From 28890c31a4db2f999797e4742fe137e24b8b107c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 02:14:20 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/0xxx/CVE-2006-0457.json | 240 ++++++++-------- 2006/0xxx/CVE-2006-0770.json | 150 +++++----- 2006/0xxx/CVE-2006-0957.json | 170 +++++------ 2006/0xxx/CVE-2006-0997.json | 180 ++++++------ 2006/1xxx/CVE-2006-1293.json | 200 ++++++------- 2006/1xxx/CVE-2006-1573.json | 170 +++++------ 2006/1xxx/CVE-2006-1608.json | 270 ++++++++--------- 2006/1xxx/CVE-2006-1679.json | 160 +++++------ 2006/1xxx/CVE-2006-1688.json | 510 ++++++++++++++++----------------- 2006/4xxx/CVE-2006-4031.json | 380 ++++++++++++------------ 2006/4xxx/CVE-2006-4312.json | 200 ++++++------- 2006/4xxx/CVE-2006-4537.json | 210 +++++++------- 2006/4xxx/CVE-2006-4582.json | 150 +++++----- 2006/4xxx/CVE-2006-4585.json | 210 +++++++------- 2006/5xxx/CVE-2006-5040.json | 120 ++++---- 2006/5xxx/CVE-2006-5295.json | 300 +++++++++---------- 2010/0xxx/CVE-2010-0712.json | 180 ++++++------ 2010/2xxx/CVE-2010-2245.json | 130 ++++----- 2010/2xxx/CVE-2010-2515.json | 150 +++++----- 2010/2xxx/CVE-2010-2557.json | 140 ++++----- 2010/2xxx/CVE-2010-2622.json | 140 ++++----- 2010/3xxx/CVE-2010-3021.json | 150 +++++----- 2010/3xxx/CVE-2010-3049.json | 120 ++++---- 2010/3xxx/CVE-2010-3112.json | 140 ++++----- 2010/3xxx/CVE-2010-3296.json | 320 ++++++++++----------- 2010/3xxx/CVE-2010-3421.json | 160 +++++------ 2010/3xxx/CVE-2010-3654.json | 480 +++++++++++++++---------------- 2010/4xxx/CVE-2010-4184.json | 140 ++++----- 2010/4xxx/CVE-2010-4726.json | 120 ++++---- 2011/1xxx/CVE-2011-1301.json | 190 ++++++------ 2011/1xxx/CVE-2011-1673.json | 150 +++++----- 2011/5xxx/CVE-2011-5126.json | 120 ++++---- 2011/5xxx/CVE-2011-5162.json | 150 +++++----- 2014/10xxx/CVE-2014-10075.json | 130 ++++----- 2014/3xxx/CVE-2014-3056.json | 150 +++++----- 2014/3xxx/CVE-2014-3270.json | 130 ++++----- 2014/3xxx/CVE-2014-3341.json | 160 +++++------ 2014/3xxx/CVE-2014-3941.json | 170 +++++------ 2014/4xxx/CVE-2014-4979.json | 160 +++++------ 2014/8xxx/CVE-2014-8212.json | 34 +-- 2014/8xxx/CVE-2014-8327.json | 140 ++++----- 2014/8xxx/CVE-2014-8375.json | 140 ++++----- 2014/9xxx/CVE-2014-9067.json | 34 +-- 2014/9xxx/CVE-2014-9531.json | 34 +-- 2014/9xxx/CVE-2014-9582.json | 120 ++++---- 2014/9xxx/CVE-2014-9716.json | 150 +++++----- 2016/2xxx/CVE-2016-2593.json | 34 +-- 2016/2xxx/CVE-2016-2844.json | 180 ++++++------ 2016/6xxx/CVE-2016-6072.json | 346 +++++++++++----------- 2016/6xxx/CVE-2016-6758.json | 136 ++++----- 2016/6xxx/CVE-2016-6917.json | 150 +++++----- 2016/7xxx/CVE-2016-7008.json | 140 ++++----- 2016/7xxx/CVE-2016-7102.json | 130 ++++----- 2016/7xxx/CVE-2016-7214.json | 140 ++++----- 54 files changed, 4704 insertions(+), 4704 deletions(-) diff --git a/2006/0xxx/CVE-2006-0457.json b/2006/0xxx/CVE-2006-0457.json index 76029d26460..bce8de6a3f2 100644 --- a/2006/0xxx/CVE-2006-0457.json +++ b/2006/0xxx/CVE-2006-0457.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0457", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2006-0457", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm" - }, - { - "name" : "MDKSA-2006:059", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:059" - }, - { - "name" : "RHSA-2006:0575", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0575.html" - }, - { - "name" : "SUSE-SA:2006:028", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006-05-31.html" - }, - { - "name" : "USN-263-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/263-1/" - }, - { - "name" : "17084", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17084" - }, - { - "name" : "23894", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23894" - }, - { - "name" : "oval:org.mitre.oval:def:9566", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9566" - }, - { - "name" : "19220", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19220" - }, - { - "name" : "21465", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21465" - }, - { - "name" : "20398", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20398" - }, - { - "name" : "22417", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22417" - }, - { - "name" : "kernel-addkey-dos(25354)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25354" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in Linux kernel 2.6.x allows local users to cause a denial of service (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19220", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19220" + }, + { + "name": "17084", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17084" + }, + { + "name": "RHSA-2006:0575", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0575.html" + }, + { + "name": "SUSE-SA:2006:028", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006-05-31.html" + }, + { + "name": "21465", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21465" + }, + { + "name": "oval:org.mitre.oval:def:9566", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9566" + }, + { + "name": "kernel-addkey-dos(25354)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25354" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-200.htm" + }, + { + "name": "20398", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20398" + }, + { + "name": "22417", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22417" + }, + { + "name": "23894", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23894" + }, + { + "name": "MDKSA-2006:059", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:059" + }, + { + "name": "USN-263-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/263-1/" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0770.json b/2006/0xxx/CVE-2006-0770.json index a54a6e761a8..4773f3a1c02 100644 --- a/2006/0xxx/CVE-2006-0770.json +++ b/2006/0xxx/CVE-2006-0770.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0770", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletinBoard (MyBB) 1.0.4 allows remote attackers to inject arbitrary web script or HTML via a URL that is not sanitized before being returned as a link in \"advanced details\". NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0770", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ADV-2006-0635", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0635" - }, - { - "name" : "23264", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/23264" - }, - { - "name" : "18866", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18866" - }, - { - "name" : "mybb-advanceddetails-xss(24748)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24748" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletinBoard (MyBB) 1.0.4 allows remote attackers to inject arbitrary web script or HTML via a URL that is not sanitized before being returned as a link in \"advanced details\". NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18866", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18866" + }, + { + "name": "mybb-advanceddetails-xss(24748)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24748" + }, + { + "name": "ADV-2006-0635", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0635" + }, + { + "name": "23264", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/23264" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0957.json b/2006/0xxx/CVE-2006-0957.json index ca2d08d1d5b..4e9a8203bbe 100644 --- a/2006/0xxx/CVE-2006-0957.json +++ b/2006/0xxx/CVE-2006-0957.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0957", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Direct static code injection vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to execute arbitrary PHP code via the (1) X-Forwarded-For and (2) Client-Ip HTTP headers, which are stored in Data/flood.db.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0957", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060310 [eVuln] FreeForum PHP Code Execution & Multiple XSS Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/427321/100/0/threaded" - }, - { - "name" : "http://evuln.com/vulns/89/summary.html", - "refsource" : "MISC", - "url" : "http://evuln.com/vulns/89/summary.html" - }, - { - "name" : "http://soft.zoneo.net/freeForum/changes.php", - "refsource" : "CONFIRM", - "url" : "http://soft.zoneo.net/freeForum/changes.php" - }, - { - "name" : "16871", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16871" - }, - { - "name" : "ADV-2006-0759", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0759" - }, - { - "name" : "19020", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19020" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Direct static code injection vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to execute arbitrary PHP code via the (1) X-Forwarded-For and (2) Client-Ip HTTP headers, which are stored in Data/flood.db.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060310 [eVuln] FreeForum PHP Code Execution & Multiple XSS Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/427321/100/0/threaded" + }, + { + "name": "ADV-2006-0759", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0759" + }, + { + "name": "16871", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16871" + }, + { + "name": "http://evuln.com/vulns/89/summary.html", + "refsource": "MISC", + "url": "http://evuln.com/vulns/89/summary.html" + }, + { + "name": "http://soft.zoneo.net/freeForum/changes.php", + "refsource": "CONFIRM", + "url": "http://soft.zoneo.net/freeForum/changes.php" + }, + { + "name": "19020", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19020" + } + ] + } +} \ No newline at end of file diff --git a/2006/0xxx/CVE-2006-0997.json b/2006/0xxx/CVE-2006-0997.json index 24f18aaf760..ae5f0cf3ce0 100644 --- a/2006/0xxx/CVE-2006-0997.json +++ b/2006/0xxx/CVE-2006-0997.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0997", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0997", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm" - }, - { - "name" : "17176", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17176" - }, - { - "name" : "ADV-2006-1043", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1043" - }, - { - "name" : "24046", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24046" - }, - { - "name" : "1015799", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015799" - }, - { - "name" : "19324", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19324" - }, - { - "name" : "netware-nile-ssl-cleartext(25380)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25380" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-1043", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1043" + }, + { + "name": "1015799", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015799" + }, + { + "name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm", + "refsource": "CONFIRM", + "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm" + }, + { + "name": "19324", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19324" + }, + { + "name": "netware-nile-ssl-cleartext(25380)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25380" + }, + { + "name": "17176", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17176" + }, + { + "name": "24046", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24046" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1293.json b/2006/1xxx/CVE-2006-1293.json index aef41df9fe9..c2f3135d232 100644 --- a/2006/1xxx/CVE-2006-1293.json +++ b/2006/1xxx/CVE-2006-1293.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1293", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in Contrexx CMS 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1293", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060318 Contrexx CMS Xss Vuln", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/428075/100/0/threaded" - }, - { - "name" : "http://soot.shabgard.org/Contrexx-CMS.txt", - "refsource" : "MISC", - "url" : "http://soot.shabgard.org/Contrexx-CMS.txt" - }, - { - "name" : "http://www.contrexx.com/?section=media1&act=download&path=/media/archive1/Opensource/Bugfixes/contrexx_1.0.8/&file=contrexx_v1.0.8_bugfix_27-02-06.zip", - "refsource" : "MISC", - "url" : "http://www.contrexx.com/?section=media1&act=download&path=/media/archive1/Opensource/Bugfixes/contrexx_1.0.8/&file=contrexx_v1.0.8_bugfix_27-02-06.zip" - }, - { - "name" : "http://www.contrexx.com/?section=news&cmd=details&newsid=54", - "refsource" : "MISC", - "url" : "http://www.contrexx.com/?section=news&cmd=details&newsid=54" - }, - { - "name" : "17128", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17128" - }, - { - "name" : "ADV-2006-1013", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1013" - }, - { - "name" : "19294", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19294" - }, - { - "name" : "599", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/599" - }, - { - "name" : "contrexx-index-xss(25332)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25332" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in Contrexx CMS 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://soot.shabgard.org/Contrexx-CMS.txt", + "refsource": "MISC", + "url": "http://soot.shabgard.org/Contrexx-CMS.txt" + }, + { + "name": "599", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/599" + }, + { + "name": "http://www.contrexx.com/?section=media1&act=download&path=/media/archive1/Opensource/Bugfixes/contrexx_1.0.8/&file=contrexx_v1.0.8_bugfix_27-02-06.zip", + "refsource": "MISC", + "url": "http://www.contrexx.com/?section=media1&act=download&path=/media/archive1/Opensource/Bugfixes/contrexx_1.0.8/&file=contrexx_v1.0.8_bugfix_27-02-06.zip" + }, + { + "name": "http://www.contrexx.com/?section=news&cmd=details&newsid=54", + "refsource": "MISC", + "url": "http://www.contrexx.com/?section=news&cmd=details&newsid=54" + }, + { + "name": "20060318 Contrexx CMS Xss Vuln", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/428075/100/0/threaded" + }, + { + "name": "ADV-2006-1013", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1013" + }, + { + "name": "contrexx-index-xss(25332)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25332" + }, + { + "name": "19294", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19294" + }, + { + "name": "17128", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17128" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1573.json b/2006/1xxx/CVE-2006-1573.json index cc6556cd45f..77f6368739f 100644 --- a/2006/1xxx/CVE-2006-1573.json +++ b/2006/1xxx/CVE-2006-1573.