource": "MLIST",
"url": "http://www.stylusstudio.com/xmldev/200302/post20020.html"
},
{
"name": "http://www.reddit.com/r/programming/comments/65843/time_to_upgrade_libxml2",
"refsource": "MISC",
"url": "http://www.reddit.com/r/programming/comments/65843/time_to_upgrade_libxml2"
},
{
"name": "[xml] 20080820 Security fix for libxml2",
"refsource": "MLIST",
"url": "http://mail.gnome.org/archives/xml/2008-August/msg00034.html"
},
{
"name": "RHSA-2008:0886",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2008-0886.html"
}
]
}
}

320
2004/0xxx/CVE-2004-0008.json
View File

@ -1,162 +1,162 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0008", "ID": "CVE-2004-0008",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040126 Advisory 01/2004: 12 x Gaim remote overflows", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=107513690306318&w=2" "lang": "eng",
}, "value": "Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow."
{ }
"name" : "20040126 Advisory 01/2004: 12 x Gaim remote overflows", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://security.e-matters.de/advisories/012004.html", "description": [
"refsource" : "MISC", {
"url" : "http://security.e-matters.de/advisories/012004.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code", ]
"refsource" : "BUGTRAQ", }
"url" : "http://marc.info/?l=bugtraq&m=107522432613022&w=2" ]
}, },
{ "references": {
"name" : "http://ultramagnetic.sourceforge.net/advisories/001.html", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://ultramagnetic.sourceforge.net/advisories/001.html" "name": "20040202-01-U",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc"
"name" : "RHSA-2004:032", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2004-032.html" "name": "20040127 [slackware-security] GAIM security update (SSA:2004-026-01)",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=107522338611564&w=2"
"name" : "RHSA-2004:033", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2004-033.html" "name": "DSA-434",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2004/dsa-434"
"name" : "MDKSA-2004:006", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006" "name": "20040201-01-U",
}, "refsource": "SGI",
{ "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
"name" : "DSA-434", },
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2004/dsa-434" "name": "RHSA-2004:032",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2004-032.html"
"name" : "RHSA-2004:045", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2004-045.html" "name": "oval:org.mitre.oval:def:820",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820"
"name" : "CLA-2004:813", },
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000813" "name": "3734",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/3734"
"name" : "20040201-01-U", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc" "name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=107513690306318&w=2"
"name" : "20040127 [slackware-security] GAIM security update (SSA:2004-026-01)", },
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=107522338611564&w=2" "name": "oval:org.mitre.oval:def:9469",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469"
"name" : "GLSA-200401-04", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200401-04.xml" "name": "http://ultramagnetic.sourceforge.net/advisories/001.html",
}, "refsource": "CONFIRM",
{ "url": "http://ultramagnetic.sourceforge.net/advisories/001.html"
"name" : "20040202-01-U", },
"refsource" : "SGI", {
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc" "name": "GLSA-200401-04",
}, "refsource": "GENTOO",
{ "url": "http://security.gentoo.org/glsa/glsa-200401-04.xml"
"name" : "VU#779614", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/779614" "name": "1008850",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id?1008850"
"name" : "3734", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/3734" "name": "20040127 Ultramagnetic Advisory #001: Multiple vulnerabilities in Gaim code",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=107522432613022&w=2"
"name" : "oval:org.mitre.oval:def:820", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A820" "name": "http://security.e-matters.de/advisories/012004.html",
}, "refsource": "MISC",
{ "url": "http://security.e-matters.de/advisories/012004.html"
"name" : "oval:org.mitre.oval:def:9469", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9469" "name": "RHSA-2004:033",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2004-033.html"
"name" : "1008850", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1008850" "name": "MDKSA-2004:006",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:006"
"name" : "gaim-directim-bo(14937)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/14937" "name": "20040126 Advisory 01/2004: 12 x Gaim remote overflows",
} "refsource": "FULLDISC",
] "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-01/0994.html"
} },
} {
"name": "gaim-directim-bo(14937)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14937"
},
{
"name": "VU#779614",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/779614"
},
{
"name": "CLA-2004:813",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000813"
},
{
"name": "RHSA-2004:045",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-045.html"
}
]
}
}

160
2004/0xxx/CVE-2004-0357.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0357", "ID": "CVE-2004-0357",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040305 SLWebMail Multiple Buffer Overflow Vulnerabilities (#NISR05022004b)", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=107850432827699&w=2" "lang": "eng",
}, "value": "Stack-based buffer overflows in SL Mail Pro 2.0.9 allow remote attackers to execute arbitrary code via (1) user.dll, (2) loadpageadmin.dll or (3) loadpageuser.dll."
{ }
"name" : "http://216.26.170.92/Download/webfiles/Patches/SLMPPatch-2.0.14.pdf", ]
"refsource" : "CONFIRM", },
"url" : "http://216.26.170.92/Download/webfiles/Patches/SLMPPatch-2.0.14.pdf" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.nextgenss.com/advisories/slmailwm.txt", "description": [
"refsource" : "MISC", {
"url" : "http://www.nextgenss.com/advisories/slmailwm.txt" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "slmail-slwebmail-bo(15399)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15399" ]
}, },
{ "references": {
"name" : "9808", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9808" "name": "slmail-slwebmail-bo(15399)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15399"
} },
} {
"name": "http://www.nextgenss.com/advisories/slmailwm.txt",
"refsource": "MISC",
"url": "http://www.nextgenss.com/advisories/slmailwm.txt"
},
{
"name": "9808",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9808"
},
{
"name": "http://216.26.170.92/Download/webfiles/Patches/SLMPPatch-2.0.14.pdf",
"refsource": "CONFIRM",
"url": "http://216.26.170.92/Download/webfiles/Patches/SLMPPatch-2.0.14.pdf"
},
{
"name": "20040305 SLWebMail Multiple Buffer Overflow Vulnerabilities (#NISR05022004b)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=107850432827699&w=2"
}
]
}
}

180
2004/0xxx/CVE-2004-0430.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0430", "ID": "CVE-2004-0430",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "A050304-1", "description_data": [
"refsource" : "ATSTAKE", {
"url" : "http://www.atstake.com/research/advisories/2004/a050304-1.txt" "lang": "eng",
}, "value": "Stack-based buffer overflow in AppleFileServer for Mac OS X 10.3.3 and earlier allows remote attackers to execute arbitrary code via a LoginExt packet for a Cleartext Password User Authentication Method (UAM) request with a PathName argument that includes an AFPName type string that is longer than the associated length field."
{ }
"name" : "APPLE-SA-2004-05-03", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/mhonarc/security-announce/msg00049.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.securiteam.com/securitynews/5QP0115CUO.html", "description": [
"refsource" : "MISC", {
"url" : "http://www.securiteam.com/securitynews/5QP0115CUO.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "VU#648406", ]
"refsource" : "CERT-VN", }
"url" : "http://www.kb.cert.org/vuls/id/648406" ]
}, },
{ "references": {
"name" : "11539", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11539" "name": "A050304-1",
}, "refsource": "ATSTAKE",
{ "url": "http://www.atstake.com/research/advisories/2004/a050304-1.txt"
"name" : "1010039", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1010039" "name": "applefileserver-afp-pathname-bo(16049)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16049"
"name" : "applefileserver-afp-pathname-bo(16049)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16049" "name": "1010039",
} "refsource": "SECTRACK",
] "url": "http://securitytracker.com/id?1010039"
} },
} {
"name": "VU#648406",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/648406"
},
{
"name": "http://www.securiteam.com/securitynews/5QP0115CUO.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/securitynews/5QP0115CUO.html"
},
{
"name": "APPLE-SA-2004-05-03",
"refsource": "APPLE",
"url": "http://lists.apple.com/mhonarc/security-announce/msg00049.html"
},
{
"name": "11539",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11539"
}
]
}
}

