admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:31:49 +00:00
parent 5f8716a7dd
commit 3195d5440f
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
55 changed files with 3166 additions and 3166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
2002/0xxx/CVE-2002-0021.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0021",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0021",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Network Product Identification (PID) Checker in Microsoft Office v. X for Mac allows remote attackers to cause a denial of service (crash) via a malformed product announcement."
"lang": "eng",
"value": "Network Product Identification (PID) Checker in Microsoft Office v. X for Mac allows remote attackers to cause a denial of service (crash) via a malformed product announcement."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS02-002",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-002"
"name": "MS02-002",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-002"
},
{
"name" : "4045",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4045"
"name": "2041",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/2041"
},
{
"name" : "2041",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/2041"
"name": "4045",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4045"
}
]
}

80
2002/0xxx/CVE-2002-0613.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-0613",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0613",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters."
"lang": "eng",
"value": "dnstools.php for DNSTools 2.0 beta 4 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user_logged_in or user_dnstools_administrator parameters."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020428 dnstools: authentication bypass vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2002-04/0390.html"
"name": "dnstools-auth-bypass(8948)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8948.php"
},
{
"name" : "http://www.dnstools.com/dnstools_2.0.1.tar.gz",
"refsource" : "CONFIRM",
"url" : "http://www.dnstools.com/dnstools_2.0.1.tar.gz"
"name": "4617",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4617"
},
{
"name" : "4617",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/4617"
"name": "http://www.dnstools.com/dnstools_2.0.1.tar.gz",
"refsource": "CONFIRM",
"url": "http://www.dnstools.com/dnstools_2.0.1.tar.gz"
},
{
"name" : "dnstools-auth-bypass(8948)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/8948.php"
"name": "20020428 dnstools: authentication bypass vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-04/0390.html"
}
]
}

80
2002/1xxx/CVE-2002-1633.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1633",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1633",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple buffer overflows in QNX 4.25 may allow local users to execute arbitrary code via long command line arguments to (1) sample, (2) ex, (3) du, (4) find, (5) lex, (6) mkdir, (7) rm, (8) serserv, (9) tcpserv, (10) termdef, (11) time, (12) unzip, (13) use, (14) wcc, (15) wcc386, (16) wd, (17) wdisasm, (18) which, (19) wlib, (20) wlink, (21) wpp, (22) wpp386, (23) wprof, (24) write, or (25) wstrip."
"lang": "eng",
"value": "Multiple buffer overflows in QNX 4.25 may allow local users to execute arbitrary code via long command line arguments to (1) sample, (2) ex, (3) du, (4) find, (5) lex, (6) mkdir, (7) rm, (8) serserv, (9) tcpserv, (10) termdef, (11) time, (12) unzip, (13) use, (14) wcc, (15) wcc386, (16) wd, (17) wdisasm, (18) which, (19) wlib, (20) wlink, (21) wpp, (22) wpp386, (23) wprof, (24) write, or (25) wstrip."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20020612 madcr: QnX 4.25 - multiples bof in suid/no suid files",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/276553"
"name": "VU#879386",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/879386"
},
{
"name" : "VU#879386",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/879386"
"name": "qnx-rtos-bin-bo(9341)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9341"
},
{
"name" : "5000",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/5000"
"name": "20020612 madcr: QnX 4.25 - multiples bof in suid/no suid files",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/276553"
},
{
"name" : "qnx-rtos-bin-bo(9341)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/9341"
"name": "5000",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5000"
}
]
}

74
2002/1xxx/CVE-2002-1868.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2002-1868",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1868",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields."
"lang": "eng",
"value": "Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.contactor.se/~dast/dispair/dispair.cgi?file=dispair-0.3.tar.gz&dir=&view=CHANGES",
"refsource" : "CONFIRM",
"url" : "http://www.contactor.se/~dast/dispair/dispair.cgi?file=dispair-0.3.tar.gz&dir=&view=CHANGES"
"name": "dispair-execute-commands(9787)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9787.php"
},
{
"name" : "5392",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/5392"
"name": "http://www.contactor.se/~dast/dispair/dispair.cgi?file=dispair-0.3.tar.gz&dir=&view=CHANGES",
"refsource": "CONFIRM",
"url": "http://www.contactor.se/~dast/dispair/dispair.cgi?file=dispair-0.3.tar.gz&dir=&view=CHANGES"
},
{
"name" : "dispair-execute-commands(9787)",
"refsource" : "XF",
"url" : "http://www.iss.net/security_center/static/9787.php"
"name": "5392",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5392"
}
]
}

74
2003/0xxx/CVE-2003-0007.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0007",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0007",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka \"Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure.\""
"lang": "eng",
"value": "Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka \"Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS03-003",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-003"
"name": "MS03-003",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-003"
},
{
"name" : "6667",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/6667"
"name": "outlook-v1-certificate-plaintext(11133)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11133"
},
{
"name" : "outlook-v1-certificate-plaintext(11133)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/11133"
"name": "6667",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6667"
}
]
}