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1573", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in index.php in MediaSlash Gallery allows remote attackers to execute arbitrary PHP code via a URL in the rub parameter (part of the $page_menu variable)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1573", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060330 MediaSlash Gallery 'rub' variable Remote File inlcusion Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/429395/100/0/threaded" - }, - { - "name" : "20060516 Re: MediaSlash Gallery 'rub' variable Remote File inlcusion Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434419/100/0/threaded" - }, - { - "name" : "17323", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17323" - }, - { - "name" : "24313", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24313" - }, - { - "name" : "657", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/657" - }, - { - "name" : "mediaslash-index-file-include(25583)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25583" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in index.php in MediaSlash Gallery allows remote attackers to execute arbitrary PHP code via a URL in the rub parameter (part of the $page_menu variable)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mediaslash-index-file-include(25583)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25583" + }, + { + "name": "17323", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17323" + }, + { + "name": "20060330 MediaSlash Gallery 'rub' variable Remote File inlcusion Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/429395/100/0/threaded" + }, + { + "name": "657", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/657" + }, + { + "name": "24313", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24313" + }, + { + "name": "20060516 Re: MediaSlash Gallery 'rub' variable Remote File inlcusion Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434419/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1608.json b/2006/1xxx/CVE-2006-1608.json index 43911e72bf6..f4f71f775d6 100644 --- a/2006/1xxx/CVE-2006-1608.json +++ b/2006/1xxx/CVE-2006-1608.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1608", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1608", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060409 copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/430461/100/0/threaded" - }, - { - "name" : "20060718 new shell bypass safe mode", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/440869/100/0/threaded" - }, - { - "name" : "20060723 Re: new shell bypass safe mode", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/441210/100/0/threaded" - }, - { - "name" : "20060408 copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2", - "refsource" : "SREASONRES", - "url" : "http://securityreason.com/achievement_securityalert/37" - }, - { - "name" : "http://us.php.net/releases/5_1_3.php", - "refsource" : "CONFIRM", - "url" : "http://us.php.net/releases/5_1_3.php" - }, - { - "name" : "MDKSA-2006:074", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:074" - }, - { - "name" : "USN-320-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-320-1" - }, - { - "name" : "17439", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17439" - }, - { - "name" : "ADV-2006-1290", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1290" - }, - { - "name" : "24487", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24487" - }, - { - "name" : "1015882", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015882" - }, - { - "name" : "19599", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19599" - }, - { - "name" : "19775", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19775" - }, - { - "name" : "21125", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21125" - }, - { - "name" : "678", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/678" - }, - { - "name" : "php-copy-safemode-bypass(25706)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25706" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The copy function in file.c in PHP 4.4.2 and 5.1.2 allows local users to bypass safe mode and read arbitrary files via a source argument containing a compress.zlib:// URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19775", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19775" + }, + { + "name": "php-copy-safemode-bypass(25706)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25706" + }, + { + "name": "20060718 new shell bypass safe mode", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/440869/100/0/threaded" + }, + { + "name": "20060408 copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2", + "refsource": "SREASONRES", + "url": "http://securityreason.com/achievement_securityalert/37" + }, + { + "name": "678", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/678" + }, + { + "name": "ADV-2006-1290", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1290" + }, + { + "name": "USN-320-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-320-1" + }, + { + "name": "21125", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21125" + }, + { + "name": "19599", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19599" + }, + { + "name": "MDKSA-2006:074", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:074" + }, + { + "name": "24487", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24487" + }, + { + "name": "20060409 copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/430461/100/0/threaded" + }, + { + "name": "http://us.php.net/releases/5_1_3.php", + "refsource": "CONFIRM", + "url": "http://us.php.net/releases/5_1_3.php" + }, + { + "name": "1015882", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015882" + }, + { + "name": "17439", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17439" + }, + { + "name": "20060723 Re: new shell bypass safe mode", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/441210/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1679.json b/2006/1xxx/CVE-2006-1679.json index 1016e8fdb7f..12fcdd41067 100644 --- a/2006/1xxx/CVE-2006-1679.json +++ b/2006/1xxx/CVE-2006-1679.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1679", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in modules/online.php in Jupiter CMS 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the layout parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1679", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060407 Multiple vulnerability in jupiter CMS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/430391/100/0/threaded" - }, - { - "name" : "17405", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17405" - }, - { - "name" : "ADV-2006-1302", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1302" - }, - { - "name" : "19582", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19582" - }, - { - "name" : "jupitercm-index-xss(25700)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25700" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in modules/online.php in Jupiter CMS 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the layout parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060407 Multiple vulnerability in jupiter CMS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/430391/100/0/threaded" + }, + { + "name": "17405", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17405" + }, + { + "name": "jupitercm-index-xss(25700)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25700" + }, + { + "name": "ADV-2006-1302", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1302" + }, + { + "name": "19582", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19582" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1688.json b/2006/1xxx/CVE-2006-1688.json index 38b1d47fb32..ac3ecb737a0 100644 --- a/2006/1xxx/CVE-2006-1688.json +++ b/2006/1xxx/CVE-2006-1688.json @@ -1,257 +1,257 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1688", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php, (2) devi.php, (3) doom3.php, (4) et.php, (5) flashpoint.php, (6) gameSpy.php, (7) gameSpy2.php, (8) gore.php, (9) gsvari.php, (10) halo.php, (11) hlife.php, (12) hlife2.php, (13) igi2.php, (14) main.lib.php, (15) netpanzer.php, (16) old_hlife.php, (17) pkill.php, (18) q2a.php, (19) q3a.php, (20) qworld.php, (21) rene.php, (22) rvbshld.php, (23) savage.php, (24) simracer.php, (25) sof1.php, (26) sof2.php, (27) unreal.php, (28) ut2004.php, and (29) vietcong.php. NOTE: the lib/armygame.php vector is already covered by CVE-2006-1610. The provenance of most of these additional vectors is unknown, although likely from post-disclosure analysis. NOTE: this only occurs when register_globals is disabled." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1688", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060408 Autonomous LAN party File iNclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/430289/100/0/threaded" - }, - { - "name" : "20060710 SQuery <= 4.5(libpath) Remote File Inclusion Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/439874/100/0/threaded" - }, - { - "name" : "20060724 SQuery v.x (devi.php) (armygame.php) Remote File Inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/441015/100/0/threaded" - }, - { - "name" : "http://liz0zim.no-ip.org/alp.txt", - "refsource" : "MISC", - "url" : "http://liz0zim.no-ip.org/alp.txt" - }, - { - "name" : "http://www.blogcu.com/Liz0ziM/431845/", - "refsource" : "MISC", - "url" : "http://www.blogcu.com/Liz0ziM/431845/" - }, - { - "name" : "17434", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17434" - }, - { - "name" : "ADV-2006-1284", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1284" - }, - { - "name" : "24401", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24401" - }, - { - "name" : "24402", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24402" - }, - { - "name" : "24403", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24403" - }, - { - "name" : "24404", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24404" - }, - { - "name" : "24405", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24405" - }, - { - "name" : "24406", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24406" - }, - { - "name" : "24407", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24407" - }, - { - "name" : "24408", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24408" - }, - { - "name" : "24421", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24421" - }, - { - "name" : "24409", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24409" - }, - { - "name" : "24410", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24410" - }, - { - "name" : "24411", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24411" - }, - { - "name" : "24412", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24412" - }, - { - "name" : "24413", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24413" - }, - { - "name" : "24414", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24414" - }, - { - "name" : "24415", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24415" - }, - { - "name" : "24416", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24416" - }, - { - "name" : "24417", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24417" - }, - { - "name" : "24418", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24418" - }, - { - "name" : "24419", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24419" - }, - { - "name" : "24420", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24420" - }, - { - "name" : "24422", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24422" - }, - { - "name" : "24423", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24423" - }, - { - "name" : "24424", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24424" - }, - { - "name" : "24425", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24425" - }, - { - "name" : "24426", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24426" - }, - { - "name" : "24427", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24427" - }, - { - "name" : "24428", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24428" - }, - { - "name" : "24429", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/24429" - }, - { - "name" : "1015884", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015884" - }, - { - "name" : "19482", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19482" - }, - { - "name" : "19588", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19588" - }, - { - "name" : "679", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/679" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in SQuery 4.5 and earlier, as used in products such as Autonomous LAN party (ALP), allow remote attackers to execute arbitrary PHP code via a URL in the libpath parameter to scripts in the lib directory including (1) ase.php, (2) devi.php, (3) doom3.php, (4) et.php, (5) flashpoint.php, (6) gameSpy.php, (7) gameSpy2.php, (8) gore.php, (9) gsvari.php, (10) halo.php, (11) hlife.php, (12) hlife2.php, (13) igi2.php, (14) main.lib.php, (15) netpanzer.php, (16) old_hlife.php, (17) pkill.php, (18) q2a.php, (19) q3a.php, (20) qworld.php, (21) rene.php, (22) rvbshld.php, (23) savage.php, (24) simracer.php, (25) sof1.php, (26) sof2.php, (27) unreal.php, (28) ut2004.php, and (29) vietcong.php. NOTE: the lib/armygame.php vector is already covered by CVE-2006-1610. The provenance of most of these additional vectors is unknown, although likely from post-disclosure analysis. NOTE: this only occurs when register_globals is disabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24402", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24402" + }, + { + "name": "http://www.blogcu.com/Liz0ziM/431845/", + "refsource": "MISC", + "url": "http://www.blogcu.com/Liz0ziM/431845/" + }, + { + "name": "24404", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24404" + }, + { + "name": "24411", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24411" + }, + { + "name": "ADV-2006-1284", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1284" + }, + { + "name": "24403", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24403" + }, + { + "name": "24421", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24421" + }, + { + "name": "24428", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24428" + }, + { + "name": "24407", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24407" + }, + { + "name": "24414", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24414" + }, + { + "name": "24424", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24424" + }, + { + "name": "24425", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24425" + }, + { + "name": "24410", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24410" + }, + { + "name": "24413", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24413" + }, + { + "name": "17434", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17434" + }, + { + "name": "24412", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24412" + }, + { + "name": "24406", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24406" + }, + { + "name": "679", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/679" + }, + { + "name": "24409", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24409" + }, + { + "name": "19588", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19588" + }, + { + "name": "24423", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24423" + }, + { + "name": "24416", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24416" + }, + { + "name": "24408", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24408" + }, + { + "name": "24405", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24405" + }, + { + "name": "24427", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24427" + }, + { + "name": "20060710 SQuery <= 4.5(libpath) Remote File Inclusion Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/439874/100/0/threaded" + }, + { + "name": "20060408 Autonomous LAN party File iNclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/430289/100/0/threaded" + }, + { + "name": "24418", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24418" + }, + { + "name": "19482", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19482" + }, + { + "name": "20060724 SQuery v.x (devi.php) (armygame.php) Remote File Inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/441015/100/0/threaded" + }, + { + "name": "24426", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24426" + }, + { + "name": "24401", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24401" + }, + { + "name": "24429", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24429" + }, + { + "name": "24422", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24422" + }, + { + "name": "24420", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24420" + }, + { + "name": "http://liz0zim.no-ip.org/alp.txt", + "refsource": "MISC", + "url": "http://liz0zim.no-ip.org/alp.txt" + }, + { + "name": "24419", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24419" + }, + { + "name": "1015884", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015884" + }, + { + "name": "24417", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24417" + }, + { + "name": "24415", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/24415" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4031.json b/2006/4xxx/CVE-2006-4031.json index 2fc29d49db7..0b271b57298 100644 --- a/2006/4xxx/CVE-2006-4031.json +++ b/2006/4xxx/CVE-2006-4031.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4031", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4031", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.mysql.com/bug.php?id=15195", - "refsource" : "MISC", - "url" : "http://bugs.mysql.com/bug.php?id=15195" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-568", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-568" - }, - { - "name" : "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html" - }, - { - "name" : "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html", - "refsource" : "CONFIRM", - "url" : "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=305214", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305214" - }, - { - "name" : "APPLE-SA-2007-03-13", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" - }, - { - "name" : "MDKSA-2006:149", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:149" - }, - { - "name" : "RHSA-2007:0083", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0083.html" - }, - { - "name" : "RHSA-2008:0768", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0768.html" - }, - { - "name" : "RHSA-2008:0364", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0364.html" - }, - { - "name" : "SUSE-SR:2006:023", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_23_sr.html" - }, - { - "name" : "USN-338-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-338-1" - }, - { - "name" : "TA07-072A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" - }, - { - "name" : "19279", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19279" - }, - { - "name" : "oval:org.mitre.oval:def:10468", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468" - }, - { - "name" : "30351", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30351" - }, - { - "name" : "ADV-2006-3079", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3079" - }, - { - "name" : "ADV-2007-0930", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0930" - }, - { - "name" : "1016617", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016617" - }, - { - "name" : "21259", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21259" - }, - { - "name" : "21382", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21382" - }, - { - "name" : "21685", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21685" - }, - { - "name" : "21770", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21770" - }, - { - "name" : "21627", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21627" - }, - { - "name" : "22080", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22080" - }, - { - "name" : "24479", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24479" - }, - { - "name" : "31226", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31226" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21259", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21259" + }, + { + "name": "21627", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21627" + }, + { + "name": "TA07-072A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html" + }, + { + "name": "SUSE-SR:2006:023", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_23_sr.html" + }, + { + "name": "APPLE-SA-2007-03-13", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html" + }, + { + "name": "ADV-2006-3079", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3079" + }, + { + "name": "19279", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19279" + }, + { + "name": "USN-338-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-338-1" + }, + { + "name": "31226", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31226" + }, + { + "name": "oval:org.mitre.oval:def:10468", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10468" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305214", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305214" + }, + { + "name": "RHSA-2008:0768", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0768.html" + }, + { + "name": "21382", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21382" + }, + { + "name": "MDKSA-2006:149", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:149" + }, + { + "name": "22080", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22080" + }, + { + "name": "21770", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21770" + }, + { + "name": "21685", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21685" + }, + { + "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-24.html" + }, + { + "name": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html", + "refsource": "CONFIRM", + "url": "http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html" + }, + { + "name": "1016617", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016617" + }, + { + "name": "http://bugs.mysql.com/bug.php?id=15195", + "refsource": "MISC", + "url": "http://bugs.mysql.com/bug.php?id=15195" + }, + { + "name": "30351", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30351" + }, + { + "name": "ADV-2007-0930", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0930" + }, + { + "name": "RHSA-2007:0083", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0083.html" + }, + { + "name": "https://issues.rpath.com/browse/RPL-568", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-568" + }, + { + "name": "RHSA-2008:0364", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0364.html" + }, + { + "name": "24479", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24479" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4312.json b/2006/4xxx/CVE-2006-4312.json index 8eef160580b..8dd1245217d 100644 --- a/2006/4xxx/CVE-2006-4312.json +++ b/2006/4xxx/CVE-2006-4312.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4312", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a \"non-random value\" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4312", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060823 Unintentional Password Modification Vulnerability in Cisco Firewall Products", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml" - }, - { - "name" : "19681", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19681" - }, - { - "name" : "ADV-2006-3367", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3367" - }, - { - "name" : "28143", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/28143" - }, - { - "name" : "1016738", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016738" - }, - { - "name" : "1016739", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016739" - }, - { - "name" : "1016740", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016740" - }, - { - "name" : "21616", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21616" - }, - { - "name" : "cisco-pix-password-modification(28540)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28540" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a \"non-random value\" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-3367", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3367" + }, + { + "name": "1016740", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016740" + }, + { + "name": "20060823 Unintentional Password Modification Vulnerability in Cisco Firewall Products", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml" + }, + { + "name": "19681", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19681" + }, + { + "name": "28143", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/28143" + }, + { + "name": "1016738", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016738" + }, + { + "name": "1016739", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016739" + }, + { + "name": "cisco-pix-password-modification(28540)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28540" + }, + { + "name": "21616", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21616" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4537.json b/2006/4xxx/CVE-2006-4537.json index 34c2d750336..3abd3e86c86 100644 --- a/2006/4xxx/CVE-2006-4537.json +++ b/2006/4xxx/CVE-2006-4537.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a \"network breakin\" event, which allows local users to obtain passwords by reading the file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIECO03-V732.txt", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIECO03-V732.txt" - }, - { - "name" : "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.2/AXP_DNVOSIECO02-V82.txt", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.2/AXP_DNVOSIECO02-V82.txt" - }, - { - "name" : "19783", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19783" - }, - { - "name" : "ADV-2006-3423", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3423" - }, - { - "name" : "28272", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/28272" - }, - { - "name" : "1016772", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016772" - }, - { - "name" : "1017472", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017472" - }, - { - "name" : "21705", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21705" - }, - { - "name" : "23632", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23632" - }, - { - "name" : "openvms-auditlogfile-information-disclosure(28695)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28695" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NET$SESSION_CONTROL.EXE in DECnet-Plus in OpenVMS ALPHA 7.3-2 and Alpha 8.2 writes a password to an audit log file when there is a successful connection after a \"network breakin\" event, which allows local users to obtain passwords by reading the file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017472", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017472" + }, + { + "name": "19783", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19783" + }, + { + "name": "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIECO03-V732.txt", + "refsource": "CONFIRM", + "url": "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V7.3-2/AXP_DNVOSIECO03-V732.txt" + }, + { + "name": "28272", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/28272" + }, + { + "name": "21705", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21705" + }, + { + "name": "openvms-auditlogfile-information-disclosure(28695)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28695" + }, + { + "name": "23632", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23632" + }, + { + "name": "ADV-2006-3423", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3423" + }, + { + "name": "1016772", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016772" + }, + { + "name": "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.2/AXP_DNVOSIECO02-V82.txt", + "refsource": "CONFIRM", + "url": "ftp://ftp.itrc.hp.com/openvms_patches/alpha/V8.2/AXP_DNVOSIECO02-V82.txt" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4582.json b/2006/4xxx/CVE-2006-4582.json index 485ec55e7a5..6538eae4343 100644 --- a/2006/4xxx/CVE-2006-4582.json +++ b/2006/4xxx/CVE-2006-4582.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4582", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in The Address Book 1.04e allows remote attackers to perform unauthorized actions as other users via unspecified vectors, as demonstrated by deleting arbitrary users via the id parameter in a deleteuser action in users.