240
2004/0xxx/CVE-2004-0633.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0633", "ID": "CVE-2004-0633",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ethereal.com/appnotes/enpa-sa-00015.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ethereal.com/appnotes/enpa-sa-00015.html" "lang": "eng",
}, "value": "The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow."
{ }
"name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127381", ]
"refsource" : "CONFIRM", },
"url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127381" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "CLA-2005:916", "description": [
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2004-219", ]
"refsource" : "FEDORA", }
"url" : "http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00013.html" ]
}, },
{ "references": {
"name" : "FEDORA-2004-220", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00014.html" "name": "1010655",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1010655"
"name" : "GLSA-200407-08", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200407-08.xml" "name": "CLA-2005:916",
}, "refsource": "CONECTIVA",
{ "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916"
"name" : "MDKSA-2004:067", },
"refsource" : "MANDRAKE", {
"url" : "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:067" "name": "MDKSA-2004:067",
}, "refsource": "MANDRAKE",
{ "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:067"
"name" : "RHSA-2004:378", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2004-378.html" "name": "http://www.ethereal.com/appnotes/enpa-sa-00015.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.ethereal.com/appnotes/enpa-sa-00015.html"
"name" : "VU#829422", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/829422" "name": "VU#829422",
}, "refsource": "CERT-VN",
{ "url": "http://www.kb.cert.org/vuls/id/829422"
"name" : "oval:org.mitre.oval:def:9931", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9931" "name": "12024",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/12024"
"name" : "1010655", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1010655" "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127381",
}, "refsource": "CONFIRM",
{ "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127381"
"name" : "12024", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12024" "name": "ethereal-isns-dos(16630)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16630"
"name" : "ethereal-isns-dos(16630)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16630" "name": "FEDORA-2004-219",
} "refsource": "FEDORA",
] "url": "http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00013.html"
} },
} {
"name": "FEDORA-2004-220",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-July/msg00014.html"
},
{
"name": "RHSA-2004:378",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-378.html"
},
{
"name": "oval:org.mitre.oval:def:9931",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9931"
},
{
"name": "GLSA-200407-08",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200407-08.xml"
}
]
}
}

240
2004/0xxx/CVE-2004-0764.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-0764", "ID": "CVE-2004-0764",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the \"chrome\" flag and XML User Interface Language (XUL) files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugzilla.mozilla.org/show_bug.cgi?id=244965", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://bugzilla.mozilla.org/show_bug.cgi?id=244965" "lang": "eng",
}, "value": "Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the \"chrome\" flag and XML User Interface Language (XUL) files."
{ }
"name" : "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7", ]
"refsource" : "CONFIRM", },
"url" : "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FLSA:2089", "description": [
"refsource" : "FEDORA", {
"url" : "http://marc.info/?l=bugtraq&m=109900315219363&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "RHSA-2004:421", ]
"refsource" : "REDHAT", }
"url" : "http://www.redhat.com/support/errata/RHSA-2004-421.html" ]
}, },
{ "references": {
"name" : "SCOSA-2005.49", "reference_data": [
"refsource" : "SCO", {
"url" : "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt" "name": "12188",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/12188"
"name" : "SUSE-SA:2004:036", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html" "name": "mozilla-user-interface-spoofing(16837)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16837"
"name" : "VU#262350", },
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/262350" "name": "SCOSA-2005.49",
}, "refsource": "SCO",
{ "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt"
"name" : "10832", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/10832" "name": "SUSE-SA:2004:036",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2004_36_mozilla.html"
"name" : "15495", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/15495" "name": "RHSA-2004:421",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2004-421.html"
"name" : "oval:org.mitre.oval:def:2418", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2418" "name": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7"
"name" : "oval:org.mitre.oval:def:9419", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9419" "name": "FLSA:2089",
}, "refsource": "FEDORA",
{ "url": "http://marc.info/?l=bugtraq&m=109900315219363&w=2"
"name" : "12188", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/12188" "name": "oval:org.mitre.oval:def:2418",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2418"
"name" : "mozilla-user-interface-spoofing(16837)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/16837" "name": "15495",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/15495"
} },
} {
"name": "VU#262350",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/262350"
},
{
"name": "10832",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10832"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=244965",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=244965"
},
{
"name": "oval:org.mitre.oval:def:9419",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9419"
}
]
}
}

140
2004/1xxx/CVE-2004-1222.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1222", "ID": "CVE-2004-1222",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "weblibs.pl in WebLibs 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the TextFile parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041207 Remote Web Server Text File Viewing Vulnerability in WebLibs 1.0", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110245395510945&w=2" "lang": "eng",
}, "value": "weblibs.pl in WebLibs 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the TextFile parameter."
{ }
"name" : "11848", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/11848" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "weblibs-directory-traversal(18399)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18399" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "weblibs-directory-traversal(18399)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18399"
},
{
"name": "20041207 Remote Web Server Text File Viewing Vulnerability in WebLibs 1.0",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=110245395510945&w=2"
},
{
"name": "11848",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11848"
}
]
}
}

150
2004/1xxx/CVE-2004-1503.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1503", "ID": "CVE-2004-1503",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041108 DOS against Java JNDI/DNS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109994063331773&w=2" "lang": "eng",
}, "value": "Integer overflow in the InitialDirContext in Java Runtime Environment (JRE) 1.4.2, 1.5.0 and possibly other versions allows remote attackers to cause a denial of service (Java exception and failed DNS requests) via a large number of DNS requests, which causes the xid variable to wrap around and become negative."
{ }
"name" : "11619", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/11619" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "13142", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/13142" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "sun-jre-dns-dos(17990)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17990" ]
} },
] "references": {
} "reference_data": [
} {
"name": "13142",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13142"
},
{
"name": "20041108 DOS against Java JNDI/DNS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109994063331773&w=2"
},
{
"name": "11619",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11619"
},
{
"name": "sun-jre-dns-dos(17990)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17990"
}
]
}
}

140
2004/1xxx/CVE-2004-1639.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1639", "ID": "CVE-2004-1639",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows remote attackers to cause a denial of service (application crash or memory consumption) via a large binary file with a .html extension."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041026 Rendering large binary file as HTML makes Mozilla Firefox stop responding", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109886388528179&w=2" "lang": "eng",
}, "value": "Mozilla Firefox before 0.10, Mozilla 5.0, and Gecko 20040913 allows remote attackers to cause a denial of service (application crash or memory consumption) via a large binary file with a .html extension."
{ }
"name" : "20041026 Rendering large binary file as HTML makes Mozilla Firefox stop responding or crash", ]
"refsource" : "VULNWATCH", },
"url" : "http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0017.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "mozilla-html-dos(17839)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17839" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "20041026 Rendering large binary file as HTML makes Mozilla Firefox stop responding or crash",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q4/0017.html"
},
{
"name": "20041026 Rendering large binary file as HTML makes Mozilla Firefox stop responding",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109886388528179&w=2"
},
{
"name": "mozilla-html-dos(17839)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17839"
}
]
}
}