22
2003/0xxx/CVE-2003-0186.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0186",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0186",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2003/0xxx/CVE-2003-0220.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0220",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0220",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet."
"lang": "eng",
"value": "Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030428 CORE-2003-0305-02: Vulnerabilities in Kerio Personal Firewall",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=105155734411836&w=2"
"name": "VU#454716",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/454716"
},
{
"name" : "http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10",
"refsource" : "MISC",
"url" : "http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10"
"name": "7180",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7180"
},
{
"name" : "VU#454716",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/454716"
"name": "20030428 CORE-2003-0305-02: Vulnerabilities in Kerio Personal Firewall",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105155734411836&w=2"
},
{
"name" : "7180",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/7180"
"name": "http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10",
"refsource": "MISC",
"url": "http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10"
}
]
}

80
2003/0xxx/CVE-2003-0231.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0231",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0231",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe."
"lang": "eng",
"value": "Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "A072303-2",
"refsource" : "ATSTAKE",
"url" : "http://www.atstake.com/research/advisories/2003/a072303-2.txt"
"name": "A072303-2",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2003/a072303-2.txt"
},
{
"name" : "MS03-031",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-031"
"name": "oval:org.mitre.oval:def:299",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A299"
},
{
"name" : "VU#918652",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/918652"
"name": "MS03-031",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-031"
},
{
"name" : "oval:org.mitre.oval:def:299",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A299"
"name": "VU#918652",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/918652"
}
]
}

86
2003/0xxx/CVE-2003-0507.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-0507",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0507",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) \"AND,\" (2) \"OR,\" and possibly other statements, which causes LSASS.EXE to crash."
"lang": "eng",
"value": "Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) \"AND,\" (2) \"OR,\" and possibly other statements, which causes LSASS.EXE to crash."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20030702 CORE-2003-0305-03: Active Directory Stack Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=105716669921775&w=2"
"name": "Q319709",
"refsource": "MSKB",
"url": "http://support.microsoft.com/default.aspx?kbid=319709"
},
{
"name" : "Q319709",
"refsource" : "MSKB",
"url" : "http://support.microsoft.com/default.aspx?kbid=319709"
"name": "7930",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7930"
},
{
"name" : "VU#594108",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/594108"
"name": "20030702 CORE-2003-0305-03: Active Directory Stack Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=105716669921775&w=2"
},
{
"name" : "7930",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/7930"
"name": "9171",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/9171"
},
{
"name" : "9171",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/9171"
"name": "VU#594108",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/594108"
}
]
}

98
2003/1xxx/CVE-2003-1144.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-1144",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1144",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name."
"lang": "eng",
"value": "Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20031104 Liteserve Buffer Overflow in Handling Server's Log.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/343322"
"name": "10136",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10136"
},
{
"name" : "20031103 Liteserve Buffer Overflow in Handling Server's Log",
"refsource" : "FULLDISC",
"url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013231.html"
"name": "1008093",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1008093"
},
{
"name" : "8971",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/8971"
"name": "2766",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/2766"
},
{
"name" : "2766",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/2766"
"name": "20031103 Liteserve Buffer Overflow in Handling Server's Log",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013231.html"
},
{
"name" : "1008093",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1008093"
"name": "20031104 Liteserve Buffer Overflow in Handling Server's Log.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/343322"
},
{
"name" : "10136",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/10136"
"name": "8971",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/8971"
},
{
"name" : "liteserve-log-entry-bo(13599)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/13599"
"name": "liteserve-log-entry-bo(13599)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13599"
}
]
}

62
2003/1xxx/CVE-2003-1323.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2003-1323",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1323",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group via unspecified vectors."
"lang": "eng",
"value": "Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.elmme-mailer.org/elm-2.4ME+PL109S.patch.gz",
"refsource" : "CONFIRM",
"url" : "http://www.elmme-mailer.org/elm-2.4ME+PL109S.patch.gz"
"name": "http://www.elmme-mailer.org/elm-2.4ME+PL109S.patch.gz",
"refsource": "CONFIRM",
"url": "http://www.elmme-mailer.org/elm-2.4ME+PL109S.patch.gz"
}
]
}

110
2012/0xxx/CVE-2012-0468.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-0468",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0468",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function."
"lang": "eng",
"value": "The browser engine in Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 allows remote attackers to cause a denial of service (assertion failure and memory corruption) or possibly execute arbitrary code via vectors related to jsval.h and the js::array_shift function."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.mozilla.org/security/announce/2012/mfsa2012-20.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2012/mfsa2012-20.html"
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=714616",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=714616"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=714616",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=714616"
"name": "oval:org.mitre.oval:def:16771",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16771"
},
{
"name" : "MDVSA-2012:066",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:066"
"name": "http://www.mozilla.org/security/announce/2012/mfsa2012-20.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2012/mfsa2012-20.html"
},
{
"name" : "MDVSA-2012:081",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2012:081"
"name": "49055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49055"
},
{
"name" : "53221",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/53221"
"name": "MDVSA-2012:081",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:081"
},
{
"name" : "oval:org.mitre.oval:def:16771",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16771"
"name": "48972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48972"
},
{
"name" : "48972",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48972"
"name": "MDVSA-2012:066",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:066"
},
{
"name" : "49047",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/49047"
"name": "49047",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49047"
},
{
"name" : "49055",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/49055"
"name": "53221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53221"
}
]
}

86
2012/0xxx/CVE-2012-0918.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-0918",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0918",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Hitachi COBOL2002 Net Developer, Net Server Suite, and Net Client Suite 01-00, 01-01 through 01-01-/D, 01-02 through 01-02-/F, 01-03 through 01-03-/F, 02-00 through 02-00-/D, 02-01 through 02-01-/C, and possibly other versions before 02-01-/D allows remote attackers to execute arbitrary code via unknown attack vectors."
"lang": "eng",
"value": "Unspecified vulnerability in Hitachi COBOL2002 Net Developer, Net Server Suite, and Net Client Suite 01-00, 01-01 through 01-01-/D, 01-02 through 01-02-/F, 01-03 through 01-03-/F, 02-00 through 02-00-/D, 02-01 through 02-01-/C, and possibly other versions before 02-01-/D allows remote attackers to execute arbitrary code via unknown attack vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-002/index.html",
"refsource" : "CONFIRM",
"url" : "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-002/index.html"
"name": "hitachi-cobol2002-unspec-code-exec(72558)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72558"
},
{
"name" : "51580",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/51580"
"name": "47643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47643"
},
{
"name" : "47612",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47612"
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-002/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-002/index.html"
},
{
"name" : "47643",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47643"
"name": "47612",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47612"
},
{
"name" : "hitachi-cobol2002-unspec-code-exec(72558)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72558"
"name": "51580",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51580"
}
]
}

22
2012/0xxx/CVE-2012-0952.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-0952",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0952",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

80
2012/1xxx/CVE-2012-1067.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1067",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1067",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
"lang": "eng",
"value": "SQL injection vulnerability in the WP-RecentComments plugin 2.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter in an rc-content action to index.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "51859",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/51859"
"name": "78820",
"refsource": "OSVDB",
"url": "http://osvdb.org/78820"
},
{
"name" : "78820",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/78820"
"name": "47870",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47870"
},
{
"name" : "47870",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47870"
"name": "wprecentcomments-index-sql-injection(72951)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72951"
},
{
"name" : "wprecentcomments-index-sql-injection(72951)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/72951"
"name": "51859",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51859"
}
]
}

86
2012/1xxx/CVE-2012-1205.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1205",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1205",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin before 0.20 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in relocate-upload.php in Relocate Upload plugin before 0.20 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://plugins.trac.wordpress.org/changeset/504380/relocate-upload",
"refsource" : "CONFIRM",
"url" : "http://plugins.trac.wordpress.org/changeset/504380/relocate-upload"
"name": "47976",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47976"
},
{
"name" : "http://wordpress.org/extend/plugins/relocate-upload/changelog/",
"refsource" : "CONFIRM",
"url" : "http://wordpress.org/extend/plugins/relocate-upload/changelog/"
"name": "http://wordpress.org/extend/plugins/relocate-upload/changelog/",
"refsource": "CONFIRM",
"url": "http://wordpress.org/extend/plugins/relocate-upload/changelog/"
},
{
"name" : "49693",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/49693"
"name": "79250",
"refsource": "OSVDB",
"url": "http://osvdb.org/79250"
},
{
"name" : "79250",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/79250"
"name": "49693",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49693"
},
{
"name" : "47976",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47976"
"name": "http://plugins.trac.wordpress.org/changeset/504380/relocate-upload",
"refsource": "CONFIRM",
"url": "http://plugins.trac.wordpress.org/changeset/504380/relocate-upload"
}
]
}

98
2012/1xxx/CVE-2012-1692.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1692",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-1692",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability, related to SCTP."
"lang": "eng",
"value": "Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect availability, related to SCTP."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html"
"name": "51388",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51388"
},
{
"name" : "https://downloads.avaya.com/css/P8/documents/100161091",
"refsource" : "CONFIRM",
"url" : "https://downloads.avaya.com/css/P8/documents/100161091"
"name": "53125",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53125"
},
{
"name" : "MDVSA-2013:150",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
"name": "https://downloads.avaya.com/css/P8/documents/100161091",
"refsource": "CONFIRM",
"url": "https://downloads.avaya.com/css/P8/documents/100161091"
},
{
"name" : "53125",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/53125"
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html"
},
{
"name" : "1026940",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026940"
"name": "1026940",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026940"
},
{
"name" : "48809",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/48809"
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name" : "51388",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51388"
"name": "48809",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48809"
}
]
}

128
2012/1xxx/CVE-2012-1770.json
View File

@ -1,116 +1,116 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-1770",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-1770",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110."
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
"name": "http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx",
"refsource": "CONFIRM",
"url": "http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx"
},
{
"name" : "http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx",
"refsource" : "CONFIRM",
"url" : "http://blogs.technet.com/b/srd/archive/2012/07/24/more-information-on-security-advisory-2737111.aspx"
"name": "outsideintechnology-outside-dos(77003)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77003"
},
{
"name" : "http://technet.microsoft.com/security/advisory/2737111",
"refsource" : "CONFIRM",
"url" : "http://technet.microsoft.com/security/advisory/2737111"
"name": "1027264",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027264"
},
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21660640",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21660640"
"name": "oval:org.mitre.oval:def:14882",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14882"
},
{
"name" : "MDVSA-2013:150",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21660640",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660640"
},
{
"name" : "MS12-067",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067"
"name": "VU#118913",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/118913"
},
{
"name" : "MS12-058",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058"
"name": "MS12-058",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-058"
},
{
"name" : "VU#118913",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/118913"
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
},
{
"name" : "54541",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/54541"
"name": "MS12-067",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-067"
},
{
"name" : "oval:org.mitre.oval:def:14882",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14882"
"name": "54541",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54541"
},
{
"name" : "1027264",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1027264"
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name" : "outsideintechnology-outside-dos(77003)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/77003"
"name": "http://technet.microsoft.com/security/advisory/2737111",
"refsource": "CONFIRM",
"url": "http://technet.microsoft.com/security/advisory/2737111"
}
]
}

122
2012/3xxx/CVE-2012-3748.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3748",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2012-3748",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays."
"lang": "eng",
"value": "Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20121101 APPLE-SA-2012-11-01-1 iOS 6.0.1",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html"
"name": "51445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51445"
},
{
"name" : "20121101 APPLE-SA-2012-11-01-2 Safari 6.0.2",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2012-11/0013.html"
"name": "http://support.apple.com/kb/HT5567",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5567"
},
{
"name" : "http://support.apple.com/kb/HT5567",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5567"
"name": "APPLE-SA-2013-09-12-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00003.html"
},
{
"name" : "http://support.apple.com/kb/HT5568",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5568"
"name": "APPLE-SA-2012-11-01-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html"
},
{
"name" : "http://support.apple.com/kb/HT5598",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5598"
"name": "APPLE-SA-2012-11-01-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Nov/msg00001.html"
},
{
"name" : "http://support.apple.com/kb/HT5921",
"refsource" : "CONFIRM",
"url" : "http://support.apple.com/kb/HT5921"
"name": "http://support.apple.com/kb/HT5921",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5921"
},
{
"name" : "APPLE-SA-2012-11-01-1",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html"
"name": "56362",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56362"
},
{
"name" : "APPLE-SA-2012-11-01-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2012/Nov/msg00001.html"
"name": "http://support.apple.com/kb/HT5568",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5568"
},
{
"name" : "APPLE-SA-2013-09-12-2",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2013/Sep/msg00003.html"
"name": "20121101 APPLE-SA-2012-11-01-1 iOS 6.0.1",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0012.html"
},
{
"name" : "56362",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/56362"
"name": "20121101 APPLE-SA-2012-11-01-2 Safari 6.0.2",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0013.html"
},
{
"name" : "51445",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51445"
"name": "http://support.apple.com/kb/HT5598",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5598"
}
]
}

22
2012/3xxx/CVE-2012-3903.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-3903",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3903",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2012/4xxx/CVE-2012-4131.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4131",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-4131",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164."
"lang": "eng",
"value": "Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20131219 Cisco NX-OS Arbitrary File Access Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4131"
"name": "20131219 Cisco NX-OS Arbitrary File Access Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4131"
}
]
}

68
2012/4xxx/CVE-2012-4352.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4352",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4352",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork 6.1 before SP1 allow remote attackers to inject arbitrary web script or HTML via the blogName parameter to (1) community/blog.jsp or (2) community/blogSearch.jsp, the (3) calendarType or (4) monthNumber parameter to community/calendar.jsp, or the (5) flag parameter to swDashboard/ajax/setAppFlag.jsp."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork 6.1 before SP1 allow remote attackers to inject arbitrary web script or HTML via the blogName parameter to (1) community/blog.jsp or (2) community/blogSearch.jsp, the (3) calendarType or (4) monthNumber parameter to community/calendar.jsp, or the (5) flag parameter to swDashboard/ajax/setAppFlag.jsp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://infosec42.blogspot.com/2012/10/stoneware-webnetwork-61-reflective-xss.html",
"refsource" : "MISC",
"url" : "http://infosec42.blogspot.com/2012/10/stoneware-webnetwork-61-reflective-xss.html"
"name": "http://stoneware-docs.s3.amazonaws.com/Bulletins/Security%20Bulletin%206_1_0.pdf",
"refsource": "CONFIRM",
"url": "http://stoneware-docs.s3.amazonaws.com/Bulletins/Security%20Bulletin%206_1_0.pdf"
},
{
"name" : "http://stoneware-docs.s3.amazonaws.com/Bulletins/Security%20Bulletin%206_1_0.pdf",
"refsource" : "CONFIRM",
"url" : "http://stoneware-docs.s3.amazonaws.com/Bulletins/Security%20Bulletin%206_1_0.pdf"
"name": "http://infosec42.blogspot.com/2012/10/stoneware-webnetwork-61-reflective-xss.html",
"refsource": "MISC",
"url": "http://infosec42.blogspot.com/2012/10/stoneware-webnetwork-61-reflective-xss.html"
}
]
}

92
2012/4xxx/CVE-2012-4529.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4529",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4529",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log."
"lang": "eng",
"value": "The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and earlier, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote attackers to obtain the session id (1) via a man-in-the-middle attack or (2) by reading a log."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://ocpsoft.org/support/topic/session-id-is-appended-as-url-path-parameter-in-very-first-request/",
"refsource" : "MISC",
"url" : "http://ocpsoft.org/support/topic/session-id-is-appended-as-url-path-parameter-in-very-first-request/"
"name": "RHSA-2013:0839",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0839.html"
},
{
"name" : "https://issues.jboss.org/browse/JBWEB-249",
"refsource" : "CONFIRM",
"url" : "https://issues.jboss.org/browse/JBWEB-249"
"name": "RHSA-2013:0833",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0833.html"
},
{
"name" : "RHSA-2013:0833",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0833.html"
"name": "RHSA-2013:1437",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1437.html"
},
{
"name" : "RHSA-2013:0834",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0834.html"
"name": "http://ocpsoft.org/support/topic/session-id-is-appended-as-url-path-parameter-in-very-first-request/",
"refsource": "MISC",
"url": "http://ocpsoft.org/support/topic/session-id-is-appended-as-url-path-parameter-in-very-first-request/"
},
{
"name" : "RHSA-2013:0839",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0839.html"
"name": "https://issues.jboss.org/browse/JBWEB-249",
"refsource": "CONFIRM",
"url": "https://issues.jboss.org/browse/JBWEB-249"
},
{
"name" : "RHSA-2013:1437",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2013-1437.html"
"name": "RHSA-2013:0834",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0834.html"
}
]
}

140
2012/4xxx/CVE-2012-4681.json
View File

@ -1,126 +1,126 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2012-4681",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4681",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class."
"lang": "eng",
"value": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html",
"refsource" : "MISC",
"url" : "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html"
"name": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html",
"refsource": "MISC",
"url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html"
},
{
"name" : "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/",
"refsource" : "MISC",
"url" : "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/"
"name": "SUSE-SU-2012:1398",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"name" : "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day",
"refsource" : "MISC",
"url" : "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day"
"name": "SUSE-SU-2012:1231",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
},
{
"name" : "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html",
"refsource" : "MISC",
"url" : "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html"
"name": "TA12-240A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA12-240A.html"
},
{
"name" : "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html",
"refsource" : "MISC",
"url" : "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html"
"name": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/",
"refsource": "MISC",
"url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/"
},
{
"name" : "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html"
"name": "SSRT100970",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=135109152819176&w=2"
},
{
"name" : "HPSBUX02824",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=135109152819176&w=2"
"name": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day"
},
{
"name" : "SSRT100970",
"refsource" : "HP",
"url" : "http://marc.info/?l=bugtraq&m=135109152819176&w=2"
"name": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html",
"refsource": "MISC",
"url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html"
},
{
"name" : "RHSA-2012:1225",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2012-1225.html"
"name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html"
},
{
"name" : "SUSE-SU-2012:1231",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
"name": "RHSA-2012:1225",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1225.html"
},
{
"name" : "SUSE-SU-2012:1398",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
"name": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html",
"refsource": "MISC",
"url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html"
},
{
"name" : "TA12-240A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA12-240A.html"
"name": "51044",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51044"
},
{
"name" : "55213",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/55213"
"name": "HPSBUX02824",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=135109152819176&w=2"
},
{
"name" : "51044",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/51044"
"name": "55213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55213"
}
]
}

22
2017/2xxx/CVE-2017-2024.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-2024",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-2024",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

74
2017/2xxx/CVE-2017-2119.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vultures@jpcert.or.jp",
"ID" : "CVE-2017-2119",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2119",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "WBCE CMS",
"version" : {
"version_data" : [
"product_name": "WBCE CMS",
"version": {
"version_data": [
{
"version_value" : "1.1.10 and earlier"
"version_value": "1.1.10 and earlier"
}
]
}
}
]
},
"vendor_name" : "WBCE Team"
"vendor_name": "WBCE Team"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in WBCE CMS 1.1.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
"lang": "eng",
"value": "Directory traversal vulnerability in WBCE CMS 1.1.10 and earlier allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Directory traversal"
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://forum.wbce.org/viewtopic.php?id=977",
"refsource" : "MISC",
"url" : "https://forum.wbce.org/viewtopic.php?id=977"
"name": "JVN#73083905",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN73083905/index.html"
},
{
"name" : "JVN#73083905",
"refsource" : "JVN",
"url" : "http://jvn.jp/en/jp/JVN73083905/index.html"
"name": "96467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96467"
},
{
"name" : "96467",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96467"
"name": "https://forum.wbce.org/viewtopic.php?id=977",
"refsource": "MISC",
"url": "https://forum.wbce.org/viewtopic.php?id=977"
}
]
}

92
2017/2xxx/CVE-2017-2432.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2017-2432",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-2432",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"ImageIO\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG file."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the \"ImageIO\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG file."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT207601",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207601"
"name": "97137",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97137"
},
{
"name" : "https://support.apple.com/HT207602",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207602"
"name": "https://support.apple.com/HT207601",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207601"
},
{
"name" : "https://support.apple.com/HT207615",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207615"
"name": "https://support.apple.com/HT207615",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207615"
},
{
"name" : "https://support.apple.com/HT207617",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT207617"
"name": "1038138",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038138"
},
{
"name" : "97137",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97137"
"name": "https://support.apple.com/HT207602",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207602"
},
{
"name" : "1038138",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038138"
"name": "https://support.apple.com/HT207617",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT207617"
}
]
}

80
2017/2xxx/CVE-2017-2688.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "productcert@siemens.com",
"ID" : "CVE-2017-2688",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2017-2688",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "RUGGEDCOM ROX I All versions",
"version" : {
"version_data" : [
"product_name": "RUGGEDCOM ROX I All versions",
"version": {
"version_data": [
{
"version_value" : "RUGGEDCOM ROX I All versions"
"version_value": "RUGGEDCOM ROX I All versions"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a malicious website, aka CSRF."
"lang": "eng",
"value": "The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a malicious website, aka CSRF."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-352: Cross-Site Request Forgery (CSRF)"
"lang": "eng",
"value": "CWE-352: Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-087-01",
"refsource" : "MISC",
"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-17-087-01"
"name": "97170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97170"
},
{
"name" : "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-327980.pdf",
"refsource" : "CONFIRM",
"url" : "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-327980.pdf"
"name": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-327980.pdf",
"refsource": "CONFIRM",
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-327980.pdf"
},
{
"name" : "97170",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/97170"
"name": "1038160",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038160"
},
{
"name" : "1038160",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038160"
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-087-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-087-01"
}
]
}

74
2017/3xxx/CVE-2017-3105.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@adobe.com",
"ID" : "CVE-2017-3105",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2017-3105",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Adobe RoboHelp RH2017.0.1 and earlier versions",
"version" : {
"version_data" : [
"product_name": "Adobe RoboHelp RH2017.0.1 and earlier versions",
"version": {
"version_data": [
{
"version_value" : "Adobe RoboHelp RH2017.0.1 and earlier versions"
"version_value": "Adobe RoboHelp RH2017.0.1 and earlier versions"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Adobe RoboHelp has an Open Redirect vulnerability. This affects versions before RH12.0.4.460 and RH2017 before RH2017.0.2."
"lang": "eng",
"value": "Adobe RoboHelp has an Open Redirect vulnerability. This affects versions before RH12.0.4.460 and RH2017 before RH2017.0.2."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross-Site Scripting (XSS)"
"lang": "eng",
"value": "Cross-Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://helpx.adobe.com/security/products/robohelp/apsb17-25.html",
"refsource" : "CONFIRM",
"url" : "https://helpx.adobe.com/security/products/robohelp/apsb17-25.html"
"name": "100709",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100709"
},
{
"name" : "100709",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/100709"
"name": "1039319",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039319"
},
{
"name" : "1039319",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039319"
"name": "https://helpx.adobe.com/security/products/robohelp/apsb17-25.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/robohelp/apsb17-25.html"
}
]
}

64
2017/3xxx/CVE-2017-3775.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@lenovo.com",
"DATE_PUBLIC" : "2018-05-03T00:00:00",
"ID" : "CVE-2017-3775",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@lenovo.com",
"DATE_PUBLIC": "2018-05-03T00:00:00",
"ID": "CVE-2017-3775",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Some Lenovo Flex System and Lenovo System x products",
"version" : {
"version_data" : [
"product_name": "Some Lenovo Flex System and Lenovo System x products",
"version": {
"version_data": [
{
"version_value" : "Affected BIOS version varies by product"
"version_value": "Affected BIOS version varies by product"
}
]
}
}
]
},
"vendor_name" : "Lenovo Group Ltd."
"vendor_name": "Lenovo Group Ltd."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code."
"lang": "eng",
"value": "Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Booting unauthenticated code"
"lang": "eng",
"value": "Booting unauthenticated code"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.lenovo.com/us/en/solutions/LEN-20241",
"refsource" : "CONFIRM",
"url" : "https://support.lenovo.com/us/en/solutions/LEN-20241"
"name": "https://support.lenovo.com/us/en/solutions/LEN-20241",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/solutions/LEN-20241"
}
]
}

22
2017/6xxx/CVE-2017-6232.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6232",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6232",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/6xxx/CVE-2017-6243.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6243",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6243",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2017/6xxx/CVE-2017-6356.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6356",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6356",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors."
"lang": "eng",
"value": "Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://securityadvisories.paloaltonetworks.com/Home/Detail/76",
"refsource" : "CONFIRM",
"url" : "http://securityadvisories.paloaltonetworks.com/Home/Detail/76"
"name": "96925",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96925"
},
{
"name" : "96925",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96925"
"name": "http://securityadvisories.paloaltonetworks.com/Home/Detail/76",
"refsource": "CONFIRM",
"url": "http://securityadvisories.paloaltonetworks.com/Home/Detail/76"
}
]
}

74
2017/6xxx/CVE-2017-6553.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-6553",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-6553",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon."
"lang": "eng",
"value": "Buffer Overflow in Quest One Identity Privilege Manager for Unix before 6.0.0.061 allows remote attackers to obtain full access to the policy server via an ACT_ALERT_EVENT request that causes memory corruption in the pmmasterd daemon."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "42010",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/42010/"
"name": "https://0xdeadface.wordpress.com/2017/04/07/multiple-vulnerabilities-in-quest-privilege-manager-6-0-0-xx-cve-2017-6553-cve-2017-6554/",
"refsource": "MISC",
"url": "https://0xdeadface.wordpress.com/2017/04/07/multiple-vulnerabilities-in-quest-privilege-manager-6-0-0-xx-cve-2017-6553-cve-2017-6554/"
},
{
"name" : "https://0xdeadface.wordpress.com/2017/04/07/multiple-vulnerabilities-in-quest-privilege-manager-6-0-0-xx-cve-2017-6553-cve-2017-6554/",
"refsource" : "MISC",
"url" : "https://0xdeadface.wordpress.com/2017/04/07/multiple-vulnerabilities-in-quest-privilege-manager-6-0-0-xx-cve-2017-6553-cve-2017-6554/"
"name": "42010",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/42010/"
},
{
"name" : "https://support.oneidentity.com/privilege-manager-for-unix/kb/SOL133824",
"refsource" : "MISC",
"url" : "https://support.oneidentity.com/privilege-manager-for-unix/kb/SOL133824"
"name": "https://support.oneidentity.com/privilege-manager-for-unix/kb/SOL133824",
"refsource": "MISC",
"url": "https://support.oneidentity.com/privilege-manager-for-unix/kb/SOL133824"
}
]
}

104
2017/7xxx/CVE-2017-7100.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "product-security@apple.com",
"ID" : "CVE-2017-7100",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2017-7100",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
"lang": "eng",
"value": "An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the \"WebKit\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.apple.com/HT208112",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT208112"
"name": "https://support.apple.com/HT208141",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208141"
},
{
"name" : "https://support.apple.com/HT208113",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT208113"
"name": "1039384",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039384"
},
{
"name" : "https://support.apple.com/HT208116",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT208116"
"name": "https://support.apple.com/HT208142",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208142"
},
{
"name" : "https://support.apple.com/HT208141",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT208141"
"name": "100995",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100995"
},
{
"name" : "https://support.apple.com/HT208142",
"refsource" : "CONFIRM",
"url" : "https://support.apple.com/HT208142"
"name": "https://support.apple.com/HT208113",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208113"
},
{
"name" : "100995",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/100995"
"name": "https://support.apple.com/HT208112",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208112"
},
{
"name" : "1039384",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039384"
"name": "1039428",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039428"
},
{
"name" : "1039428",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1039428"
"name": "https://support.apple.com/HT208116",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208116"
}
]
}

22
2017/7xxx/CVE-2017-7319.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-7319",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-7319",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

22
2017/7xxx/CVE-2017-7347.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-7347",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-7347",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/10xxx/CVE-2018-10081.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-10081",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10081",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the \"0e\" substring."
"lang": "eng",
"value": "CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the \"0e\" substring."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://github.com/itodaro/cve/blob/master/README.md",
"refsource" : "MISC",
"url" : "https://github.com/itodaro/cve/blob/master/README.md"
"name": "https://github.com/itodaro/cve/blob/master/README.md",
"refsource": "MISC",
"url": "https://github.com/itodaro/cve/blob/master/README.md"
}
]
}

82
2018/10xxx/CVE-2018-10870.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "lpardo@redhat.com",
"ID" : "CVE-2018-10870",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-10870",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "rhcertstore.py",
"version" : {
"version_data" : [
"product_name": "rhcertstore.py",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "redhat-certification"
"vendor_name": "redhat-certification"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution."
"lang": "eng",
"value": "redhat-certification does not properly sanitize paths in rhcertStore.py:__saveResultsFile. A remote attacker could use this flaw to overwrite any file, potentially gaining remote code execution."
}
]
},
"impact" : {
"cvss" : [
"impact": {
"cvss": [
[
{
"vectorString" : "9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version" : "3.0"
"vectorString": "9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-22"
"lang": "eng",
"value": "CWE-22"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10870",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10870"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10870",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10870"
},
{
"name" : "RHSA-2018:2373",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:2373"
"name": "RHSA-2018:2373",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2373"
},
{
"name" : "104857",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104857"
"name": "104857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104857"
}
]
}

96
2018/10xxx/CVE-2018-10906.json
View File

@ -1,94 +1,94 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "lpardo@redhat.com",
"ID" : "CVE-2018-10906",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-10906",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "fuse",
"version" : {
"version_data" : [
"product_name": "fuse",
"version": {
"version_data": [
{
"version_value" : "fuse 2.9.8"
"version_value": "fuse 2.9.8"
},
{
"version_value" : "fuse 3.2.5"
"version_value": "fuse 3.2.5"
}
]
}
}
]
},
"vendor_name" : "[UNKNOWN]"
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects."
"lang": "eng",
"value": "In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects."
}
]
},
"impact" : {
"cvss" : [
"impact": {
"cvss": [
[
{
"vectorString" : "5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version" : "3.0"
"vectorString": "5.3/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
]
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "CWE-285"
"lang": "eng",
"value": "CWE-285"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "45106",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/45106/"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10906",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10906"
},
{
"name" : "[debian-lts-announce] 20180815 [SECURITY] [DLA 1468-1] fuse security update",
"refsource" : "MLIST",
"url" : "https://lists.debian.org/debian-lts-announce/2018/08/msg00015.html"
"name": "[debian-lts-announce] 20180815 [SECURITY] [DLA 1468-1] fuse security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00015.html"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10906",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10906"
"name": "DSA-4257",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4257"
},
{
"name" : "DSA-4257",
"refsource" : "DEBIAN",
"url" : "https://www.debian.org/security/2018/dsa-4257"
"name": "45106",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45106/"
},
{
"name" : "RHSA-2018:3324",
"refsource" : "REDHAT",
"url" : "https://access.redhat.com/errata/RHSA-2018:3324"
"name": "RHSA-2018:3324",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3324"
}
]
}

22
2018/14xxx/CVE-2018-14013.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14013",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14013",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/14xxx/CVE-2018-14692.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14692",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14692",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/14xxx/CVE-2018-14927.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14927",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14927",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Matera Banco 1.0.0 is vulnerable to path traversal (allowing access to system files outside the default application folder) via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp."
"lang": "eng",
"value": "Matera Banco 1.0.0 is vulnerable to path traversal (allowing access to system files outside the default application folder) via the /contingency/servlet/ServletFileDownload file parameter, related to /contingency/web/receiptQuery/receiptDisplay.jsp."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://medium.com/stolabs/security-issues-on-matera-systems-fba14d207dc9",
"refsource" : "MISC",
"url" : "https://medium.com/stolabs/security-issues-on-matera-systems-fba14d207dc9"
"name": "https://medium.com/stolabs/security-issues-on-matera-systems-fba14d207dc9",
"refsource": "MISC",
"url": "https://medium.com/stolabs/security-issues-on-matera-systems-fba14d207dc9"
}
]
}

22
2018/14xxx/CVE-2018-14999.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-14999",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14999",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/17xxx/CVE-2018-17766.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-17766",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17766",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/17xxx/CVE-2018-17799.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-17799",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17799",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/20xxx/CVE-2018-20016.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20016",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20016",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/20xxx/CVE-2018-20538.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20538",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20538",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests."
"lang": "eng",
"value": "There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392531",
"refsource" : "MISC",
"url" : "https://bugzilla.nasm.us/show_bug.cgi?id=3392531"
"name": "https://bugzilla.nasm.us/show_bug.cgi?id=3392531",
"refsource": "MISC",
"url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392531"
}
]
}

22
2018/20xxx/CVE-2018-20736.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20736",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20736",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

70
2018/9xxx/CVE-2018-9027.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "vuln@ca.com",
"DATE_PUBLIC" : "2018-06-14T00:00:00",
"ID" : "CVE-2018-9027",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "vuln@ca.com",
"DATE_PUBLIC": "2018-06-14T00:00:00",
"ID": "CVE-2018-9027",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "CA Privileged Access Manager",
"version" : {
"version_data" : [
"product_name": "CA Privileged Access Manager",
"version": {
"version_data": [
{
"version_value" : "2.x"
"version_value": "2.x"
}
]
}
}
]
},
"vendor_name" : "CA Technologies"
"vendor_name": "CA Technologies"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link."
"lang": "eng",
"value": "A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Cross-site Scripting"
"lang": "eng",
"value": "Cross-site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource" : "CONFIRM",
"url" : "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
"name": "104496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104496"
},
{
"name" : "104496",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/104496"
"name": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html",
"refsource": "CONFIRM",
"url": "https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180614-01--security-notice-for-ca-privileged-access-manager.html"
}
]
}

68
2018/9xxx/CVE-2018-9521.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2018-9521",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2018-9521",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Android-9"
"version_value": "Android-9"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-111874331"
"lang": "eng",
"value": "In parseMPEGCCData of NuPlayer2CCDecoder.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-111874331"
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Remote code execution"
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2018-11-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2018-11-01"
"name": "105865",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105865"
},
{
"name" : "105865",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/105865"
"name": "https://source.android.com/security/bulletin/2018-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-11-01"
}
]
}

22
2018/9xxx/CVE-2018-9692.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9692",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9692",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/9xxx/CVE-2018-9863.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9863",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9863",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2018/9xxx/CVE-2018-9883.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9883",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9883",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

62
2018/9xxx/CVE-2018-9920.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-9920",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-9920",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL."
"lang": "eng",
"value": "Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20180522 K2 smartforms runtime application - 4.6.11 SSRF",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/542035/100/0/threaded"
"name": "20180522 K2 smartforms runtime application - 4.6.11 SSRF",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/542035/100/0/threaded"
}
]
}