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2006-4582", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://secunia.com/secunia_research/2006-76/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2006-76/advisory/" - }, - { - "name" : "32559", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32559" - }, - { - "name" : "21694", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21694" - }, - { - "name" : "theaddressbook-users-csrf(31251)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in The Address Book 1.04e allows remote attackers to perform unauthorized actions as other users via unspecified vectors, as demonstrated by deleting arbitrary users via the id parameter in a deleteuser action in users.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://secunia.com/secunia_research/2006-76/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2006-76/advisory/" + }, + { + "name": "32559", + "refsource": "OSVDB", + "url": "http://osvdb.org/32559" + }, + { + "name": "theaddressbook-users-csrf(31251)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31251" + }, + { + "name": "21694", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21694" + } + ] + } +} \ No newline at end of file diff --git a/2006/4xxx/CVE-2006-4585.json b/2006/4xxx/CVE-2006-4585.json index 650d2cb94d6..6889665f865 100644 --- a/2006/4xxx/CVE-2006-4585.json +++ b/2006/4xxx/CVE-2006-4585.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-4585", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to execute arbitrary SQL commands via the id2 parameter. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated attackers to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-4585", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060903 Tr Forum V2.0 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/445079/100/0/threaded" - }, - { - "name" : "http://acid-root.new.fr/poc/10060903.txt", - "refsource" : "MISC", - "url" : "http://acid-root.new.fr/poc/10060903.txt" - }, - { - "name" : "2297", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2297" - }, - { - "name" : "19834", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/19834" - }, - { - "name" : "ADV-2006-3452", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3452" - }, - { - "name" : "28545", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/28545" - }, - { - "name" : "1016788", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016788" - }, - { - "name" : "21754", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21754" - }, - { - "name" : "1508", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1508" - }, - { - "name" : "tr-forum-admin-sql-injection(28753)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28753" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in admin/editer.php in Tr Forum 2.0 allows remote authenticated users to execute arbitrary SQL commands via the id2 parameter. NOTE: this can be leveraged with other Tr Forum vulnerabilities to allow unauthenticated attackers to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1508", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1508" + }, + { + "name": "20060903 Tr Forum V2.0 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/445079/100/0/threaded" + }, + { + "name": "tr-forum-admin-sql-injection(28753)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28753" + }, + { + "name": "ADV-2006-3452", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3452" + }, + { + "name": "21754", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21754" + }, + { + "name": "28545", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/28545" + }, + { + "name": "19834", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/19834" + }, + { + "name": "2297", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2297" + }, + { + "name": "http://acid-root.new.fr/poc/10060903.txt", + "refsource": "MISC", + "url": "http://acid-root.new.fr/poc/10060903.txt" + }, + { + "name": "1016788", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016788" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5040.json b/2006/5xxx/CVE-2006-5040.json index 5e25f9546cd..ec4d6f2be36 100644 --- a/2006/5xxx/CVE-2006-5040.json +++ b/2006/5xxx/CVE-2006-5040.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5040", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in SEF404x (com_sef) for Joomla! has unspecified impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5040", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://forum.joomla.org/index.php/topic,79477.0.html", - "refsource" : "CONFIRM", - "url" : "http://forum.joomla.org/index.php/topic,79477.0.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in SEF404x (com_sef) for Joomla! has unspecified impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://forum.joomla.org/index.php/topic,79477.0.html", + "refsource": "CONFIRM", + "url": "http://forum.joomla.org/index.php/topic,79477.0.html" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5295.json b/2006/5xxx/CVE-2006-5295.json index a7a29ef671f..9df0e877539 100644 --- a/2006/5xxx/CVE-2006-5295.json +++ b/2006/5xxx/CVE-2006-5295.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5295", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to \"read an invalid memory location.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5295", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061016 Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=423" - }, - { - "name" : "http://kolab.org/security/kolab-vendor-notice-13.txt", - "refsource" : "CONFIRM", - "url" : "http://kolab.org/security/kolab-vendor-notice-13.txt" - }, - { - "name" : "DSA-1196", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1196" - }, - { - "name" : "GLSA-200610-10", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200610-10.xml" - }, - { - "name" : "MDKSA-2006:184", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:184" - }, - { - "name" : "SUSE-SA:2006:060", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_60_clamav.html" - }, - { - "name" : "20537", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20537" - }, - { - "name" : "ADV-2006-4034", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4034" - }, - { - "name" : "ADV-2006-4136", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4136" - }, - { - "name" : "ADV-2006-4264", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4264" - }, - { - "name" : "1017068", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017068" - }, - { - "name" : "22370", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22370" - }, - { - "name" : "22421", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22421" - }, - { - "name" : "22498", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22498" - }, - { - "name" : "22488", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22488" - }, - { - "name" : "22537", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22537" - }, - { - "name" : "22551", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22551" - }, - { - "name" : "22626", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22626" - }, - { - "name" : "clamav-chm-dos(29608)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29608" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to \"read an invalid memory location.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2006-4034", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4034" + }, + { + "name": "22488", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22488" + }, + { + "name": "22370", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22370" + }, + { + "name": "SUSE-SA:2006:060", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_60_clamav.html" + }, + { + "name": "20061016 Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=423" + }, + { + "name": "20537", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20537" + }, + { + "name": "MDKSA-2006:184", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:184" + }, + { + "name": "22626", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22626" + }, + { + "name": "ADV-2006-4136", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4136" + }, + { + "name": "clamav-chm-dos(29608)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29608" + }, + { + "name": "22421", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22421" + }, + { + "name": "ADV-2006-4264", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4264" + }, + { + "name": "http://kolab.org/security/kolab-vendor-notice-13.txt", + "refsource": "CONFIRM", + "url": "http://kolab.org/security/kolab-vendor-notice-13.txt" + }, + { + "name": "GLSA-200610-10", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200610-10.xml" + }, + { + "name": "1017068", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017068" + }, + { + "name": "DSA-1196", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1196" + }, + { + "name": "22551", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22551" + }, + { + "name": "22537", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22537" + }, + { + "name": "22498", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22498" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0712.json b/2010/0xxx/CVE-2010-0712.json index b6ef4fe587c..f6730af18d4 100644 --- a/2010/0xxx/CVE-2010-0712.json +++ b/2010/0xxx/CVE-2010-0712.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0712", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the (1) severity, (2) state, (3) filter, (4) offset, and (5) count parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0712", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://dev.zenoss.org/trac/changeset/15257", - "refsource" : "MISC", - "url" : "http://dev.zenoss.org/trac/changeset/15257" - }, - { - "name" : "http://www.ngenuity.org/wordpress/2010/01/14/ngenuity-2010-001-zenoss-getjsoneventsinfo-sql-injection/", - "refsource" : "MISC", - "url" : "http://www.ngenuity.org/wordpress/2010/01/14/ngenuity-2010-001-zenoss-getjsoneventsinfo-sql-injection/" - }, - { - "name" : "http://www.zenoss.com/news/SQL-Injection-and-Cross-Site-Forgery-in-Zenoss-Core-Corrected.html", - "refsource" : "CONFIRM", - "url" : "http://www.zenoss.com/news/SQL-Injection-and-Cross-Site-Forgery-in-Zenoss-Core-Corrected.html" - }, - { - "name" : "37802", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37802" - }, - { - "name" : "61804", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/61804" - }, - { - "name" : "38195", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38195" - }, - { - "name" : "zenoss-getjsoneventsinfo-sql-injection(55670)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/55670" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the (1) severity, (2) state, (3) filter, (4) offset, and (5) count parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://dev.zenoss.org/trac/changeset/15257", + "refsource": "MISC", + "url": "http://dev.zenoss.org/trac/changeset/15257" + }, + { + "name": "http://www.ngenuity.org/wordpress/2010/01/14/ngenuity-2010-001-zenoss-getjsoneventsinfo-sql-injection/", + "refsource": "MISC", + "url": "http://www.ngenuity.org/wordpress/2010/01/14/ngenuity-2010-001-zenoss-getjsoneventsinfo-sql-injection/" + }, + { + "name": "61804", + "refsource": "OSVDB", + "url": "http://osvdb.org/61804" + }, + { + "name": "37802", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37802" + }, + { + "name": "http://www.zenoss.com/news/SQL-Injection-and-Cross-Site-Forgery-in-Zenoss-Core-Corrected.html", + "refsource": "CONFIRM", + "url": "http://www.zenoss.com/news/SQL-Injection-and-Cross-Site-Forgery-in-Zenoss-Core-Corrected.html" + }, + { + "name": "zenoss-getjsoneventsinfo-sql-injection(55670)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55670" + }, + { + "name": "38195", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38195" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2245.json b/2010/2xxx/CVE-2010-2245.json index 69e4ac7b61d..01b8fe77d6b 100644 --- a/2010/2xxx/CVE-2010-2245.json +++ b/2010/2xxx/CVE-2010-2245.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers to read arbitrary files or cause a denial of service via a crafted XML document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-2245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[MARC] 20100706 [Important] Wink security advisory CVE-2010-2245", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=wink-user&m=127843482925387&w=2" - }, - { - "name" : "https://svn.apache.org/repos/asf/wink/trunk/security/CVE-2010-2245.pdf", - "refsource" : "CONFIRM", - "url" : "https://svn.apache.org/repos/asf/wink/trunk/security/CVE-2010-2245.pdf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers to read arbitrary files or cause a denial of service via a crafted XML document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://svn.apache.org/repos/asf/wink/trunk/security/CVE-2010-2245.pdf", + "refsource": "CONFIRM", + "url": "https://svn.apache.org/repos/asf/wink/trunk/security/CVE-2010-2245.pdf" + }, + { + "name": "[MARC] 20100706 [Important] Wink security advisory CVE-2010-2245", + "refsource": "MLIST", + "url": "http://marc.info/?l=wink-user&m=127843482925387&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2515.json b/2010/2xxx/CVE-2010-2515.json index c3b10bc64f7..fc0e722655c 100644 --- a/2010/2xxx/CVE-2010-2515.json +++ b/2010/2xxx/CVE-2010-2515.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2515", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in index.php in the JFaq (com_jfaq) component 1.2 for Joomla!, when magic_quotes_gpc is disabled, allow (1) remote attackers to execute arbitrary SQL commands via the id parameter, and (2) remote authenticated users with \"Public Front-end\" permissions to execute arbitrary SQL commands via the titlu parameter (title field). NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2515", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1006-exploits/joomlajfaq-sqlxss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1006-exploits/joomlajfaq-sqlxss.txt" - }, - { - "name" : "41029", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/41029" - }, - { - "name" : "65695", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/65695" - }, - { - "name" : "40219", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/40219" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in index.php in the JFaq (com_jfaq) component 1.2 for Joomla!, when magic_quotes_gpc is disabled, allow (1) remote attackers to execute arbitrary SQL commands via the id parameter, and (2) remote authenticated users with \"Public Front-end\" permissions to execute arbitrary SQL commands via the titlu parameter (title field). NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41029", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/41029" + }, + { + "name": "65695", + "refsource": "OSVDB", + "url": "http://osvdb.org/65695" + }, + { + "name": "40219", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/40219" + }, + { + "name": "http://packetstormsecurity.org/1006-exploits/joomlajfaq-sqlxss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1006-exploits/joomlajfaq-sqlxss.txt" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2557.json b/2010/2xxx/CVE-2010-2557.json index 6e32acc057a..569219ca2e5 100644 --- a/2010/2xxx/CVE-2010-2557.json +++ b/2010/2xxx/CVE-2010-2557.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2557", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-2557", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS10-053", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053" - }, - { - "name" : "TA10-222A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-222A.html" - }, - { - "name" : "oval:org.mitre.oval:def:11968", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11968" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka \"Uninitialized Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA10-222A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-222A.html" + }, + { + "name": "MS10-053", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-053" + }, + { + "name": "oval:org.mitre.oval:def:11968", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11968" + } + ] + } +} \ No newline at end of file diff --git a/2010/2xxx/CVE-2010-2622.json b/2010/2xxx/CVE-2010-2622.json index b73edc46620..d68a83fb1b3 100644 --- a/2010/2xxx/CVE-2010-2622.json +++ b/2010/2xxx/CVE-2010-2622.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-2622", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-2622", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "14127", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/14127" - }, - { - "name" : "41256", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/41256" - }, - { - "name" : "joomanager-catid-sql-injection(59945)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59945" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41256", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/41256" + }, + { + "name": "14127", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/14127" + }, + { + "name": "joomanager-catid-sql-injection(59945)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59945" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3021.json b/2010/3xxx/CVE-2010-3021.json index cca5bf04aea..b6e59053666 100644 --- a/2010/3xxx/CVE-2010-3021.json +++ b/2010/3xxx/CVE-2010-3021.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3021", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service (CPU consumption and application hang) via an animated PNG image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3021", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.opera.com/docs/changelogs/mac/1061/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/docs/changelogs/mac/1061/" - }, - { - "name" : "http://www.opera.com/docs/changelogs/unix/1061/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/docs/changelogs/unix/1061/" - }, - { - "name" : "http://www.opera.com/docs/changelogs/windows/1061/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/docs/changelogs/windows/1061/" - }, - { - "name" : "oval:org.mitre.oval:def:11933", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11933" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service (CPU consumption and application hang) via an animated PNG image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.opera.com/docs/changelogs/unix/1061/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/docs/changelogs/unix/1061/" + }, + { + "name": "oval:org.mitre.oval:def:11933", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11933" + }, + { + "name": "http://www.opera.com/docs/changelogs/mac/1061/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/docs/changelogs/mac/1061/" + }, + { + "name": "http://www.opera.com/docs/changelogs/windows/1061/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/docs/changelogs/windows/1061/" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3049.json b/2010/3xxx/CVE-2010-3049.json index 65704bab90f..b4b1c332a28 100644 --- a/2010/3xxx/CVE-2010-3049.json +++ b/2010/3xxx/CVE-2010-3049.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3049", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2010-3049", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150825 Chapter: Caveats in Release 12.2(33)SXI Rebuilds", - "refsource" : "CISCO", - "url" : "https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/release/notes/ol_14271/caveats_SXI_rebuilds.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150825 Chapter: Caveats in Release 12.2(33)SXI Rebuilds", + "refsource": "CISCO", + "url": "https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/release/notes/ol_14271/caveats_SXI_rebuilds.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3112.json b/2010/3xxx/CVE-2010-3112.json index dd4d5b422ac..b55dc570002 100644 --- a/2010/3xxx/CVE-2010-3112.json +++ b/2010/3xxx/CVE-2010-3112.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3112", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome before 5.0.375.127 does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3112", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=45400", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=45400" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html" - }, - { - "name" : "oval:org.mitre.oval:def:11275", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11275" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome before 5.0.375.127 does not properly implement file dialogs, which allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2010/08/stable-channel-update_19.html" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=45400", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=45400" + }, + { + "name": "oval:org.mitre.oval:def:11275", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11275" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3296.json b/2010/3xxx/CVE-2010-3296.json index 9897cbb5205..1f962d4ad4e 100644 --- a/2010/3xxx/CVE-2010-3296.json +++ b/2010/3xxx/CVE-2010-3296.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3296", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-3296", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/520102/100/0/threaded" - }, - { - "name" : "[linux-kernel] 20100911 [PATCH] drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory", - "refsource" : "MLIST", - "url" : "http://lkml.org/lkml/2010/9/11/170" - }, - { - "name" : "[oss-security] 20100914 CVE request: kernel: numerous infoleaks", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/09/14/2" - }, - { - "name" : "[oss-security] 20100914 Re: CVE request: kernel: numerous infoleaks", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/09/14/7" - }, - { - "name" : "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=49c37c0334a9b85d30ab3d6b5d1acb05ef2ef6de", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=49c37c0334a9b85d30ab3d6b5d1acb05ef2ef6de" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=633149", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=633149" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2011-0012.html" - }, - { - "name" : "DSA-2126", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2126" - }, - { - "name" : "RHSA-2011:0017", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-0017.html" - }, - { - "name" : "SUSE-SA:2010:050", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html" - }, - { - "name" : "SUSE-SA:2010:054", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html" - }, - { - "name" : "SUSE-SA:2011:007", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html" - }, - { - "name" : "USN-1041-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-1041-1" - }, - { - "name" : "43221", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43221" - }, - { - "name" : "41440", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41440" - }, - { - "name" : "42758", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42758" - }, - { - "name" : "42884", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42884" - }, - { - "name" : "46397", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/46397" - }, - { - "name" : "ADV-2011-0070", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0070" - }, - { - "name" : "ADV-2011-0298", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.36-rc5" + }, + { + "name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded" + }, + { + "name": "RHSA-2011:0017", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-0017.html" + }, + { + "name": "46397", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/46397" + }, + { + "name": "[oss-security] 20100914 Re: CVE request: kernel: numerous infoleaks", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/09/14/7" + }, + { + "name": "[oss-security] 20100914 CVE request: kernel: numerous infoleaks", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/09/14/2" + }, + { + "name": "[linux-kernel] 20100911 [PATCH] drivers/net/cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory", + "refsource": "MLIST", + "url": "http://lkml.org/lkml/2010/9/11/170" + }, + { + "name": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=49c37c0334a9b85d30ab3d6b5d1acb05ef2ef6de", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/?p=linux/kernel/git/davem/net-2.6.git;a=commit;h=49c37c0334a9b85d30ab3d6b5d1acb05ef2ef6de" + }, + { + "name": "USN-1041-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-1041-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=633149", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=633149" + }, + { + "name": "SUSE-SA:2011:007", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html" + }, + { + "name": "ADV-2011-0298", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0298" + }, + { + "name": "SUSE-SA:2010:050", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html" + }, + { + "name": "42758", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42758" + }, + { + "name": "42884", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42884" + }, + { + "name": "ADV-2011-0070", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0070" + }, + { + "name": "SUSE-SA:2010:054", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html" + }, + { + "name": "41440", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41440" + }, + { + "name": "43221", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43221" + }, + { + "name": "DSA-2126", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2126" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3421.json b/2010/3xxx/CVE-2010-3421.json index 4aa8eb3d633..7457969d38b 100644 --- a/2010/3xxx/CVE-2010-3421.json +++ b/2010/3xxx/CVE-2010-3421.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3421", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ProductCart 3, 4.1 SP1, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter, a different vector than CVE-2004-2174 and CVE-2005-0995. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3421", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.upsploit.com/index.php/advisories/view/UPS-2010-0002", - "refsource" : "MISC", - "url" : "https://www.upsploit.com/index.php/advisories/view/UPS-2010-0002" - }, - { - "name" : "43144", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/43144" - }, - { - "name" : "67938", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/67938" - }, - { - "name" : "41394", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41394" - }, - { - "name" : "productcart-affiliatelogin-xss(61727)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61727" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ProductCart 3, 4.1 SP1, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the redirectUrl parameter, a different vector than CVE-2004-2174 and CVE-2005-0995. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.upsploit.com/index.php/advisories/view/UPS-2010-0002", + "refsource": "MISC", + "url": "https://www.upsploit.com/index.php/advisories/view/UPS-2010-0002" + }, + { + "name": "67938", + "refsource": "OSVDB", + "url": "http://osvdb.org/67938" + }, + { + "name": "43144", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/43144" + }, + { + "name": "productcart-affiliatelogin-xss(61727)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61727" + }, + { + "name": "41394", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41394" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3654.json b/2010/3xxx/CVE-2010-3654.json index 5cd315d5aa6..e9f41a94a3b 100644 --- a/2010/3xxx/CVE-2010-3654.json +++ b/2010/3xxx/CVE-2010-3654.json @@ -1,242 +1,242 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3654", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2010-3654", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html", - "refsource" : "MISC", - "url" : "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html" - }, - { - "name" : "http://www.adobe.com/support/security/advisories/apsa10-05.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/advisories/apsa10-05.html" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb10-26.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb10-26.html" - }, - { - "name" : "http://support.apple.com/kb/HT4435", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4435" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb10-28.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb10-28.html" - }, - { - "name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1", - "refsource" : "CONFIRM", - "url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1" - }, - { - "name" : "APPLE-SA-2010-11-10-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" - }, - { - "name" : "GLSA-201101-08", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201101-08.xml" - }, - { - "name" : "GLSA-201101-09", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201101-09.xml" - }, - { - "name" : "RHSA-2010:0829", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0829.html" - }, - { - "name" : "RHSA-2010:0834", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0834.html" - }, - { - "name" : "RHSA-2010:0934", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0934.html" - }, - { - "name" : "RHSA-2010:0867", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0867.html" - }, - { - "name" : "SUSE-SA:2010:058", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html" - }, - { - "name" : "SUSE-SA:2010:055", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html" - }, - { - "name" : "TLSA-2011-2", - "refsource" : "TURBO", - "url" : "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt" - }, - { - "name" : "VU#298081", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/298081" - }, - { - "name" : "44504", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44504" - }, - { - "name" : "oval:org.mitre.oval:def:13294", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294" - }, - { - "name" : "1024659", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024659" - }, - { - "name" : "1024660", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1024660" - }, - { - "name" : "41917", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41917" - }, - { - "name" : "42030", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42030" - }, - { - "name" : "42183", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42183" - }, - { - "name" : "42401", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42401" - }, - { - "name" : "42926", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42926" - }, - { - "name" : "43025", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43025" - }, - { - "name" : "43026", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43026" - }, - { - "name" : "8210", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8210" - }, - { - "name" : "ADV-2010-2903", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2903" - }, - { - "name" : "ADV-2010-2906", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2906" - }, - { - "name" : "ADV-2010-2918", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2918" - }, - { - "name" : "ADV-2010-3111", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3111" - }, - { - "name" : "ADV-2011-0173", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0173" - }, - { - "name" : "ADV-2011-0191", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0191" - }, - { - "name" : "ADV-2011-0192", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0192" - }, - { - "name" : "ADV-2011-0344", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2011-0192", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0192" + }, + { + "name": "42183", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42183" + }, + { + "name": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html", + "refsource": "MISC", + "url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html" + }, + { + "name": "http://support.apple.com/kb/HT4435", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4435" + }, + { + "name": "42030", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42030" + }, + { + "name": "ADV-2011-0191", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0191" + }, + { + "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1", + "refsource": "CONFIRM", + "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1" + }, + { + "name": "43025", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43025" + }, + { + "name": "ADV-2011-0344", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0344" + }, + { + "name": "43026", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43026" + }, + { + "name": "GLSA-201101-09", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml" + }, + { + "name": "ADV-2010-2918", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2918" + }, + { + "name": "ADV-2010-3111", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3111" + }, + { + "name": "41917", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41917" + }, + { + "name": "APPLE-SA-2010-11-10-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" + }, + { + "name": "GLSA-201101-08", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml" + }, + { + "name": "RHSA-2010:0834", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html" + }, + { + "name": "SUSE-SA:2010:055", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html" + }, + { + "name": "1024660", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024660" + }, + { + "name": "42926", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42926" + }, + { + "name": "RHSA-2010:0934", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html" + }, + { + "name": "ADV-2010-2903", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2903" + }, + { + "name": "ADV-2011-0173", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0173" + }, + { + "name": "42401", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42401" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb10-26.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html" + }, + { + "name": "VU#298081", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/298081" + }, + { + "name": "1024659", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1024659" + }, + { + "name": "TLSA-2011-2", + "refsource": "TURBO", + "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt" + }, + { + "name": "44504", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44504" + }, + { + "name": "http://www.adobe.com/support/security/advisories/apsa10-05.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/advisories/apsa10-05.html" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html" + }, + { + "name": "SUSE-SA:2010:058", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html" + }, + { + "name": "8210", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8210" + }, + { + "name": "ADV-2010-2906", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2906" + }, + { + "name": "RHSA-2010:0867", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html" + }, + { + "name": "RHSA-2010:0829", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html" + }, + { + "name": "oval:org.mitre.oval:def:13294", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4184.json b/2010/4xxx/CVE-2010-4184.json index 9411970af4b..97a9dab9a38 100644 --- a/2010/4xxx/CVE-2010-4184.json +++ b/2010/4xxx/CVE-2010-4184.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4184", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client machines, which allows remote attackers to obtain potentially sensitive information by sniffing the network." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4184", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.netsupportsoftware.com/support/td.asp?td=634", - "refsource" : "CONFIRM", - "url" : "http://www.netsupportsoftware.com/support/td.asp?td=634" - }, - { - "name" : "VU#465239", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/465239" - }, - { - "name" : "netsupport-http-info-disclosure(62984)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/62984" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client machines, which allows remote attackers to obtain potentially sensitive information by sniffing the network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.netsupportsoftware.com/support/td.asp?td=634", + "refsource": "CONFIRM", + "url": "http://www.netsupportsoftware.com/support/td.asp?td=634" + }, + { + "name": "VU#465239", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/465239" + }, + { + "name": "netsupport-http-info-disclosure(62984)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62984" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4726.json b/2010/4xxx/CVE-2010-4726.json index ec282051172..20ee3d2990f 100644 --- a/2010/4xxx/CVE-2010-4726.json +++ b/2010/4xxx/CVE-2010-4726.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4726", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the math plugin in Smarty before 3.0.0 RC1 has unknown impact and remote attack vectors. NOTE: this might overlap CVE-2009-1669." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4726", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt", - "refsource" : "CONFIRM", - "url" : "http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the math plugin in Smarty before 3.0.0 RC1 has unknown impact and remote attack vectors. NOTE: this might overlap CVE-2009-1669." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt", + "refsource": "CONFIRM", + "url": "http://smarty-php.googlecode.com/svn/trunk/distribution/change_log.txt" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1301.json b/2011/1xxx/CVE-2011-1301.json index a47e8a47248..da4f527b31d 100644 --- a/2011/1xxx/CVE-2011-1301.json +++ b/2011/1xxx/CVE-2011-1301.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1301", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1301", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=75629", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=75629" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html" - }, - { - "name" : "47377", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/47377" - }, - { - "name" : "oval:org.mitre.oval:def:14509", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14509" - }, - { - "name" : "1025377", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1025377" - }, - { - "name" : "44141", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44141" - }, - { - "name" : "ADV-2011-1006", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/1006" - }, - { - "name" : "chrome-gpu-code-execution(66767)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66767" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the GPU process in Google Chrome before 10.0.648.205 allows remote attackers to execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2011-1006", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/1006" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=75629", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=75629" + }, + { + "name": "1025377", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1025377" + }, + { + "name": "44141", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44141" + }, + { + "name": "47377", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/47377" + }, + { + "name": "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html" + }, + { + "name": "chrome-gpu-code-execution(66767)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66767" + }, + { + "name": "oval:org.mitre.oval:def:14509", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14509" + } + ] + } +} \ No newline at end of file diff --git a/2011/1xxx/CVE-2011-1673.json b/2011/1xxx/CVE-2011-1673.json index 2d843b601f6..8b1e435e8db 100644 --- a/2011/1xxx/CVE-2011-1673.json +++ b/2011/1xxx/CVE-2011-1673.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-1673", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attackers to obtain the administrator password by reading the configuration file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-1673", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#644812", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/644812" - }, - { - "name" : "44045", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/44045" - }, - { - "name" : "ADV-2011-0884", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0884" - }, - { - "name" : "prosafe-backupconfig-info-disc(66817)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66817" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attackers to obtain the administrator password by reading the configuration file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "prosafe-backupconfig-info-disc(66817)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66817" + }, + { + "name": "VU#644812", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/644812" + }, + { + "name": "ADV-2011-0884", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0884" + }, + { + "name": "44045", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/44045" + } + ] + } +} \ No newline at end of file diff --git a/2011/5xxx/CVE-2011-5126.json b/2011/5xxx/CVE-2011-5126.json index f698311a9dd..81e92dfd9aa 100644 --- a/2011/5xxx/CVE-2011-5126.json +++ b/2011/5xxx/CVE-2011-5126.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-5126", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 writes the secure heap to core images, which allows context-dependent attackers to obtain sensitive authentication information by leveraging read access to a downloaded core file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-5126", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.bluecoat.com/index?page=content&id=SA56", - "refsource" : "CONFIRM", - "url" : "https://kb.bluecoat.com/index?page=content&id=SA56" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 writes the secure heap to core images, which allows context-dependent attackers to obtain sensitive authentication information by leveraging read access to a downloaded core file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.bluecoat.com/index?page=content&id=SA56", + "refsource": "CONFIRM", + "url": "https://kb.bluecoat.com/index?page=content&id=SA56" + } + ] + } +} \ No newline at end of file diff --git a/2011/5xxx/CVE-2011-5162.json b/2011/5xxx/CVE-2011-5162.json index d86395fb71d..7ee14489ed6 100644 --- a/2011/5xxx/CVE-2011-5162.json +++ b/2011/5xxx/CVE-2011-5162.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-5162", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the \"ref href\" tag. NOTE: this issue exists because of a CVE-2007-0707 regression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-5162", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "18174", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/18174/" - }, - { - "name" : "33080", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33080" - }, - { - "name" : "47009", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/47009" - }, - { - "name" : "gom-asx-bo(71575)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71575" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the \"ref href\" tag. NOTE: this issue exists because of a CVE-2007-0707 regression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "47009", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/47009" + }, + { + "name": "gom-asx-bo(71575)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71575" + }, + { + "name": "18174", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/18174/" + }, + { + "name": "33080", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33080" + } + ] + } +} \ No newline at end of file diff --git a/2014/10xxx/CVE-2014-10075.json b/2014/10xxx/CVE-2014-10075.json index 6a9a6574f6c..53c1e600432 100644 --- a/2014/10xxx/CVE-2014-10075.json +++ b/2014/10xxx/CVE-2014-10075.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-10075", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The karo gem 2.3.8 for Ruby allows Remote command injection via the host field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-10075", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vapid.dhs.org/advisories/karo-2.3.8.html", - "refsource" : "MISC", - "url" : "http://www.vapid.dhs.org/advisories/karo-2.3.8.html" - }, - { - "name" : "http://www.vapidlabs.com/advisory.php?v=63", - "refsource" : "MISC", - "url" : "http://www.vapidlabs.com/advisory.php?v=63" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The karo gem 2.3.8 for Ruby allows Remote command injection via the host field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vapidlabs.com/advisory.php?v=63", + "refsource": "MISC", + "url": "http://www.vapidlabs.com/advisory.php?v=63" + }, + { + "name": "http://www.vapid.dhs.org/advisories/karo-2.3.8.html", + "refsource": "MISC", + "url": "http://www.vapid.dhs.org/advisories/karo-2.3.8.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3056.json b/2014/3xxx/CVE-2014-3056.json index b70984f758c..3b6cee2cbc3 100644 --- a/2014/3xxx/CVE-2014-3056.json +++ b/2014/3xxx/CVE-2014-3056.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3056", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to obtain potentially sensitive information about environment variables and JAR versions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-3056", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677032", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21677032" - }, - { - "name" : "PI18909", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI18909" - }, - { - "name" : "60499", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60499" - }, - { - "name" : "ibm-wsputl-cve20143056-infodisc(93530)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/93530" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to obtain potentially sensitive information about environment variables and JAR versions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "60499", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60499" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677032", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677032" + }, + { + "name": "ibm-wsputl-cve20143056-infodisc(93530)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93530" + }, + { + "name": "PI18909", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI18909" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3270.json b/2014/3xxx/CVE-2014-3270.json index aafa9b904f7..6882871215e 100644 --- a/2014/3xxx/CVE-2014-3270.json +++ b/2014/3xxx/CVE-2014-3270.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3270", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-3270", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140519 Cisco IOS XR Software DHCP Version 6 Process Hang Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3270" - }, - { - "name" : "1030259", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030259" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DHCPv6 implementation in Cisco IOS XR allows remote attackers to cause a denial of service (process hang) via a malformed packet, aka Bug ID CSCul80924." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20140519 Cisco IOS XR Software DHCP Version 6 Process Hang Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3270" + }, + { + "name": "1030259", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030259" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3341.json b/2014/3xxx/CVE-2014-3341.json index 52223daf212..e1b3f98f4fe 100644 --- a/2014/3xxx/CVE-2014-3341.json +++ b/2014/3xxx/CVE-2014-3341.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3341", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2014-3341", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=35338", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=35338" - }, - { - "name" : "20140818 Cisco NX-OS Software SNMP Information Disclosure Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3341" - }, - { - "name" : "69266", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69266" - }, - { - "name" : "1030746", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030746" - }, - { - "name" : "cisco-nxos-cve20143341-info-disc(95329)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95329" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SNMP module in Cisco NX-OS 7.0(3)N1(1) and earlier on Nexus 5000 and 6000 devices provides different error messages for invalid requests depending on whether the VLAN ID exists, which allows remote attackers to enumerate VLANs via a series of requests, aka Bug ID CSCup85616." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35338", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35338" + }, + { + "name": "cisco-nxos-cve20143341-info-disc(95329)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95329" + }, + { + "name": "69266", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69266" + }, + { + "name": "20140818 Cisco NX-OS Software SNMP Information Disclosure Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3341" + }, + { + "name": "1030746", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030746" + } + ] + } +} \ No newline at end of file diff --git a/2014/3xxx/CVE-2014-3941.json b/2014/3xxx/CVE-2014-3941.json index 1ff8395d650..0d24f88cc29 100644 --- a/2014/3xxx/CVE-2014-3941.json +++ b/2014/3xxx/CVE-2014-3941.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-3941", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to \"Host Spoofing.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-3941", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140603 Re: CVE ID request: typo3", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/06/03/2" - }, - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/" - }, - { - "name" : "DSA-2942", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2942" - }, - { - "name" : "openSUSE-SU-2016:2025", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html" - }, - { - "name" : "openSUSE-SU-2016:2114", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html" - }, - { - "name" : "openSUSE-SU-2014:0813", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TYPO3 4.5.0 before 4.5.34, 4.7.0 before 4.7.19, 6.0.0 before 6.0.14, 6.1.0 before 6.1.9, and 6.2.0 before 6.2.3 allows remote attackers to have unspecified impact via a crafted HTTP Host header, related to \"Host Spoofing.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:2025", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00028.html" + }, + { + "name": "openSUSE-SU-2014:0813", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00037.html" + }, + { + "name": "DSA-2942", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2942" + }, + { + "name": "openSUSE-SU-2016:2114", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00083.html" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2014-001/" + }, + { + "name": "[oss-security] 20140603 Re: CVE ID request: typo3", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/06/03/2" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4979.json b/2014/4xxx/CVE-2014-4979.json index ce67b51b7f4..d46c8215287 100644 --- a/2014/4xxx/CVE-2014-4979.json +++ b/2014/4xxx/CVE-2014-4979.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4979", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apple QuickTime allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed version number and flags in an mvhd atom." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4979", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-14-264/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-14-264/" - }, - { - "name" : "http://support.apple.com/kb/HT6443", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6443" - }, - { - "name" : "https://support.apple.com/kb/HT6493", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT6493" - }, - { - "name" : "68852", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68852" - }, - { - "name" : "1030638", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030638" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apple QuickTime allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed version number and flags in an mvhd atom." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://zerodayinitiative.com/advisories/ZDI-14-264/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-14-264/" + }, + { + "name": "https://support.apple.com/kb/HT6493", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT6493" + }, + { + "name": "68852", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68852" + }, + { + "name": "1030638", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030638" + }, + { + "name": "http://support.apple.com/kb/HT6443", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6443" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8212.json b/2014/8xxx/CVE-2014-8212.json index c7dda05c56c..56eae0514b5 100644 --- a/2014/8xxx/CVE-2014-8212.json +++ b/2014/8xxx/CVE-2014-8212.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8212", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-8212", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8327.json b/2014/8xxx/CVE-2014-8327.json index 8ef640c2d1f..f33d638a8ac 100644 --- a/2014/8xxx/CVE-2014-8327.json +++ b/2014/8xxx/CVE-2014-8327.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8327", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folders, which allows remote authenticated users to obtain sensitive information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8327", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-014/", - "refsource" : "MISC", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-014/" - }, - { - "name" : "http://typo3.org/extensions/repository/view/fal_sftp", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/extensions/repository/view/fal_sftp" - }, - { - "name" : "falsftp-typo3-cve20148327-info-disc(97668)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/97668" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folders, which allows remote authenticated users to obtain sensitive information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-014/", + "refsource": "MISC", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-014/" + }, + { + "name": "falsftp-typo3-cve20148327-info-disc(97668)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97668" + }, + { + "name": "http://typo3.org/extensions/repository/view/fal_sftp", + "refsource": "CONFIRM", + "url": "http://typo3.org/extensions/repository/view/fal_sftp" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8375.json b/2014/8xxx/CVE-2014-8375.json index f9ea9b5d5f7..9e899b89bd1 100644 --- a/2014/8xxx/CVE-2014-8375.json +++ b/2014/8xxx/CVE-2014-8375.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8375", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selected_group parameter in a gb_ajax_get_group action to wp-admin/admin-ajax.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/127833/WordPress-GB-Gallery-Slideshow-1.5-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/127833/WordPress-GB-Gallery-Slideshow-1.5-SQL-Injection.html" - }, - { - "name" : "http://www.homelab.it/index.php/2014/08/10/wordpress-gb-gallery-slideshow", - "refsource" : "MISC", - "url" : "http://www.homelab.it/index.php/2014/08/10/wordpress-gb-gallery-slideshow" - }, - { - "name" : "69181", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69181" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selected_group parameter in a gb_ajax_get_group action to wp-admin/admin-ajax.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/127833/WordPress-GB-Gallery-Slideshow-1.5-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/127833/WordPress-GB-Gallery-Slideshow-1.5-SQL-Injection.html" + }, + { + "name": "69181", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69181" + }, + { + "name": "http://www.homelab.it/index.php/2014/08/10/wordpress-gb-gallery-slideshow", + "refsource": "MISC", + "url": "http://www.homelab.it/index.php/2014/08/10/wordpress-gb-gallery-slideshow" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9067.json b/2014/9xxx/CVE-2014-9067.json index d4d4a75a0ed..74eb050c365 100644 --- a/2014/9xxx/CVE-2014-9067.json +++ b/2014/9xxx/CVE-2014-9067.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9067", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9067", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9531.json b/2014/9xxx/CVE-2014-9531.json index 341859a6bad..5fbdfe7793f 100644 --- a/2014/9xxx/CVE-2014-9531.json +++ b/2014/9xxx/CVE-2014-9531.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9531", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9531", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9582.json b/2014/9xxx/CVE-2014-9582.json index 50ffa87860b..b4f0b3ab8b3 100644 --- a/2014/9xxx/CVE-2014-9582.json +++ b/2014/9xxx/CVE-2014-9582.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9582", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in components/filemanager/dialog.php in Codiad 2.4.3 allows remote attackers to inject arbitrary web script or HTML via the short_name parameter in a rename action. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9582", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "35585", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/35585" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in components/filemanager/dialog.php in Codiad 2.4.3 allows remote attackers to inject arbitrary web script or HTML via the short_name parameter in a rename action. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35585", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/35585" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9716.json b/2014/9xxx/CVE-2014-9716.json index 7253455d4f0..98539640714 100644 --- a/2014/9xxx/CVE-2014-9716.json +++ b/2014/9xxx/CVE-2014-9716.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9716", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in WebODF before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via a file name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9716", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/kogmbh/WebODF/blob/master/ChangeLog.md", - "refsource" : "CONFIRM", - "url" : "https://github.com/kogmbh/WebODF/blob/master/ChangeLog.md" - }, - { - "name" : "https://github.com/kogmbh/WebODF/pull/851", - "refsource" : "CONFIRM", - "url" : "https://github.com/kogmbh/WebODF/pull/851" - }, - { - "name" : "https://owncloud.org/security/advisory/?id=oc-sa-2015-002", - "refsource" : "CONFIRM", - "url" : "https://owncloud.org/security/advisory/?id=oc-sa-2015-002" - }, - { - "name" : "74577", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74577" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in WebODF before 0.5.4 allows remote attackers to inject arbitrary web script or HTML via a file name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74577", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74577" + }, + { + "name": "https://github.com/kogmbh/WebODF/pull/851", + "refsource": "CONFIRM", + "url": "https://github.com/kogmbh/WebODF/pull/851" + }, + { + "name": "https://github.com/kogmbh/WebODF/blob/master/ChangeLog.md", + "refsource": "CONFIRM", + "url": "https://github.com/kogmbh/WebODF/blob/master/ChangeLog.md" + }, + { + "name": "https://owncloud.org/security/advisory/?id=oc-sa-2015-002", + "refsource": "CONFIRM", + "url": "https://owncloud.org/security/advisory/?id=oc-sa-2015-002" + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2593.json b/2016/2xxx/CVE-2016-2593.json index fd44acee1f6..bb555bbec5a 100644 --- a/2016/2xxx/CVE-2016-2593.json +++ b/2016/2xxx/CVE-2016-2593.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2593", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-2593", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/2xxx/CVE-2016-2844.json b/2016/2xxx/CVE-2016-2844.json index fdcb64d1be7..8f2da5a1a97 100644 --- a/2016/2xxx/CVE-2016-2844.json +++ b/2016/2xxx/CVE-2016-2844.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-2844", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google Chrome before 49.0.2623.75, does not properly determine when anonymous block wrappers may exist, which allows remote attackers to cause a denial of service (incorrect cast and assertion failure) or possibly have unspecified other impact via crafted JavaScript code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-2844", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" - }, - { - "name" : "https://bugs.chromium.org/p/chromium/issues/detail?id=546849", - "refsource" : "CONFIRM", - "url" : "https://bugs.chromium.org/p/chromium/issues/detail?id=546849" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=591402", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=591402" - }, - { - "name" : "https://codereview.chromium.org/1423573002", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1423573002" - }, - { - "name" : "USN-2920-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2920-1" - }, - { - "name" : "84170", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84170" - }, - { - "name" : "1035185", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035185" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit/Source/core/layout/LayoutBlock.cpp in Blink, as used in Google Chrome before 49.0.2623.75, does not properly determine when anonymous block wrappers may exist, which allows remote attackers to cause a denial of service (incorrect cast and assertion failure) or possibly have unspecified other impact via crafted JavaScript code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.chromium.org/p/chromium/issues/detail?id=546849", + "refsource": "CONFIRM", + "url": "https://bugs.chromium.org/p/chromium/issues/detail?id=546849" + }, + { + "name": "1035185", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035185" + }, + { + "name": "84170", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84170" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=591402", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=591402" + }, + { + "name": "https://codereview.chromium.org/1423573002", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1423573002" + }, + { + "name": "USN-2920-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2920-1" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6072.json b/2016/6xxx/CVE-2016-6072.json index eb6ff994080..1d54120a09b 100644 --- a/2016/6xxx/CVE-2016-6072.json +++ b/2016/6xxx/CVE-2016-6072.json @@ -1,175 +1,175 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-6072", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Maximo Asset Management", - "version" : { - "version_data" : [ - { - "version_value" : "6.2" - }, - { - "version_value" : "7.1" - }, - { - "version_value" : "7.5" - }, - { - "version_value" : "7.5.0.0" - }, - { - "version_value" : "7.5.0.10" - }, - { - "version_value" : "7.1.0.0" - }, - { - "version_value" : "6.2.0.0" - }, - { - "version_value" : "7.2" - }, - { - "version_value" : "7.1.1" - }, - { - "version_value" : "7.1.2" - }, - { - "version_value" : "7.2.1" - }, - { - "version_value" : "6.2.1" - }, - { - "version_value" : "6.2.2" - }, - { - "version_value" : "6.2.3" - }, - { - "version_value" : "6.2.4" - }, - { - "version_value" : "6.2.5" - }, - { - "version_value" : "6.2.6" - }, - { - "version_value" : "6.2.7" - }, - { - "version_value" : "6.2.8" - }, - { - "version_value" : "7.1.1.1" - }, - { - "version_value" : "7.1.1.10" - }, - { - "version_value" : "7.1.1.11" - }, - { - "version_value" : "7.1.1.12" - }, - { - "version_value" : "7.1.1.2" - }, - { - "version_value" : "7.1.1.5" - }, - { - "version_value" : "7.1.1.6" - }, - { - "version_value" : "7.1.1.7" - }, - { - "version_value" : "7.1.1.8" - }, - { - "version_value" : "7.1.1.9" - }, - { - "version_value" : "7.5.0.1" - }, - { - "version_value" : "7.5.0.2" - }, - { - "version_value" : "7.5.0.3" - }, - { - "version_value" : "7.5.0.4" - }, - { - "version_value" : "7.5.0.5" - }, - { - "version_value" : "7.6" - }, - { - "version_value" : "7.5.0" - }, - { - "version_value" : "7.6.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-6072", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Maximo Asset Management", + "version": { + "version_data": [ + { + "version_value": "6.2" + }, + { + "version_value": "7.1" + }, + { + "version_value": "7.5" + }, + { + "version_value": "7.5.0.0" + }, + { + "version_value": "7.5.0.10" + }, + { + "version_value": "7.1.0.0" + }, + { + "version_value": "6.2.0.0" + }, + { + "version_value": "7.2" + }, + { + "version_value": "7.1.1" + }, + { + "version_value": "7.1.2" + }, + { + "version_value": "7.2.1" + }, + { + "version_value": "6.2.1" + }, + { + "version_value": "6.2.2" + }, + { + "version_value": "6.2.3" + }, + { + "version_value": "6.2.4" + }, + { + "version_value": "6.2.5" + }, + { + "version_value": "6.2.6" + }, + { + "version_value": "6.2.7" + }, + { + "version_value": "6.2.8" + }, + { + "version_value": "7.1.1.1" + }, + { + "version_value": "7.1.1.10" + }, + { + "version_value": "7.1.1.11" + }, + { + "version_value": "7.1.1.12" + }, + { + "version_value": "7.1.1.2" + }, + { + "version_value": "7.1.1.5" + }, + { + "version_value": "7.1.1.6" + }, + { + "version_value": "7.1.1.7" + }, + { + "version_value": "7.1.1.8" + }, + { + "version_value": "7.1.1.9" + }, + { + "version_value": "7.5.0.1" + }, + { + "version_value": "7.5.0.2" + }, + { + "version_value": "7.5.0.3" + }, + { + "version_value": "7.5.0.4" + }, + { + "version_value": "7.5.0.5" + }, + { + "version_value": "7.6" + }, + { + "version_value": "7.5.0" + }, + { + "version_value": "7.6.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21991893", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21991893" - }, - { - "name" : "94355", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94355" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Maximo Asset Management is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94355", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94355" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21991893", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21991893" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6758.json b/2016/6xxx/CVE-2016-6758.json index 2b2bdd2c64a..a15e0fe3f20 100644 --- a/2016/6xxx/CVE-2016-6758.json +++ b/2016/6xxx/CVE-2016-6758.json @@ -1,70 +1,70 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-6758", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.10" - }, - { - "version_value" : "Kernel-3.18" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30148882. References: QC-CR#1071731." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-6758", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.10" + }, + { + "version_value": "Kernel-3.18" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2016-12-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2016-12-01.html" - }, - { - "name" : "94677", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94677" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in Qualcomm media codecs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30148882. References: QC-CR#1071731." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2016-12-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2016-12-01.html" + }, + { + "name": "94677", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94677" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6917.json b/2016/6xxx/CVE-2016-6917.json index e19b3c00055..4430adbd97a 100644 --- a/2016/6xxx/CVE-2016-6917.json +++ b/2016/6xxx/CVE-2016-6917.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6917", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6917", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", - "refsource" : "CONFIRM", - "url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in" - }, - { - "name" : "https://source.android.com/security/bulletin/2016-12-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2016-12-01" - }, - { - "name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", - "refsource" : "CONFIRM", - "url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" - }, - { - "name" : "94667", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94667" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android, Shield TV before OTA 3.3, Shield Table before OTA 4.4, and Shield Table TK1 before OTA 1.5." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in", + "refsource": "CONFIRM", + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4276/~/security-bulletin%3A-nvidia-shield-contains-multiple-vulnerabilities-in" + }, + { + "name": "https://source.android.com/security/bulletin/2016-12-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2016-12-01" + }, + { + "name": "94667", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94667" + }, + { + "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", + "refsource": "CONFIRM", + "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7008.json b/2016/7xxx/CVE-2016-7008.json index eeddf15f77f..9d0fe1ae285 100644 --- a/2016/7xxx/CVE-2016-7008.json +++ b/2016/7xxx/CVE-2016-7008.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7008", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-7008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" - }, - { - "name" : "93496", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93496" - }, - { - "name" : "1036986", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036986" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941, CVE-2016-6942, CVE-2016-6943, CVE-2016-6947, CVE-2016-6948, CVE-2016-6950, CVE-2016-6951, CVE-2016-6954, CVE-2016-6955, CVE-2016-6956, CVE-2016-6959, CVE-2016-6960, CVE-2016-6966, CVE-2016-6970, CVE-2016-6972, CVE-2016-6973, CVE-2016-6974, CVE-2016-6975, CVE-2016-6976, CVE-2016-6977, CVE-2016-6978, CVE-2016-6995, CVE-2016-6996, CVE-2016-6997, CVE-2016-6998, CVE-2016-7000, CVE-2016-7001, CVE-2016-7002, CVE-2016-7003, CVE-2016-7004, CVE-2016-7005, CVE-2016-7006, CVE-2016-7007, CVE-2016-7009, CVE-2016-7010, CVE-2016-7011, CVE-2016-7012, CVE-2016-7013, CVE-2016-7014, CVE-2016-7015, CVE-2016-7016, CVE-2016-7017, CVE-2016-7018, and CVE-2016-7019." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036986", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036986" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" + }, + { + "name": "93496", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93496" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7102.json b/2016/7xxx/CVE-2016-7102.json index eeb93bd72a7..3763d778f0b 100644 --- a/2016/7xxx/CVE-2016-7102.json +++ b/2016/7xxx/CVE-2016-7102.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7102", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ownCloud Desktop before 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a \"special path\" in the C: drive." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-7102", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-016", - "refsource" : "CONFIRM", - "url" : "https://owncloud.org/security/advisory/?id=oc-sa-2016-016" - }, - { - "name" : "92627", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92627" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ownCloud Desktop before 2.2.3 allows local users to execute arbitrary code and possibly gain privileges via a Trojan library in a \"special path\" in the C: drive." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92627", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92627" + }, + { + "name": "https://owncloud.org/security/advisory/?id=oc-sa-2016-016", + "refsource": "CONFIRM", + "url": "https://owncloud.org/security/advisory/?id=oc-sa-2016-016" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7214.json b/2016/7xxx/CVE-2016-7214.json index 62cf420c087..0f581a9019d 100644 --- a/2016/7xxx/CVE-2016-7214.json +++ b/2016/7xxx/CVE-2016-7214.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2016-7214", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to bypass the ASLR protection mechanism via a crafted application, aka \"Win32k Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-7214", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-135", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135" - }, - { - "name" : "93991", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93991" - }, - { - "name" : "1037251", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to bypass the ASLR protection mechanism via a crafted application, aka \"Win32k Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037251", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037251" + }, + { + "name": "MS16-135", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135" + }, + { + "name": "93991", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93991" + } + ] + } +} \ No newline at end of file