160
2004/1xxx/CVE-2004-1657.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1657", "ID": "CVE-2004-1657",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Referrer HTTP headers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040901 Cross-Site Scripting Vulnerability in Newtelligence DasBlog", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109443321830050&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Activity and Events Viewer for Newtelligence DasBlog allows remote attackers to inject arbitrary web script or HTML via the (1) User Agent or (2) Referrer HTTP headers."
{ }
"name" : "http://staff.newtelligence.net/clemensv/PermaLink.aspx?guid=69bce168-cb09-4f09-8d53-f0b97f11b198", ]
"refsource" : "CONFIRM", },
"url" : "http://staff.newtelligence.net/clemensv/PermaLink.aspx?guid=69bce168-cb09-4f09-8d53-f0b97f11b198" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11086", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11086" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "12416", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/12416" ]
}, },
{ "references": {
"name" : "dasblog-useragent-referer-xss(17174)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17174" "name": "http://staff.newtelligence.net/clemensv/PermaLink.aspx?guid=69bce168-cb09-4f09-8d53-f0b97f11b198",
} "refsource": "CONFIRM",
] "url": "http://staff.newtelligence.net/clemensv/PermaLink.aspx?guid=69bce168-cb09-4f09-8d53-f0b97f11b198"
} },
} {
"name": "dasblog-useragent-referer-xss(17174)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17174"
},
{
"name": "12416",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/12416"
},
{
"name": "20040901 Cross-Site Scripting Vulnerability in Newtelligence DasBlog",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109443321830050&w=2"
},
{
"name": "11086",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11086"
}
]
}
}

150
2004/1xxx/CVE-2004-1699.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-1699", "ID": "CVE-2004-1699",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers to cause a denial of service (web interface errors) via an invalid Skin parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040922 Pinnacle ShowCenter 1.51 possible DoS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=109589167110196&w=2" "lang": "eng",
}, "value": "SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers to cause a denial of service (web interface errors) via an invalid Skin parameter."
{ }
"name" : "20040921 Pinnacle ShowCenter Skin Denial of Service", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026733.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "11232", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/11232" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "pinnacle-showcenter-dos(17463)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/17463" ]
} },
] "references": {
} "reference_data": [
} {
"name": "20040922 Pinnacle ShowCenter 1.51 possible DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=109589167110196&w=2"
},
{
"name": "11232",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11232"
},
{
"name": "pinnacle-showcenter-dos(17463)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17463"
},
{
"name": "20040921 Pinnacle ShowCenter Skin Denial of Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-September/026733.html"
}
]
}
}

170
2004/2xxx/CVE-2004-2342.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2342", "ID": "CVE-2004-2342",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ChatterBox 2.0 allows remote attackers to cause a denial of service (server crash) via a malformed request to the server, as demonstrated using \"aaaaaa\"."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20040130 Denial Of Service in ChatterBox 2.0", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/352341" "lang": "eng",
}, "value": "ChatterBox 2.0 allows remote attackers to cause a denial of service (server crash) via a malformed request to the server, as demonstrated using \"aaaaaa\"."
{ }
"name" : "http://www.autistici.org/fdonato/advisory/ChatterBox2.0-adv.txt", ]
"refsource" : "MISC", },
"url" : "http://www.autistici.org/fdonato/advisory/ChatterBox2.0-adv.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "9532", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9532" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "3798", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/3798" ]
}, },
{ "references": {
"name" : "10775", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/10775" "name": "9532",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/9532"
"name" : "chatterbox-dos(15011)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15011" "name": "3798",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/3798"
} },
} {
"name": "http://www.autistici.org/fdonato/advisory/ChatterBox2.0-adv.txt",
"refsource": "MISC",
"url": "http://www.autistici.org/fdonato/advisory/ChatterBox2.0-adv.txt"
},
{
"name": "20040130 Denial Of Service in ChatterBox 2.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/352341"
},
{
"name": "chatterbox-dos(15011)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15011"
},
{
"name": "10775",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10775"
}
]
}
}

170
2004/2xxx/CVE-2004-2673.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2673", "ID": "CVE-2004-2673",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a long first or second argument, or (2) a SITE COPY with a long argument."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.securiteam.com/windowsntfocus/5RP010KCAO.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://www.securiteam.com/windowsntfocus/5RP010KCAO.html" "lang": "eng",
}, "value": "Multiple buffer overflows in ArGoSoft FTP Server before 1.4.1.6 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a SITE ZIP command with a long first or second argument, or (2) a SITE COPY with a long argument."
{ }
"name" : "http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx", ]
"refsource" : "CONFIRM", },
"url" : "http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "9770", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/9770" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "11334", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/11334" ]
}, },
{ "references": {
"name" : "11002", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/11002" "name": "11334",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/11334"
"name" : "argosoftftp-site-bo(15410)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15410" "name": "9770",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/9770"
} },
} {
"name": "http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx",
"refsource": "CONFIRM",
"url": "http://www.argosoft.com/rootpages/FtpServer/ChangeList.aspx"
},
{
"name": "11002",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11002"
},
{
"name": "http://www.securiteam.com/windowsntfocus/5RP010KCAO.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/windowsntfocus/5RP010KCAO.html"
},
{
"name": "argosoftftp-site-bo(15410)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15410"
}
]
}
}

180
2004/2xxx/CVE-2004-2738.json
View File

@ -1,92 +1,92 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2004-2738", "ID": "CVE-2004-2738",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in check_user_id.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the user_id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20041224 STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=110391024404947&w=2" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in check_user_id.php in ZeroBoard 4.1pl4 and earlier allows remote attackers to inject arbitrary web script or HTML via the user_id parameter."
{ }
"name" : "20041223 STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard", ]
"refsource" : "FULLDISC", },
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030224.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "12103", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/12103" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "12582", ]
"refsource" : "OSVDB", }
"url" : "http://www.osvdb.org/12582" ]
}, },
{ "references": {
"name" : "1012677", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1012677" "name": "20041224 STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard",
}, "refsource": "BUGTRAQ",
{ "url": "http://marc.info/?l=bugtraq&m=110391024404947&w=2"
"name" : "13649", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/13649" "name": "20041223 STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard",
}, "refsource": "FULLDISC",
{ "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030224.html"
"name" : "zeroboard-checkuserid-xss(18680)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18680" "name": "12582",
} "refsource": "OSVDB",
] "url": "http://www.osvdb.org/12582"
} },
} {
"name": "13649",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13649"
},
{
"name": "12103",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12103"
},
{
"name": "zeroboard-checkuserid-xss(18680)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18680"
},
{
"name": "1012677",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012677"
}
]
}
}

160
2008/2xxx/CVE-2008-2498.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2498", "ID": "CVE-2008-2498",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://forum.mambo-foundation.org/showthread.php?t=11799", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://forum.mambo-foundation.org/showthread.php?t=11799" "lang": "eng",
}, "value": "Multiple SQL injection vulnerabilities in index.php in Mambo before 4.6.4, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) articleid and (2) mcname parameters. NOTE: some of these details are obtained from third party information."
{ }
"name" : "29373", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29373" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2008-1660", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/1660/references" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "30343", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/30343" ]
}, },
{ "references": {
"name" : "mambo-index-sql-injection(42644)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42644" "name": "mambo-index-sql-injection(42644)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42644"
} },
} {
"name": "ADV-2008-1660",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1660/references"
},
{
"name": "29373",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29373"
},
{
"name": "http://forum.mambo-foundation.org/showthread.php?t=11799",
"refsource": "CONFIRM",
"url": "http://forum.mambo-foundation.org/showthread.php?t=11799"
},
{
"name": "30343",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30343"
}
]
}
}

140
2008/2xxx/CVE-2008-2840.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-2840", "ID": "CVE-2008-2840",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to (1) custompage.php, (2) errors/404.php, (3) members/memberslist.php, (4) members/profile.php, (5) news/fullview.php, (6) news/index.php, (7) nopermission.php, (8) usercp/avatar.php, or (9) usercp/editpassword.php in themes/Default/. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://sourceforge.net/project/shownotes.php?release_id=607502", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://sourceforge.net/project/shownotes.php?release_id=607502" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and 1.0.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the theme parameter to (1) custompage.php, (2) errors/404.php, (3) members/memberslist.php, (4) members/profile.php, (5) news/fullview.php, (6) news/index.php, (7) nopermission.php, (8) usercp/avatar.php, or (9) usercp/editpassword.php in themes/Default/. NOTE: some of these details are obtained from third party information."
{ }
"name" : "29788", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/29788" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30711", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/30711" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "29788",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29788"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=607502",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=607502"
},
{
"name": "30711",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30711"
}
]
}
}

160
2008/6xxx/CVE-2008-6178.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6178", "ID": "CVE-2008-6178",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote attackers to execute arbitrary code by creating a file with PHP sequences preceded by a ZIP header, uploading this file via a FileUpload action with the application/zip content type, and then accessing this file via a direct request to the file in UserFiles/File/, probably a related issue to CVE-2005-4094. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "8060", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/8060" "lang": "eng",
}, "value": "Unrestricted file upload vulnerability in editor/filemanager/browser/default/connectors/php/connector.php in FCKeditor 2.2, as used in Falt4 CMS, Nuke ET, and other products, allows remote attackers to execute arbitrary code by creating a file with PHP sequences preceded by a ZIP header, uploading this file via a FileUpload action with the application/zip content type, and then accessing this file via a direct request to the file in UserFiles/File/, probably a related issue to CVE-2005-4094. NOTE: some of these details are obtained from third party information."
{ }
"name" : "31812", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/31812" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2009-0447", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2009/0447" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "33973", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/33973" ]
}, },
{ "references": {
"name" : "falt4-fckeditor-file-upload(48769)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48769" "name": "31812",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/31812"
} },
} {
"name": "33973",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33973"
},
{
"name": "ADV-2009-0447",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0447"
},
{
"name": "falt4-fckeditor-file-upload(48769)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48769"
},
{
"name": "8060",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/8060"
}
]
}
}

150
2008/6xxx/CVE-2008-6762.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6762", "ID": "CVE-2008-6762",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20081222 [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://archives.neohapsis.com/archives/bugtraq/2008-12/0226.html" "lang": "eng",
}, "value": "Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the backto parameter."
{ }
"name" : "DSA-1871", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2009/dsa-1871" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "52213", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/52213" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "wordpress-upgrade-phishing(50382)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50382" ]
} },
] "references": {
} "reference_data": [
} {
"name": "DSA-1871",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1871"
},
{
"name": "20081222 [ISecAuditors Security Advisories] Wordpress is vulnerable to an unauthorized upgrade and XSS",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2008-12/0226.html"
},
{
"name": "52213",
"refsource": "OSVDB",
"url": "http://osvdb.org/52213"
},
{
"name": "wordpress-upgrade-phishing(50382)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50382"
}
]
}
}

150
2008/6xxx/CVE-2008-6899.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6899", "ID": "CVE-2008-6899",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20081222 FreeSSHd Multiple Remote Stack Overflow Vulnerabilities", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/499486/100/0/threaded" "lang": "eng",
}, "value": "Multiple buffer overflows in freeSSHd 1.2.1 allow remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a long (1) open, (2) unlink, (3) mkdir, (4) rmdir, or (5) stat SFTP command."
{ }
"name" : "http://www.bmgsec.com.au/advisories/freeSSHd-bof.txt", ]
"refsource" : "MISC", },
"url" : "http://www.bmgsec.com.au/advisories/freeSSHd-bof.txt" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "32972", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/32972" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "freesshd-open-bo(52434)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52434" ]
} },
] "references": {
} "reference_data": [
} {
"name": "freesshd-open-bo(52434)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52434"
},
{
"name": "32972",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32972"
},
{
"name": "http://www.bmgsec.com.au/advisories/freeSSHd-bof.txt",
"refsource": "MISC",
"url": "http://www.bmgsec.com.au/advisories/freeSSHd-bof.txt"
},
{
"name": "20081222 FreeSSHd Multiple Remote Stack Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499486/100/0/threaded"
}
]
}
}

170
2008/6xxx/CVE-2008-6977.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-6977", "ID": "CVE-2008-6977",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in album.asp in Full Revolution aspWebAlbum 3.2 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a summary action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "6357", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/6357" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in album.asp in Full Revolution aspWebAlbum 3.2 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a summary action."
{ }
"name" : "6420", ]
"refsource" : "EXPLOIT-DB", },
"url" : "https://www.exploit-db.com/exploits/6420" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "30996", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/30996" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "47915", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/47915" ]
}, },
{ "references": {
"name" : "31649", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31649" "name": "31649",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31649"
"name" : "aspwebalbum-album-xss(44878)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44878" "name": "aspwebalbum-album-xss(44878)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44878"
} },
} {
"name": "30996",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30996"
},
{
"name": "47915",
"refsource": "OSVDB",
"url": "http://osvdb.org/47915"
},
{
"name": "6420",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6420"
},
{
"name": "6357",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6357"
}
]
}
}

150
2008/7xxx/CVE-2008-7129.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-7129", "ID": "CVE-2008-7129",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://polarssl.org/?archive#001c", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://polarssl.org/?archive#001c" "lang": "eng",
}, "value": "XySSL before 0.9 allows remote attackers to cause a denial of service (infinite loop) via an X.509 certificate that does not pass the RSA signature check during verification."
{ }
"name" : "49101", ]
"refsource" : "OSVDB", },
"url" : "http://osvdb.org/49101" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2008-0917", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0917" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "xyssl-x509-dos(41255)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41255" ]
} },
] "references": {
} "reference_data": [
} {
"name": "ADV-2008-0917",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0917"
},
{
"name": "49101",
"refsource": "OSVDB",
"url": "http://osvdb.org/49101"
},
{
"name": "xyssl-x509-dos(41255)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41255"
},
{
"name": "http://polarssl.org/?archive#001c",
"refsource": "CONFIRM",
"url": "http://polarssl.org/?archive#001c"
}
]
}
}

150
2008/7xxx/CVE-2008-7254.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2008-7254", "ID": "CVE-2008-7254",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in includes/template-loader.php in Irmin CMS (formerly Pepsi CMS) 0.5 and 0.6 BETA2, when register_globals is enabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the _Root_Path parameter. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.org/0808-exploits/pepsicms-rfi.txt", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.org/0808-exploits/pepsicms-rfi.txt" "lang": "eng",
}, "value": "Directory traversal vulnerability in includes/template-loader.php in Irmin CMS (formerly Pepsi CMS) 0.5 and 0.6 BETA2, when register_globals is enabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the _Root_Path parameter. NOTE: some of these details are obtained from third party information."
{ }
"name" : "11938", ]
"refsource" : "EXPLOIT-DB", },
"url" : "http://www.exploit-db.com/exploits/11938" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "63348", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/63348" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "39214", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/39214" ]
} },
] "references": {
} "reference_data": [
} {
"name": "11938",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/11938"
},
{
"name": "63348",
"refsource": "OSVDB",
"url": "http://osvdb.org/63348"
},
{
"name": "39214",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39214"
},
{
"name": "http://packetstormsecurity.org/0808-exploits/pepsicms-rfi.txt",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/0808-exploits/pepsicms-rfi.txt"
}
]
}
}

190
2012/1xxx/CVE-2012-1446.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-1446", "ID": "CVE-2012-1446",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/522005" "lang": "eng",
}, "value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
{ }
"name" : "http://www.ieee-security.org/TC/SP2012/program.html", ]
"refsource" : "MISC", },
"url" : "http://www.ieee-security.org/TC/SP2012/program.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "52600", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/52600" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "80426", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/80426" ]
}, },
{ "references": {
"name" : "80427", "reference_data": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/80427" "name": "80430",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/80430"
"name" : "80428", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/80428" "name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/522005"
"name" : "80430", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/80430" "name": "80427",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/80427"
"name" : "80431", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/80431" "name": "52600",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/52600"
} },
} {
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"refsource": "OSVDB",
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"refsource": "OSVDB",
"url": "http://osvdb.org/80426"
},
{
"name": "80431",
"refsource": "OSVDB",
"url": "http://osvdb.org/80431"
}
]
}
}

120
2012/5xxx/CVE-2012-5044.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@cisco.com",
"ID" : "CVE-2012-5044", "ID": "CVE-2012-5044",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf" "lang": "eng",
} "value": "Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/c/en/us/td/docs/ios/15_3m_and_t/release/notes/15_3m_and_t.pdf"
}
]
}
}

130
2012/5xxx/CVE-2012-5219.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "hp-security-alert@hp.com",
"ID" : "CVE-2012-5219", "ID": "CVE-2012-5219",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in HP Managed Printing Administration (MPA) before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBPI02868", "description_data": [
"refsource" : "HP", {
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03737200" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in HP Managed Printing Administration (MPA) before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "SSRT101017", ]
"refsource" : "HP", },
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03737200" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBPI02868",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03737200"
},
{
"name": "SSRT101017",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03737200"
}
]
}
}

200
2012/5xxx/CVE-2012-5667.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2012-5667", "ID": "CVE-2012-5667",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[bug-grep] 20121217 Re: Exploit in grep..", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.gnu.org/archive/html/bug-grep/2012-12/msg00004.html" "lang": "eng",
}, "value": "Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow."
{ }
"name" : "[oss-security] 20121221 Re: CVE Request: grep", ]
"refsource" : "MLIST", },
"url" : "http://openwall.com/lists/oss-security/2012/12/22/6" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://git.savannah.gnu.org/cgit/grep.git/commit/?id=8fcf61523644df42e1905c81bed26838e0b04f91", "description": [
"refsource" : "CONFIRM", {
"url" : "http://git.savannah.gnu.org/cgit/grep.git/commit/?id=8fcf61523644df42e1905c81bed26838e0b04f91" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://git.savannah.gnu.org/cgit/grep.git/commit/?id=cbbc1a45b9f843c811905c97c90a5d31f8e6c189", ]
"refsource" : "CONFIRM", }
"url" : "http://git.savannah.gnu.org/cgit/grep.git/commit/?id=cbbc1a45b9f843c811905c97c90a5d31f8e6c189" ]
}, },
{ "references": {
"name" : "http://git.sv.gnu.org/gitweb/?p=grep.git;a=shortlog;h=v2.11", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://git.sv.gnu.org/gitweb/?p=grep.git;a=shortlog;h=v2.11" "name": "https://bugs.launchpad.net/ubuntu/+source/grep/+bug/1091473",
}, "refsource": "CONFIRM",
{ "url": "https://bugs.launchpad.net/ubuntu/+source/grep/+bug/1091473"
"name" : "https://bugs.launchpad.net/ubuntu/+source/grep/+bug/1091473", },
"refsource" : "CONFIRM", {
"url" : "https://bugs.launchpad.net/ubuntu/+source/grep/+bug/1091473" "name": "57033",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/57033"
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=889935", },
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=889935" "name": "http://git.sv.gnu.org/gitweb/?p=grep.git;a=shortlog;h=v2.11",
}, "refsource": "CONFIRM",
{ "url": "http://git.sv.gnu.org/gitweb/?p=grep.git;a=shortlog;h=v2.11"
"name" : "RHSA-2015:1447", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2015-1447.html" "name": "http://git.savannah.gnu.org/cgit/grep.git/commit/?id=8fcf61523644df42e1905c81bed26838e0b04f91",
}, "refsource": "CONFIRM",
{ "url": "http://git.savannah.gnu.org/cgit/grep.git/commit/?id=8fcf61523644df42e1905c81bed26838e0b04f91"
"name" : "57033", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/57033" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=889935",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.redhat.com/show_bug.cgi?id=889935"
} },
} {
"name": "RHSA-2015:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1447.html"
},
{
"name": "[bug-grep] 20121217 Re: Exploit in grep..",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/bug-grep/2012-12/msg00004.html"
},
{
"name": "http://git.savannah.gnu.org/cgit/grep.git/commit/?id=cbbc1a45b9f843c811905c97c90a5d31f8e6c189",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/grep.git/commit/?id=cbbc1a45b9f843c811905c97c90a5d31f8e6c189"
},
{
"name": "[oss-security] 20121221 Re: CVE Request: grep",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/12/22/6"
}
]
}
}

190
2012/5xxx/CVE-2012-5883.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2012-5883", "ID": "CVE-2012-5883",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore.swf, a similar issue to CVE-2010-4209."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.bugzilla.org/security/3.6.11/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.bugzilla.org/security/3.6.11/" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore.swf, a similar issue to CVE-2010-4209."
{ }
"name" : "http://www.yuiblog.com/blog/2012/10/30/security-announcement-swf-vulnerability-in-yui-2/", ]
"refsource" : "CONFIRM", },
"url" : "http://www.yuiblog.com/blog/2012/10/30/security-announcement-swf-vulnerability-in-yui-2/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.yuiblog.com/blog/2012/11/05/post-mortem-swf-vulnerability-in-yui-2/", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.yuiblog.com/blog/2012/11/05/post-mortem-swf-vulnerability-in-yui-2/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://yuilibrary.com/support/20121030-vulnerability/", ]
"refsource" : "CONFIRM", }
"url" : "http://yuilibrary.com/support/20121030-vulnerability/" ]
}, },
{ "references": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=808845", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=808845" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=808845",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=808845"
"name" : "MDVSA-2013:066", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:066" "name": "MDVSA-2013:066",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:066"
"name" : "56385", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/56385" "name": "http://www.yuiblog.com/blog/2012/11/05/post-mortem-swf-vulnerability-in-yui-2/",
}, "refsource": "CONFIRM",
{ "url": "http://www.yuiblog.com/blog/2012/11/05/post-mortem-swf-vulnerability-in-yui-2/"
"name" : "bugzilla-flash-xss(80116)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80116" "name": "http://www.yuiblog.com/blog/2012/10/30/security-announcement-swf-vulnerability-in-yui-2/",
} "refsource": "CONFIRM",
] "url": "http://www.yuiblog.com/blog/2012/10/30/security-announcement-swf-vulnerability-in-yui-2/"
} },
} {
"name": "http://www.bugzilla.org/security/3.6.11/",
"refsource": "CONFIRM",
"url": "http://www.bugzilla.org/security/3.6.11/"
},
{
"name": "56385",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56385"
},
{
"name": "bugzilla-flash-xss(80116)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80116"
},
{
"name": "http://yuilibrary.com/support/20121030-vulnerability/",
"refsource": "CONFIRM",
"url": "http://yuilibrary.com/support/20121030-vulnerability/"
}
]
}
}

160
2017/11xxx/CVE-2017-11352.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11352", "ID": "CVE-2017-11352",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugs.debian.org/868469", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugs.debian.org/868469" "lang": "eng",
}, "value": "In ImageMagick before 7.0.5-10, a crafted RLE image can trigger a crash because of incorrect EOF handling in coders/rle.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9144."
{ }
"name" : "https://github.com/ImageMagick/ImageMagick/issues/502", ]
"refsource" : "CONFIRM", },
"url" : "https://github.com/ImageMagick/ImageMagick/issues/502" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-4040", "description": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2017/dsa-4040" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "USN-3681-1", ]
"refsource" : "UBUNTU", }
"url" : "https://usn.ubuntu.com/3681-1/" ]
}, },
{ "references": {
"name" : "99600", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/99600" "name": "DSA-4040",
} "refsource": "DEBIAN",
] "url": "https://www.debian.org/security/2017/dsa-4040"
} },
} {
"name": "USN-3681-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3681-1/"
},
{
"name": "https://bugs.debian.org/868469",
"refsource": "CONFIRM",
"url": "https://bugs.debian.org/868469"
},
{
"name": "99600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99600"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/issues/502",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/502"
}
]
}
}

150
2017/11xxx/CVE-2017-11403.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-11403", "ID": "CVE-2017-11403",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html" "lang": "eng",
}, "value": "The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob call, resulting in a use-after-free via a crafted file."
{ }
"name" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/d0a76868ca37", ]
"refsource" : "MISC", },
"url" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/d0a76868ca37" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://blogs.gentoo.org/ago/2017/07/12/graphicsmagick-use-after-free-in-closeblob-blob-c/", "description": [
"refsource" : "MISC", {
"url" : "https://blogs.gentoo.org/ago/2017/07/12/graphicsmagick-use-after-free-in-closeblob-blob-c/" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-4321", ]
"refsource" : "DEBIAN", }
"url" : "https://www.debian.org/security/2018/dsa-4321" ]
} },
] "references": {
} "reference_data": [
} {
"name": "DSA-4321",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"name": "https://blogs.gentoo.org/ago/2017/07/12/graphicsmagick-use-after-free-in-closeblob-blob-c/",
"refsource": "MISC",
"url": "https://blogs.gentoo.org/ago/2017/07/12/graphicsmagick-use-after-free-in-closeblob-blob-c/"
},
{
"name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
},
{
"name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/d0a76868ca37",
"refsource": "MISC",
"url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/d0a76868ca37"
}
]
}
}

34
2017/15xxx/CVE-2017-15484.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-15484", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-15484",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

34
2017/15xxx/CVE-2017-15499.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-15499", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-15499",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2017. Notes: none."
} }
] ]
} }
} }

140
2017/3xxx/CVE-2017-3008.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@adobe.com", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2017-3008", "ID": "CVE-2017-3008",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Adobe ColdFusion ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier", "product_name": "Adobe ColdFusion ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Adobe ColdFusion ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier" "version_value": "Adobe ColdFusion ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a reflected cross-site scripting vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-site Scripting"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html" "lang": "eng",
}, "value": "Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a reflected cross-site scripting vulnerability."
{ }
"name" : "98002", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98002" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038364", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038364" "lang": "eng",
} "value": "Cross-site Scripting"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb17-14.html"
},
{
"name": "98002",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98002"
},
{
"name": "1038364",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038364"
}
]
}
}

332
2017/3xxx/CVE-2017-3253.json
View File

@ -1,168 +1,168 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3253", "ID": "CVE-2017-3253",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Java SE", "product_name": "Java SE",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "6u131" "version_value": "6u131"
}, },
{ {
"version_value" : "7u121" "version_value": "7u121"
}, },
{ {
"version_value" : "8u112" "version_value": "8u112"
} }
] ]
} }
}, },
{ {
"product_name" : "Java SE Embedded", "product_name": "Java SE Embedded",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "8u111" "version_value": "8u111"
} }
] ]
} }
}, },
{ {
"product_name" : "JRockit", "product_name": "JRockit",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "R28.3.12" "version_value": "R28.3.12"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle" "vendor_name": "Oracle"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html" "lang": "eng",
}, "value": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 7.5 (Availability impacts)."
{ }
"name" : "https://security.netapp.com/advisory/ntap-20170119-0001/", ]
"refsource" : "CONFIRM", },
"url" : "https://security.netapp.com/advisory/ntap-20170119-0001/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-3782", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2017/dsa-3782" "lang": "eng",
}, "value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
{ }
"name" : "GLSA-201701-65", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201701-65" ]
}, },
{ "references": {
"name" : "GLSA-201707-01", "reference_data": [
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201707-01" "name": "RHSA-2017:0338",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0338.html"
"name" : "RHSA-2017:0175", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0175.html" "name": "DSA-3782",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2017/dsa-3782"
"name" : "RHSA-2017:0176", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0176.html" "name": "RHSA-2017:0176",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0176.html"
"name" : "RHSA-2017:0177", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0177.html" "name": "GLSA-201701-65",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201701-65"
"name" : "RHSA-2017:0180", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0180.html" "name": "RHSA-2017:0180",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0180.html"
"name" : "RHSA-2017:0263", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0263.html" "name": "1037637",
}, "refsource": "SECTRACK",
{ "url": "http://www.securitytracker.com/id/1037637"
"name" : "RHSA-2017:0269", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0269.html" "name": "GLSA-201707-01",
}, "refsource": "GENTOO",
{ "url": "https://security.gentoo.org/glsa/201707-01"
"name" : "RHSA-2017:0336", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0336.html" "name": "RHSA-2017:0175",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
"name" : "RHSA-2017:0337", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0337.html" "name": "RHSA-2017:0177",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0177.html"
"name" : "RHSA-2017:0338", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0338.html" "name": "RHSA-2017:0263",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2017-0263.html"
"name" : "RHSA-2017:1216", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2017:1216" "name": "RHSA-2017:1216",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2017:1216"
"name" : "95498", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/95498" "name": "95498",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/95498"
"name" : "1037637", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1037637" "name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
} "refsource": "CONFIRM",
] "url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
} },
} {
"name": "RHSA-2017:0269",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0269.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "RHSA-2017:0337",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0337.html"
},
{
"name": "RHSA-2017:0336",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0336.html"
}
]
}
}

142
2017/3xxx/CVE-2017-3516.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secalert_us@oracle.com", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2017-3516", "ID": "CVE-2017-3516",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Solaris Operating System", "product_name": "Solaris Operating System",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "=", "version_affected": "=",
"version_value" : "11.3" "version_value": "11.3"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Oracle Corporation" "vendor_name": "Oracle Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). The supported version that is affected is 11.3. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris."
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html" "lang": "eng",
}, "value": "Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel Zones virtualized NIC driver). The supported version that is affected is 11.3. Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)."
{ }
"name" : "97793", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/97793" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1038292", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1038292" "lang": "eng",
} "value": "Easily \"exploitable\" vulnerability allows low privileged attacker with network access via multiple protocols to compromise Solaris. While the vulnerability is in Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Solaris."
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
},
{
"name": "97793",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97793"
},
{
"name": "1038292",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038292"
}
]
}
}

122
2017/8xxx/CVE-2017-8184.json
View File

@ -1,63 +1,63 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "psirt@huawei.com", "ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC" : "2017-11-15T00:00:00", "DATE_PUBLIC": "2017-11-15T00:00:00",
"ID" : "CVE-2017-8184", "ID": "CVE-2017-8184",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Nice-AL00", "product_name": "Nice-AL00",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Earlier than Nice-AL00C00B160 versions, Earlier than Nice-AL10C00B140 versions" "version_value": "Earlier than Nice-AL00C00B160 versions, Earlier than Nice-AL10C00B140 versions"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Huawei Technologies Co., Ltd." "vendor_name": "Huawei Technologies Co., Ltd."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to cause to any memory access vulnerabilities, leading to sensitive information leakage."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "any memory access"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-mtk-en", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-mtk-en" "lang": "eng",
} "value": "MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory access vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to cause to any memory access vulnerabilities, leading to sensitive information leakage."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "any memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-mtk-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-mtk-en"
}
]
}
}

142
2017/8xxx/CVE-2017-8717.json
View File

@ -1,73 +1,73 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "secure@microsoft.com", "ASSIGNER": "secure@microsoft.com",
"DATE_PUBLIC" : "2017-10-10T00:00:00", "DATE_PUBLIC": "2017-10-10T00:00:00",
"ID" : "CVE-2017-8717", "ID": "CVE-2017-8717",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Microsoft JET Database Engine", "product_name": "Microsoft JET Database Engine",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016." "version_value": "Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016."
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Microsoft Corporation" "vendor_name": "Microsoft Corporation"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to take control of an affected system, due to how it handles objects in memory, aka \"Microsoft JET Database Engine Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-8718."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Remote Code Execution"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8717", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8717" "lang": "eng",
}, "value": "The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to take control of an affected system, due to how it handles objects in memory, aka \"Microsoft JET Database Engine Remote Code Execution Vulnerability\". This CVE ID is unique from CVE-2017-8718."
{ }
"name" : "101161", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/101161" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1039527", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039527" "lang": "eng",
} "value": "Remote Code Execution"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "101161",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101161"
},
{
"name": "1039527",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039527"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8717",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8717"
}
]
}
}

130
2017/8xxx/CVE-2017-8912.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-8912", "ID": "CVE-2017-8912",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is \"a feature, not a bug.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "41997", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/41997/" "lang": "eng",
}, "value": "** DISPUTED ** CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is \"a feature, not a bug.\""
{ }
"name" : "https://osandamalith.com/2017/05/11/cmsms-2-1-6-multiple-vulnerabilities/", ]
"refsource" : "MISC", },
"url" : "https://osandamalith.com/2017/05/11/cmsms-2-1-6-multiple-vulnerabilities/" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "41997",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/41997/"
},
{
"name": "https://osandamalith.com/2017/05/11/cmsms-2-1-6-multiple-vulnerabilities/",
"refsource": "MISC",
"url": "https://osandamalith.com/2017/05/11/cmsms-2-1-6-multiple-vulnerabilities/"
}
]
}
}

120
2018/12xxx/CVE-2018-12309.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12309", "ID": "CVE-2018-12309",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory Traversal in upload.cgi in ASUSTOR ADM version 3.1.1 allows attackers to upload files to arbitrary locations by modifying the \"path\" URL parameter. NOTE: the \"filename\" POST parameter is covered by CVE-2018-11345."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://blog.securityevaluators.com/over-a-dozen-vulnerabilities-discovered-in-asustor-as-602t-8dd5832a82cc", "description_data": [
"refsource" : "MISC", {
"url" : "https://blog.securityevaluators.com/over-a-dozen-vulnerabilities-discovered-in-asustor-as-602t-8dd5832a82cc" "lang": "eng",
} "value": "Directory Traversal in upload.cgi in ASUSTOR ADM version 3.1.1 allows attackers to upload files to arbitrary locations by modifying the \"path\" URL parameter. NOTE: the \"filename\" POST parameter is covered by CVE-2018-11345."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.securityevaluators.com/over-a-dozen-vulnerabilities-discovered-in-asustor-as-602t-8dd5832a82cc",
"refsource": "MISC",
"url": "https://blog.securityevaluators.com/over-a-dozen-vulnerabilities-discovered-in-asustor-as-602t-8dd5832a82cc"
}
]
}
}

120
2018/12xxx/CVE-2018-12909.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-12909", "ID": "CVE-2018-12909",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** DISPUTED ** Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the webserver user has access to) via an index.php?op=fileviewer&file= URI. NOTE: the vendor indicates that the product is not intended for a \"publicly accessible environment.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/jokkedk/webgrind/issues/112", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/jokkedk/webgrind/issues/112" "lang": "eng",
} "value": "** DISPUTED ** Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the webserver user has access to) via an index.php?op=fileviewer&file= URI. NOTE: the vendor indicates that the product is not intended for a \"publicly accessible environment.\""
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jokkedk/webgrind/issues/112",
"refsource": "MISC",
"url": "https://github.com/jokkedk/webgrind/issues/112"
}
]
}
}

300
2018/13xxx/CVE-2018-13785.json
View File

@ -1,152 +1,152 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13785", "ID": "CVE-2018-13785",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/glennrp/libpng/commit/8a05766cb74af05c04c53e6c9d60c13fc4d59bf2", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/glennrp/libpng/commit/8a05766cb74af05c04c53e6c9d60c13fc4d59bf2" "lang": "eng",
}, "value": "In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service."
{ }
"name" : "https://sourceforge.net/p/libpng/bugs/278/", ]
"refsource" : "MISC", },
"url" : "https://sourceforge.net/p/libpng/bugs/278/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "description": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://security.netapp.com/advisory/ntap-20181018-0001/", ]
"refsource" : "CONFIRM", }
"url" : "https://security.netapp.com/advisory/ntap-20181018-0001/" ]
}, },
{ "references": {
"name" : "RHSA-2018:3000", "reference_data": [
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3000" "name": "RHSA-2018:3007",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3007"
"name" : "RHSA-2018:3001", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3001" "name": "https://security.netapp.com/advisory/ntap-20181018-0001/",
}, "refsource": "CONFIRM",
{ "url": "https://security.netapp.com/advisory/ntap-20181018-0001/"
"name" : "RHSA-2018:3002", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3002" "name": "RHSA-2018:3779",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3779"
"name" : "RHSA-2018:3003", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3003" "name": "RHSA-2018:3534",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3534"
"name" : "RHSA-2018:3007", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3007" "name": "RHSA-2018:3003",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3003"
"name" : "RHSA-2018:3008", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3008" "name": "USN-3712-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/3712-1/"
"name" : "RHSA-2018:3533", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3533" "name": "RHSA-2018:3002",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3002"
"name" : "RHSA-2018:3534", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3534" "name": "https://sourceforge.net/p/libpng/bugs/278/",
}, "refsource": "MISC",
{ "url": "https://sourceforge.net/p/libpng/bugs/278/"
"name" : "RHSA-2018:3671", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3671" "name": "RHSA-2018:3671",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3671"
"name" : "RHSA-2018:3672", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3672" "name": "RHSA-2018:3852",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3852"
"name" : "RHSA-2018:3779", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3779" "name": "RHSA-2018:3008",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3008"
"name" : "RHSA-2018:3852", },
"refsource" : "REDHAT", {
"url" : "https://access.redhat.com/errata/RHSA-2018:3852" "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
"name" : "USN-3712-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3712-1/" "name": "RHSA-2018:3533",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3533"
"name" : "105599", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/105599" "name": "RHSA-2018:3001",
}, "refsource": "REDHAT",
{ "url": "https://access.redhat.com/errata/RHSA-2018:3001"
"name" : "1041889", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1041889" "name": "RHSA-2018:3000",
} "refsource": "REDHAT",
] "url": "https://access.redhat.com/errata/RHSA-2018:3000"
} },
} {
"name": "105599",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105599"
},
{
"name": "1041889",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041889"
},
{
"name": "RHSA-2018:3672",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3672"
},
{
"name": "https://github.com/glennrp/libpng/commit/8a05766cb74af05c04c53e6c9d60c13fc4d59bf2",
"refsource": "MISC",
"url": "https://github.com/glennrp/libpng/commit/8a05766cb74af05c04c53e6c9d60c13fc4d59bf2"
}
]
}
}

34
2018/13xxx/CVE-2018-13907.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13907", "ID": "CVE-2018-13907",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

34
2018/13xxx/CVE-2018-13969.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-13969", "ID": "CVE-2018-13969",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/16xxx/CVE-2018-16297.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16297", "ID": "CVE-2018-16297",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16296. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "lang": "eng",
}, "value": "An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16296. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability."
{ }
"name" : "1041769", ]
"refsource" : "SECTRACK", },
"url" : "http://www.securitytracker.com/id/1041769" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"name": "1041769",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041769"
}
]
}
}

140
2018/16xxx/CVE-2018-16323.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16323", "ID": "CVE-2018-16323",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "45890", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/45890/" "lang": "eng",
}, "value": "ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data."
{ }
"name" : "https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786", ]
"refsource" : "MISC", },
"url" : "https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "USN-3785-1", "description": [
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3785-1/" "lang": "eng",
} "value": "n/a"
] }
} ]
} }
]
},
"references": {
"reference_data": [
{
"name": "45890",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45890/"
},
{
"name": "https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786",
"refsource": "MISC",
"url": "https://github.com/ImageMagick/ImageMagick/commit/216d117f05bff87b9dc4db55a1b1fadb38bcb786"
},
{
"name": "USN-3785-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3785-1/"
}
]
}
}

120
2018/16xxx/CVE-2018-16325.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16325", "ID": "CVE-2018-16325",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1284", "description_data": [
"refsource" : "MISC", {
"url" : "https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1284" "lang": "eng",
} "value": "There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field."
] }
} ]
} },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1284",
"refsource": "MISC",
"url": "https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1284"
}
]
}
}

170
2018/16xxx/CVE-2018-16510.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16510", "ID": "CVE-2018-16510",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the \"CS\" and \"SC\" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9", "description_data": [
"refsource" : "MISC", {
"url" : "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9" "lang": "eng",
}, "value": "An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the \"CS\" and \"SC\" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact."
{ }
"name" : "http://openwall.com/lists/oss-security/2018/08/27/4", ]
"refsource" : "MISC", },
"url" : "http://openwall.com/lists/oss-security/2018/08/27/4" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "https://bugs.ghostscript.com/show_bug.cgi?id=699671", "description": [
"refsource" : "MISC", {
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=699671" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "GLSA-201811-12", ]
"refsource" : "GENTOO", }
"url" : "https://security.gentoo.org/glsa/201811-12" ]
}, },
{ "references": {
"name" : "USN-3768-1", "reference_data": [
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3768-1/" "name": "http://openwall.com/lists/oss-security/2018/08/27/4",
}, "refsource": "MISC",
{ "url": "http://openwall.com/lists/oss-security/2018/08/27/4"
"name" : "USN-3773-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3773-1/" "name": "GLSA-201811-12",
} "refsource": "GENTOO",
] "url": "https://security.gentoo.org/glsa/201811-12"
} },
} {
"name": "USN-3768-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3768-1/"
},
{
"name": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9",
"refsource": "MISC",
"url": "http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ea735ba37dc0fd5f5622d031830b9a559dec1cc9"
},
{
"name": "USN-3773-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3773-1/"
},
{
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=699671",
"refsource": "MISC",
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=699671"
}
]
}
}

34
2018/16xxx/CVE-2018-16878.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16878", "ID": "CVE-2018-16878",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/16xxx/CVE-2018-16953.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-16953", "ID": "CVE-2018-16953",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The AjaxView::DisplayResponse() function of the portalpages.dll assembly in Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting (XSS). User input from the name parameter is unsafely reflected in the server response. NOTE: this CVE is assigned by MITRE and isn't validated by Oracle because Oracle WebCenter Interaction Portal is out of support."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://seclists.org/fulldisclosure/2018/Sep/22", "description_data": [
"refsource" : "MISC", {
"url" : "https://seclists.org/fulldisclosure/2018/Sep/22" "lang": "eng",
}, "value": "The AjaxView::DisplayResponse() function of the portalpages.dll assembly in Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting (XSS). User input from the name parameter is unsafely reflected in the server response. NOTE: this CVE is assigned by MITRE and isn't validated by Oracle because Oracle WebCenter Interaction Portal is out of support."
{ }
"name" : "105350", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/105350" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://seclists.org/fulldisclosure/2018/Sep/22",
"refsource": "MISC",
"url": "https://seclists.org/fulldisclosure/2018/Sep/22"
},
{
"name": "105350",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105350"
}
]
}
}

34
2018/17xxx/CVE-2018-17241.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17241", "ID": "CVE-2018-17241",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

130
2018/17xxx/CVE-2018-17653.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "zdi-disclosures@trendmicro.com", "ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID" : "CVE-2018-17653", "ID": "CVE-2018-17653",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Reader", "product_name": "Reader",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "9.2.0.9297" "version_value": "9.2.0.9297"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Foxit" "vendor_name": "Foxit"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resolveNode method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6503."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-416: Use After Free"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1220/", "description_data": [
"refsource" : "MISC", {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-18-1220/" "lang": "eng",
}, "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the resolveNode method of a TimeField. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6503."
{ }
"name" : "https://www.foxitsoftware.com/support/security-bulletins.php", ]
"refsource" : "CONFIRM", },
"url" : "https://www.foxitsoftware.com/support/security-bulletins.php" "problemtype": {
} "problemtype_data": [
] {
} "description": [
} {
"lang": "eng",
"value": "CWE-416: Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.foxitsoftware.com/support/security-bulletins.php",
"refsource": "CONFIRM",
"url": "https://www.foxitsoftware.com/support/security-bulletins.php"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-18-1220/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-18-1220/"
}
]
}
}

34
2018/17xxx/CVE-2018-17815.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2018-17815", "ID": "CVE-2018-17815",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }