diff --git a/2001/0xxx/CVE-2001-0095.json b/2001/0xxx/CVE-2001-0095.json index f7e182c75b8..48c2f05263c 100644 --- a/2001/0xxx/CVE-2001-0095.json +++ b/2001/0xxx/CVE-2001-0095.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0095", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0095", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001218 Catman file clobbering vulnerability Solaris 2.x", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-12/0313.html" - }, - { - "name" : "solaris-catman-symlink(5788)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5788" - }, - { - "name" : "6024", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/6024" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6024", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/6024" + }, + { + "name": "20001218 Catman file clobbering vulnerability Solaris 2.x", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0313.html" + }, + { + "name": "solaris-catman-symlink(5788)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5788" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0102.json b/2001/0xxx/CVE-2001-0102.json index 3f72b3fff81..94ca551a6a8 100644 --- a/2001/0xxx/CVE-2001-0102.json +++ b/2001/0xxx/CVE-2001-0102.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0102", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "\"Multiple Users\" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0102", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001229 Mac OS 9 Multiple Users Control Panel Password Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-12/0497.html" - }, - { - "name" : "macos-multiple-users(5830)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5830" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "\"Multiple Users\" Control Panel in Mac OS 9 allows Normal users to gain Owner privileges by removing the Users & Groups Data File, which effectively removes the Owner password and allows the Normal user to log in as the Owner account without a password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20001229 Mac OS 9 Multiple Users Control Panel Password Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0497.html" + }, + { + "name": "macos-multiple-users(5830)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5830" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0166.json b/2001/0xxx/CVE-2001-0166.json index c362b26636c..af4d9d477c5 100644 --- a/2001/0xxx/CVE-2001-0166.json +++ b/2001/0xxx/CVE-2001-0166.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0166", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0166", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001229 Shockwave Flash buffer overflow", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-12/0491.html" - }, - { - "name" : "shockwave-flash-swf-bo(5826)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5826" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20001229 Shockwave Flash buffer overflow", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-12/0491.html" + }, + { + "name": "shockwave-flash-swf-bo(5826)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5826" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0702.json b/2001/0xxx/CVE-2001-0702.json index 01847cbc001..808b6ef6634 100644 --- a/2001/0xxx/CVE-2001-0702.json +++ b/2001/0xxx/CVE-2001-0702.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0702", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long (1) username, (2) password, or (3) PASV command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0702", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010621 Cerberus FTP Server 1.x Remote DoS attack Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/192655" - }, - { - "name" : "20010704 CesarFTPd, Cerberus FTPd", - "refsource" : "BUGTRAQ", - "url" : "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00070.html" - }, - { - "name" : "2901", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2901" - }, - { - "name" : "cerberus-ftp-bo(6728)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6728" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long (1) username, (2) password, or (3) PASV command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20010704 CesarFTPd, Cerberus FTPd", + "refsource": "BUGTRAQ", + "url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2001/07/msg00070.html" + }, + { + "name": "2901", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2901" + }, + { + "name": "cerberus-ftp-bo(6728)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6728" + }, + { + "name": "20010621 Cerberus FTP Server 1.x Remote DoS attack Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/192655" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0858.json b/2001/0xxx/CVE-2001-0858.json index d6b074271ac..ebe02026da7 100644 --- a/2001/0xxx/CVE-2001-0858.json +++ b/2001/0xxx/CVE-2001-0858.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0858", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0858", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20011113 Security Update: [CSSA-2001-SCO.32] Open UNIX, UnixWare 7: buffer overflow in ppp utilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=100562386012917&w=2" - }, - { - "name" : "CSSA-2001-SCO.32", - "refsource" : "CALDERA", - "url" : "ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.32/" - }, - { - "name" : "unixware-openunix-ppp-bo(7570)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/7570.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "CSSA-2001-SCO.32", + "refsource": "CALDERA", + "url": "ftp://stage.caldera.com/pub/security/openunix/CSSA-2001-SCO.32/" + }, + { + "name": "20011113 Security Update: [CSSA-2001-SCO.32] Open UNIX, UnixWare 7: buffer overflow in ppp utilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=100562386012917&w=2" + }, + { + "name": "unixware-openunix-ppp-bo(7570)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/7570.php" + } + ] + } +} \ No newline at end of file diff --git a/2001/1xxx/CVE-2001-1048.json b/2001/1xxx/CVE-2001-1048.json index 6149d5086f2..ece48bcf61e 100644 --- a/2001/1xxx/CVE-2001-1048.json +++ b/2001/1xxx/CVE-2001-1048.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-1048", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-1048", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20011002 results of semi-automatic source code audit", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html" - }, - { - "name" : "http://www.gospelcom.net/mnn/topher/awol/changelog.php", - "refsource" : "CONFIRM", - "url" : "http://www.gospelcom.net/mnn/topher/awol/changelog.php" - }, - { - "name" : "http://www.geocrawler.com/archives/3/14414/2001/9/0/6668723/", - "refsource" : "MISC", - "url" : "http://www.geocrawler.com/archives/3/14414/2001/9/0/6668723/" - }, - { - "name" : "3387", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/3387" - }, - { - "name" : "php-includedir-code-execution(7215)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/7215.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20011002 results of semi-automatic source code audit", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html" + }, + { + "name": "php-includedir-code-execution(7215)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/7215.php" + }, + { + "name": "3387", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/3387" + }, + { + "name": "http://www.geocrawler.com/archives/3/14414/2001/9/0/6668723/", + "refsource": "MISC", + "url": "http://www.geocrawler.com/archives/3/14414/2001/9/0/6668723/" + }, + { + "name": "http://www.gospelcom.net/mnn/topher/awol/changelog.php", + "refsource": "CONFIRM", + "url": "http://www.gospelcom.net/mnn/topher/awol/changelog.php" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2407.json b/2006/2xxx/CVE-2006-2407.json index a3daaac9d56..6f2a1c2edab 100644 --- a/2006/2xxx/CVE-2006-2407.json +++ b/2006/2xxx/CVE-2006-2407.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2407", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2407", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060517 Re:POC exploit for freeFTPd 1.0.10", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434415/30/4920/threaded" - }, - { - "name" : "20060514 POC exploit for freeSSHd version 1.0.9", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=114764338702488&w=2" - }, - { - "name" : "20060514 POC exploit for freeSSHd version 1.0.9", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434007/100/0/threaded" - }, - { - "name" : "20060515 Re: [Full-disclosure] POC exploit for freeSSHd version 1.0.9", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434038/100/0/threaded" - }, - { - "name" : "20060517 POC exploit for freeFTPd 1.0.10", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434402/100/0/threaded" - }, - { - "name" : "20060517 BUGTRAQ:20060517 Re:POC exploit for freeFTPd 1.0.10", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/434415/100/0/threaded" - }, - { - "name" : "VU#477960", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/477960" - }, - { - "name" : "17958", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17958" - }, - { - "name" : "ADV-2006-1785", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1785" - }, - { - "name" : "ADV-2006-1786", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1786" - }, - { - "name" : "ADV-2006-1842", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1842" - }, - { - "name" : "25463", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/25463" - }, - { - "name" : "25569", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/25569" - }, - { - "name" : "19845", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19845" - }, - { - "name" : "19846", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19846" - }, - { - "name" : "20136", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20136" - }, - { - "name" : "901", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/901" - }, - { - "name" : "freesshd-key-exchange-bo(26442)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26442" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19846", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19846" + }, + { + "name": "25569", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/25569" + }, + { + "name": "20060514 POC exploit for freeSSHd version 1.0.9", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434007/100/0/threaded" + }, + { + "name": "20060517 POC exploit for freeFTPd 1.0.10", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434402/100/0/threaded" + }, + { + "name": "ADV-2006-1786", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1786" + }, + { + "name": "901", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/901" + }, + { + "name": "freesshd-key-exchange-bo(26442)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26442" + }, + { + "name": "20060517 BUGTRAQ:20060517 Re:POC exploit for freeFTPd 1.0.10", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434415/100/0/threaded" + }, + { + "name": "19845", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19845" + }, + { + "name": "VU#477960", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/477960" + }, + { + "name": "20060517 Re:POC exploit for freeFTPd 1.0.10", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434415/30/4920/threaded" + }, + { + "name": "25463", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/25463" + }, + { + "name": "20060514 POC exploit for freeSSHd version 1.0.9", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=114764338702488&w=2" + }, + { + "name": "20136", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20136" + }, + { + "name": "ADV-2006-1842", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1842" + }, + { + "name": "ADV-2006-1785", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1785" + }, + { + "name": "17958", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17958" + }, + { + "name": "20060515 Re: [Full-disclosure] POC exploit for freeSSHd version 1.0.9", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/434038/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2669.json b/2006/2xxx/CVE-2006-2669.json index 0fec4f8a7fb..ea927f95a2d 100644 --- a/2006/2xxx/CVE-2006-2669.json +++ b/2006/2xxx/CVE-2006-2669.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2669", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping Mall 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter in search.php (the \"search box\"), (2) the prodid parameter in detail.php, and the (3) cid parameter in products.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2669", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060524 Pre Shopping Mall v1.0", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/435018/100/0/threaded" - }, - { - "name" : "18706", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18706" - }, - { - "name" : "ADV-2006-1991", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1991" - }, - { - "name" : "26081", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/26081" - }, - { - "name" : "26082", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/26082" - }, - { - "name" : "26080", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/26080" - }, - { - "name" : "20295", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20295" - }, - { - "name" : "990", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/990" - }, - { - "name" : "preshoppingmall-multiple-xss(26690)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26690" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Pre Shopping Mall 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) search parameter in search.php (the \"search box\"), (2) the prodid parameter in detail.php, and the (3) cid parameter in products.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20060524 Pre Shopping Mall v1.0", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/435018/100/0/threaded" + }, + { + "name": "26082", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/26082" + }, + { + "name": "20295", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20295" + }, + { + "name": "990", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/990" + }, + { + "name": "preshoppingmall-multiple-xss(26690)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26690" + }, + { + "name": "18706", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18706" + }, + { + "name": "ADV-2006-1991", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1991" + }, + { + "name": "26080", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/26080" + }, + { + "name": "26081", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/26081" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2771.json b/2006/2xxx/CVE-2006-2771.json index 5c770efd139..5c878c1097c 100644 --- a/2006/2xxx/CVE-2006-2771.json +++ b/2006/2xxx/CVE-2006-2771.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2771", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2771", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://colander.altervista.org/advisory/HTGuestBook2.txt", - "refsource" : "MISC", - "url" : "http://colander.altervista.org/advisory/HTGuestBook2.txt" - }, - { - "name" : "18205", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/18205" - }, - { - "name" : "ADV-2006-2082", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2082" - }, - { - "name" : "20402", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20402" - }, - { - "name" : "hogstorp-guestbook-redigera2-security-bypass(26979)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26979" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "admin/radera/tabort.asp in Hogstorps hogstorp guestbook 2.0 does not verify user credentials, which allows remote attackers to delete arbitrary posts via a modified delID parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://colander.altervista.org/advisory/HTGuestBook2.txt", + "refsource": "MISC", + "url": "http://colander.altervista.org/advisory/HTGuestBook2.txt" + }, + { + "name": "ADV-2006-2082", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2082" + }, + { + "name": "hogstorp-guestbook-redigera2-security-bypass(26979)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26979" + }, + { + "name": "20402", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20402" + }, + { + "name": "18205", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/18205" + } + ] + } +} \ No newline at end of file diff --git a/2006/2xxx/CVE-2006-2975.json b/2006/2xxx/CVE-2006-2975.json index 33d4383f0c4..ab74a9e53ca 100644 --- a/2006/2xxx/CVE-2006-2975.json +++ b/2006/2xxx/CVE-2006-2975.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-2975", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS protection mechanisms that check for SCRIPT tags but not IMG. NOTE: portions of this description's details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-2975", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060607 PBL Guestbook v1.31 - XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/436408/100/0/threaded" - }, - { - "name" : "ADV-2006-2221", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/2221" - }, - { - "name" : "20526", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20526" - }, - { - "name" : "1088", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/1088" - }, - { - "name" : "pblguestbook-multiple-xss(27006)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27006" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS protection mechanisms that check for SCRIPT tags but not IMG. NOTE: portions of this description's details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20526", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20526" + }, + { + "name": "ADV-2006-2221", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/2221" + }, + { + "name": "pblguestbook-multiple-xss(27006)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27006" + }, + { + "name": "20060607 PBL Guestbook v1.31 - XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/436408/100/0/threaded" + }, + { + "name": "1088", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/1088" + } + ] + } +} \ No newline at end of file diff --git a/2006/6xxx/CVE-2006-6143.json b/2006/6xxx/CVE-2006-6143.json index 139678fe959..54635b461de 100644 --- a/2006/6xxx/CVE-2006-6143.json +++ b/2006/6xxx/CVE-2006-6143.json @@ -1,202 +1,202 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-6143", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-6143", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070109 MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/456406/100/0/threaded" - }, - { - "name" : "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt", - "refsource" : "CONFIRM", - "url" : "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-925", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-925" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=305391", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305391" - }, - { - "name" : "APPLE-SA-2007-04-19", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" - }, - { - "name" : "FEDORA-2007-033", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2375" - }, - { - "name" : "FEDORA-2007-034", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2376" - }, - { - "name" : "GLSA-200701-21", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200701-21.xml" - }, - { - "name" : "MDKSA-2007:008", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:008" - }, - { - "name" : "OpenPKG-SA-2007.006", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.html" - }, - { - "name" : "SUSE-SA:2007:004", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.html" - }, - { - "name" : "USN-408-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-408-1" - }, - { - "name" : "TA07-009B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-009B.html" - }, - { - "name" : "TA07-109A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" - }, - { - "name" : "VU#481564", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/481564" - }, - { - "name" : "21970", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21970" - }, - { - "name" : "ADV-2007-0111", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0111" - }, - { - "name" : "ADV-2007-1470", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1470" - }, - { - "name" : "31281", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31281" - }, - { - "name" : "1017493", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017493" - }, - { - "name" : "23696", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23696" - }, - { - "name" : "23701", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23701" - }, - { - "name" : "23706", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23706" - }, - { - "name" : "23707", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23707" - }, - { - "name" : "23667", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23667" - }, - { - "name" : "23772", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23772" - }, - { - "name" : "23903", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23903" - }, - { - "name" : "24966", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24966" - }, - { - "name" : "kerberos-rpc-code-execution(31422)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31422" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017493", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017493" + }, + { + "name": "FEDORA-2007-034", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2376" + }, + { + "name": "31281", + "refsource": "OSVDB", + "url": "http://osvdb.org/31281" + }, + { + "name": "24966", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24966" + }, + { + "name": "VU#481564", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/481564" + }, + { + "name": "USN-408-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-408-1" + }, + { + "name": "TA07-009B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-009B.html" + }, + { + "name": "23696", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23696" + }, + { + "name": "SUSE-SA:2007:004", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0004.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305391", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305391" + }, + { + "name": "23706", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23706" + }, + { + "name": "MDKSA-2007:008", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:008" + }, + { + "name": "23903", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23903" + }, + { + "name": "21970", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21970" + }, + { + "name": "23667", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23667" + }, + { + "name": "GLSA-200701-21", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200701-21.xml" + }, + { + "name": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt", + "refsource": "CONFIRM", + "url": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-002-rpc.txt" + }, + { + "name": "OpenPKG-SA-2007.006", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.006.html" + }, + { + "name": "FEDORA-2007-033", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2375" + }, + { + "name": "TA07-109A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" + }, + { + "name": "https://issues.rpath.com/browse/RPL-925", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-925" + }, + { + "name": "23707", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23707" + }, + { + "name": "ADV-2007-0111", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0111" + }, + { + "name": "20070109 MITKRB5-SA-2006-002: kadmind (via RPC lib) calls uninitialized function pointer", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/456406/100/0/threaded" + }, + { + "name": "23772", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23772" + }, + { + "name": "23701", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23701" + }, + { + "name": "APPLE-SA-2007-04-19", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" + }, + { + "name": "ADV-2007-1470", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1470" + }, + { + "name": "kerberos-rpc-code-execution(31422)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31422" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5352.json b/2008/5xxx/CVE-2008-5352.json index 2c8d1657a38..9ea417a5354 100644 --- a/2008/5xxx/CVE-2008-5352.json +++ b/2008/5xxx/CVE-2008-5352.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5352", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5352", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm" - }, - { - "name" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=", - "refsource" : "CONFIRM", - "url" : "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=" - }, - { - "name" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf", - "refsource" : "CONFIRM", - "url" : "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf" - }, - { - "name" : "GLSA-200911-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200911-02.xml" - }, - { - "name" : "RHSA-2008:1018", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2008-1018.html" - }, - { - "name" : "RHSA-2008:1025", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2008-1025.html" - }, - { - "name" : "RHSA-2009:0015", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-0015.html" - }, - { - "name" : "RHSA-2009:0016", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-0016.html" - }, - { - "name" : "RHSA-2009:0466", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2009-0466.html" - }, - { - "name" : "244992", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-244992-1" - }, - { - "name" : "20081204 Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=759" - }, - { - "name" : "SUSE-SA:2009:007", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html" - }, - { - "name" : "SUSE-SR:2009:006", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html" - }, - { - "name" : "TA08-340A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA08-340A.html" - }, - { - "name" : "32608", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32608" - }, - { - "name" : "50501", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/50501" - }, - { - "name" : "oval:org.mitre.oval:def:6383", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6383" - }, - { - "name" : "1021312", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021312" - }, - { - "name" : "34259", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34259" - }, - { - "name" : "34972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34972" - }, - { - "name" : "37386", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37386" - }, - { - "name" : "ADV-2008-3339", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/3339" - }, - { - "name" : "32991", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32991" - }, - { - "name" : "33015", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33015" - }, - { - "name" : "33710", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33710" - }, - { - "name" : "33709", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33709" - }, - { - "name" : "33528", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll) in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier, and JDK and JRE 5.0 Update 16 and earlier, allows untrusted applications and applets to gain privileges via a Pack200 compressed JAR file that triggers a heap-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34259", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34259" + }, + { + "name": "RHSA-2008:1018", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2008-1018.html" + }, + { + "name": "33015", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33015" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-012.htm" + }, + { + "name": "GLSA-200911-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml" + }, + { + "name": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf", + "refsource": "CONFIRM", + "url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/03/024431-01.pdf" + }, + { + "name": "SUSE-SA:2009:007", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00009.html" + }, + { + "name": "34972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34972" + }, + { + "name": "RHSA-2009:0466", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2009-0466.html" + }, + { + "name": "SUSE-SR:2009:006", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html" + }, + { + "name": "33528", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33528" + }, + { + "name": "RHSA-2008:1025", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2008-1025.html" + }, + { + "name": "244992", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-244992-1" + }, + { + "name": "ADV-2008-3339", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/3339" + }, + { + "name": "RHSA-2009:0016", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-0016.html" + }, + { + "name": "TA08-340A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA08-340A.html" + }, + { + "name": "33709", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33709" + }, + { + "name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=", + "refsource": "CONFIRM", + "url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=829914&poid=" + }, + { + "name": "RHSA-2009:0015", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-0015.html" + }, + { + "name": "50501", + "refsource": "OSVDB", + "url": "http://osvdb.org/50501" + }, + { + "name": "32991", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32991" + }, + { + "name": "20081204 Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=759" + }, + { + "name": "oval:org.mitre.oval:def:6383", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6383" + }, + { + "name": "32608", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32608" + }, + { + "name": "1021312", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021312" + }, + { + "name": "37386", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37386" + }, + { + "name": "33710", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33710" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5460.json b/2008/5xxx/CVE-2008-5460.json index a3a3b9c1a3f..f493dff12d1 100644 --- a/2008/5xxx/CVE-2008-5460.json +++ b/2008/5xxx/CVE-2008-5460.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5460", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect confidentiality via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2008-5460", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html" - }, - { - "name" : "33177", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33177" - }, - { - "name" : "ADV-2009-0115", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0115" - }, - { - "name" : "1021571", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021571" - }, - { - "name" : "33526", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33526" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect confidentiality via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33526", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33526" + }, + { + "name": "ADV-2009-0115", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0115" + }, + { + "name": "1021571", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021571" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html" + }, + { + "name": "33177", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33177" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2156.json b/2011/2xxx/CVE-2011-2156.json index eb6eb732157..41785783272 100644 --- a/2011/2xxx/CVE-2011-2156.json +++ b/2011/2xxx/CVE-2011-2156.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2156", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SmarterTools SmarterStats 6.0 web server allows remote attackers to obtain directory listings via a direct request for the (1) Admin/, (2) Admin/Defaults/, (3) Admin/GettingStarted/, (4) Admin/Popups/, (5) App_Themes/, (6) Client/, (7) Client/Popups/, (8) Services/, (9) Temp/, (10) UserControls/, (11) UserControls/PanelBarTemplates/, (12) UserControls/Popups/, (13) aspnet_client/, or (14) aspnet_client/system_web/ directory name, or (15) certain directory names under App_Themes/Default/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-2156", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.kb.cert.org/vuls/id/MORO-8GYQR4", - "refsource" : "MISC", - "url" : "http://www.kb.cert.org/vuls/id/MORO-8GYQR4" - }, - { - "name" : "http://xss.cx/examples/smarterstats-60-oscommandinjection-directorytraversal-xml-sqlinjection.html.html", - "refsource" : "MISC", - "url" : "http://xss.cx/examples/smarterstats-60-oscommandinjection-directorytraversal-xml-sqlinjection.html.html" - }, - { - "name" : "VU#240150", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/240150" - }, - { - "name" : "smarterstats-admin-info-disclosure(67826)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67826" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SmarterTools SmarterStats 6.0 web server allows remote attackers to obtain directory listings via a direct request for the (1) Admin/, (2) Admin/Defaults/, (3) Admin/GettingStarted/, (4) Admin/Popups/, (5) App_Themes/, (6) Client/, (7) Client/Popups/, (8) Services/, (9) Temp/, (10) UserControls/, (11) UserControls/PanelBarTemplates/, (12) UserControls/Popups/, (13) aspnet_client/, or (14) aspnet_client/system_web/ directory name, or (15) certain directory names under App_Themes/Default/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "smarterstats-admin-info-disclosure(67826)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67826" + }, + { + "name": "http://xss.cx/examples/smarterstats-60-oscommandinjection-directorytraversal-xml-sqlinjection.html.html", + "refsource": "MISC", + "url": "http://xss.cx/examples/smarterstats-60-oscommandinjection-directorytraversal-xml-sqlinjection.html.html" + }, + { + "name": "http://www.kb.cert.org/vuls/id/MORO-8GYQR4", + "refsource": "MISC", + "url": "http://www.kb.cert.org/vuls/id/MORO-8GYQR4" + }, + { + "name": "VU#240150", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/240150" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2326.json b/2011/2xxx/CVE-2011-2326.json index 7ffcc89c6b1..83d12f9f750 100644 --- a/2011/2xxx/CVE-2011-2326.json +++ b/2011/2xxx/CVE-2011-2326.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2326", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDENET), a different vulnerability than CVE-2011-2325, CVE-2011-3509, and CVE-2011-3524." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2011-2326", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the EnterpriseOne Tools component in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to affect confidentiality, related to Enterprise Infrastructure SEC (JDENET), a different vulnerability than CVE-2011-2325, CVE-2011-3509, and CVE-2011-3524." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2328.json b/2011/2xxx/CVE-2011-2328.json index 507fc347a48..acbe3dfa0e1 100644 --- a/2011/2xxx/CVE-2011-2328.json +++ b/2011/2xxx/CVE-2011-2328.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2328", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-2328", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#987308", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/987308" - }, - { - "name" : "48073", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/48073" - }, - { - "name" : "loadrunner-virtualuser-bo(67783)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67783" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in HP LoadRunner allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a .usr (aka Virtual User script) file with long directives." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#987308", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/987308" + }, + { + "name": "48073", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/48073" + }, + { + "name": "loadrunner-virtualuser-bo(67783)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67783" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3104.json b/2011/3xxx/CVE-2011-3104.json index 7aff7160328..7fa6e5a3190 100644 --- a/2011/3xxx/CVE-2011-3104.json +++ b/2011/3xxx/CVE-2011-3104.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3104", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2011-3104", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=118018", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=118018" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html" - }, - { - "name" : "GLSA-201205-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201205-04.xml" - }, - { - "name" : "53679", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/53679" - }, - { - "name" : "oval:org.mitre.oval:def:15471", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15471" - }, - { - "name" : "1027098", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1027098" - }, - { - "name" : "49277", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49277" - }, - { - "name" : "49306", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/49306" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201205-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201205-04.xml" + }, + { + "name": "53679", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/53679" + }, + { + "name": "http://code.google.com/p/chromium/issues/detail?id=118018", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=118018" + }, + { + "name": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html" + }, + { + "name": "1027098", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1027098" + }, + { + "name": "49306", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49306" + }, + { + "name": "oval:org.mitre.oval:def:15471", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15471" + }, + { + "name": "49277", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/49277" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3244.json b/2011/3xxx/CVE-2011-3244.json index 4df147f7729..1ed3c3b6290 100644 --- a/2011/3xxx/CVE-2011-3244.json +++ b/2011/3xxx/CVE-2011-3244.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2011-3244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4981", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4981" - }, - { - "name" : "http://support.apple.com/kb/HT4999", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4999" - }, - { - "name" : "APPLE-SA-2011-10-11-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" - }, - { - "name" : "APPLE-SA-2011-10-12-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" - }, - { - "name" : "50066", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/50066" - }, - { - "name" : "76352", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/76352" - }, - { - "name" : "oval:org.mitre.oval:def:17355", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17355" - }, - { - "name" : "itunes-webkit-mem-ce(70518)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/70518" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-10-11-1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "itunes-webkit-mem-ce(70518)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70518" + }, + { + "name": "http://support.apple.com/kb/HT4981", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4981" + }, + { + "name": "APPLE-SA-2011-10-12-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html" + }, + { + "name": "APPLE-SA-2011-10-11-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html" + }, + { + "name": "50066", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/50066" + }, + { + "name": "http://support.apple.com/kb/HT4999", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4999" + }, + { + "name": "oval:org.mitre.oval:def:17355", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17355" + }, + { + "name": "76352", + "refsource": "OSVDB", + "url": "http://osvdb.org/76352" + } + ] + } +} \ No newline at end of file diff --git a/2011/3xxx/CVE-2011-3623.json b/2011/3xxx/CVE-2011-3623.json index 7657517c61a..a7ddeea0940 100644 --- a/2011/3xxx/CVE-2011-3623.json +++ b/2011/3xxx/CVE-2011-3623.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-3623", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote attackers to execute arbitrary code via (1) a crafted ASF file, related to the ASF_ObjectDumpDebug function in modules/demux/asf/libasf.c; (2) a crafted AVI file, related to the AVI_ChunkDumpDebug_level function in modules/demux/avi/libavi.c; or (3) a crafted MP4 file, related to the __MP4_BoxDumpStructure function in modules/demux/mp4/libmp4.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2011-3623", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20111018 Re: CVE requests: