admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-17 22:06:25 +00:00
parent 12c0e261cd
commit 321cc45f29
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
54 changed files with 3974 additions and 3974 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

168
2006/2xxx/CVE-2006-2261.json
View File

@ -1,87 +1,87 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2261",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "1763",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/1763"
},
{
"name" : "17886",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/17886"
},
{
"name" : "ADV-2006-1692",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/1692"
},
{
"name" : "25340",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/25340"
},
{
"name" : "20041",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20041"
},
{
"name" : "acal-day-file-include(26278)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26278"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in day.php in ACal 2.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the path parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1763",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1763"
},
{
"name": "ADV-2006-1692",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1692"
},
{
"name": "acal-day-file-include(26278)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26278"
},
{
"name": "20041",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20041"
},
{
"name": "17886",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17886"
},
{
"name": "25340",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25340"
}
]
}
}

148
2006/2xxx/CVE-2006-2724.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2724",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote authenticated administrators to inject arbitrary HTML or web script to other administrators via the \"Admin note\" feature, a different vulnerability than CVE-2006-2227."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2724",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060521 PunBB 1.2.11 Cross site scripting",
"refsource" : "BUGTRAQ",
"url" : "http://seclists.org/lists/bugtraq/2006/May/0408.html"
},
{
"name" : "http://www.neosecurityteam.net/advisories/Advisory-22.txt",
"refsource" : "MISC",
"url" : "http://www.neosecurityteam.net/advisories/Advisory-22.txt"
},
{
"name" : "1016157",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016157"
},
{
"name" : "punbb-adminnote-xss(26616)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26616"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote authenticated administrators to inject arbitrary HTML or web script to other administrators via the \"Admin note\" feature, a different vulnerability than CVE-2006-2227."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.neosecurityteam.net/advisories/Advisory-22.txt",
"refsource": "MISC",
"url": "http://www.neosecurityteam.net/advisories/Advisory-22.txt"
},
{
"name": "1016157",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016157"
},
{
"name": "20060521 PunBB 1.2.11 Cross site scripting",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/lists/bugtraq/2006/May/0408.html"
},
{
"name": "punbb-adminnote-xss(26616)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26616"
}
]
}
}

358
2006/3xxx/CVE-2006-3172.json
View File

@ -1,182 +1,182 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3172",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL with a trailing slash (/) character in the (1) lang_path parameter to (a) cms/plugins/col_man/column.inc.php, (b) cms/plugins/poll/poll.inc.php, (c) cms/plugins/user_managment/usrPortrait.inc.php, (d) cms/plugins/user_managment/user.inc.php, (e) cms/plugins/media_manager/media.inc.php, (f) cms/plugins/events/permanent.eventMonth.inc.php, (g) cms/plugins/events/events.inc.php, and (h) cms/plugins/newsletter2/newsletter.inc.php; (2) path[cb] parameter to (i) modules/guestbook/guestbook.inc.php, (j) modules/shoutbox/shoutBox.php, and (k) modules/sitemap/sitemap.inc.php; and the (3) rel parameter to (l) modules/download/overview.inc.php, (m) modules/download/detailView.inc.php, (n) modules/article/fullarticle.inc.php, (o) modules/article/comments.inc.php, (p) modules/article2/overview.inc.php, (q) modules/article2/fullarticle.inc.php, (r) modules/article2/comments.inc.php, (s) modules/headline/headlineBox.php, and (t) modules/headline/showHeadline.inc.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3172",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060611 Content-Builder (CMS) 0.7.5, Remote command execution",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=115016951316696&w=2"
},
{
"name" : "18404",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18404"
},
{
"name" : "ADV-2006-2300",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2300"
},
{
"name" : "26344",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26344"
},
{
"name" : "26345",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26345"
},
{
"name" : "26346",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26346"
},
{
"name" : "26347",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26347"
},
{
"name" : "26348",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26348"
},
{
"name" : "26349",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26349"
},
{
"name" : "26350",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26350"
},
{
"name" : "26351",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26351"
},
{
"name" : "26352",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26352"
},
{
"name" : "26353",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26353"
},
{
"name" : "26354",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26354"
},
{
"name" : "26355",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26355"
},
{
"name" : "26356",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26356"
},
{
"name" : "26357",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26357"
},
{
"name" : "26358",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26358"
},
{
"name" : "26359",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26359"
},
{
"name" : "26360",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26360"
},
{
"name" : "26361",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26361"
},
{
"name" : "26362",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26362"
},
{
"name" : "26363",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26363"
},
{
"name" : "20557",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20557"
},
{
"name" : "contentbuilder-multiple-file-include(27044)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27044"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple PHP remote file inclusion vulnerabilities in Content*Builder 0.7.5 allow remote attackers to execute arbitrary PHP code via a URL with a trailing slash (/) character in the (1) lang_path parameter to (a) cms/plugins/col_man/column.inc.php, (b) cms/plugins/poll/poll.inc.php, (c) cms/plugins/user_managment/usrPortrait.inc.php, (d) cms/plugins/user_managment/user.inc.php, (e) cms/plugins/media_manager/media.inc.php, (f) cms/plugins/events/permanent.eventMonth.inc.php, (g) cms/plugins/events/events.inc.php, and (h) cms/plugins/newsletter2/newsletter.inc.php; (2) path[cb] parameter to (i) modules/guestbook/guestbook.inc.php, (j) modules/shoutbox/shoutBox.php, and (k) modules/sitemap/sitemap.inc.php; and the (3) rel parameter to (l) modules/download/overview.inc.php, (m) modules/download/detailView.inc.php, (n) modules/article/fullarticle.inc.php, (o) modules/article/comments.inc.php, (p) modules/article2/overview.inc.php, (q) modules/article2/fullarticle.inc.php, (r) modules/article2/comments.inc.php, (s) modules/headline/headlineBox.php, and (t) modules/headline/showHeadline.inc.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26354",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26354"
},
{
"name": "26351",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26351"
},
{
"name": "26353",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26353"
},
{
"name": "26362",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26362"
},
{
"name": "26344",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26344"
},
{
"name": "26360",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26360"
},
{
"name": "26363",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26363"
},
{
"name": "26348",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26348"
},
{
"name": "contentbuilder-multiple-file-include(27044)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27044"
},
{
"name": "26352",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26352"
},
{
"name": "26357",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26357"
},
{
"name": "26356",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26356"
},
{
"name": "26350",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26350"
},
{
"name": "20060611 Content-Builder (CMS) 0.7.5, Remote command execution",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=115016951316696&w=2"
},
{
"name": "26355",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26355"
},
{
"name": "26345",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26345"
},
{
"name": "26358",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26358"
},
{
"name": "18404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18404"
},
{
"name": "20557",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20557"
},
{
"name": "26361",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26361"
},
{
"name": "26359",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26359"
},
{
"name": "26347",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26347"
},
{
"name": "ADV-2006-2300",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2300"
},
{
"name": "26349",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26349"
},
{
"name": "26346",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26346"
}
]
}
}

158
2006/3xxx/CVE-2006-3510.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3510",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (crash) via a series of operations that result in an invalid length calculation when using SysAllocStringLen, then triggers a buffer over-read."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://browserfun.blogspot.com/2006/07/mobb-8-rdsdatacontrol-url.html",
"refsource" : "MISC",
"url" : "http://browserfun.blogspot.com/2006/07/mobb-8-rdsdatacontrol-url.html"
},
{
"name" : "18900",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18900"
},
{
"name" : "ADV-2006-2718",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2718"
},
{
"name" : "26955",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26955"
},
{
"name" : "ie-rdsdatacontrol-url-dos(27621)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27621"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Remote Data Service Object (RDS.DataControl) in Microsoft Internet Explorer 6 on Windows 2000 allows remote attackers to cause a denial of service (crash) via a series of operations that result in an invalid length calculation when using SysAllocStringLen, then triggers a buffer over-read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26955",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26955"
},
{
"name": "ADV-2006-2718",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2718"
},
{
"name": "http://browserfun.blogspot.com/2006/07/mobb-8-rdsdatacontrol-url.html",
"refsource": "MISC",
"url": "http://browserfun.blogspot.com/2006/07/mobb-8-rdsdatacontrol-url.html"
},
{
"name": "ie-rdsdatacontrol-url-dos(27621)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27621"
},
{
"name": "18900",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18900"
}
]
}
}

178
2006/3xxx/CVE-2006-3684.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3684",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in calendar.php in SoftComplex PHP Event Calendar 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_calendar parameter, which overwrites the $path_to_calendar variable from an extract function call."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3684",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060716 PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440265/100/0/threaded"
},
{
"name" : "http://www.solpotcrew.org/adv/solpot-adv-01.txt",
"refsource" : "MISC",
"url" : "http://www.solpotcrew.org/adv/solpot-adv-01.txt"
},
{
"name" : "18965",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18965"
},
{
"name" : "ADV-2006-2848",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2848"
},
{
"name" : "21074",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21074"
},
{
"name" : "21417",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21417"
},
{
"name" : "phpeventcalendar-calendar-file-include(27766)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27766"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in calendar.php in SoftComplex PHP Event Calendar 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_calendar parameter, which overwrites the $path_to_calendar variable from an extract function call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21074",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21074"
},
{
"name": "http://www.solpotcrew.org/adv/solpot-adv-01.txt",
"refsource": "MISC",
"url": "http://www.solpotcrew.org/adv/solpot-adv-01.txt"
},
{
"name": "21417",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21417"
},
{
"name": "20060716 PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440265/100/0/threaded"
},
{
"name": "ADV-2006-2848",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2848"
},
{
"name": "phpeventcalendar-calendar-file-include(27766)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27766"
},
{
"name": "18965",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18965"
}
]
}
}

198
2006/3xxx/CVE-2006-3832.json
View File

@ -1,102 +1,102 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3832",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3832",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060720 LoudBlog <=0.5 Sql injection",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/440763/100/0/threaded"
},
{
"name" : "http://loudblog.de/forum/viewtopic.php?id=762",
"refsource" : "CONFIRM",
"url" : "http://loudblog.de/forum/viewtopic.php?id=762"
},
{
"name" : "http://loudblog.de/forum/viewtopic.php?id=770",
"refsource" : "CONFIRM",
"url" : "http://loudblog.de/forum/viewtopic.php?id=770"
},
{
"name" : "http://retrogod.altervista.org/loudblog_05_sql.html",
"refsource" : "MISC",
"url" : "http://retrogod.altervista.org/loudblog_05_sql.html"
},
{
"name" : "ADV-2006-2934",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2934"
},
{
"name" : "27442",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27442"
},
{
"name" : "21157",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21157"
},
{
"name" : "1274",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1274"
},
{
"name" : "loudblog-index-sql-injection(27896)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27896"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in Gerrit van Aaken Loudblog 0.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27442",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27442"
},
{
"name": "21157",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21157"
},
{
"name": "http://loudblog.de/forum/viewtopic.php?id=762",
"refsource": "CONFIRM",
"url": "http://loudblog.de/forum/viewtopic.php?id=762"
},
{
"name": "http://retrogod.altervista.org/loudblog_05_sql.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/loudblog_05_sql.html"
},
{
"name": "ADV-2006-2934",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2934"
},
{
"name": "http://loudblog.de/forum/viewtopic.php?id=770",
"refsource": "CONFIRM",
"url": "http://loudblog.de/forum/viewtopic.php?id=770"
},
{
"name": "loudblog-index-sql-injection(27896)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27896"
},
{
"name": "20060720 LoudBlog <=0.5 Sql injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440763/100/0/threaded"
},
{
"name": "1274",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1274"
}
]
}
}

688
2006/4xxx/CVE-2006-4335.json
View File

@ -1,347 +1,347 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4335",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a \"stack modification vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2006-4335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060919 rPSA-2006-0170-1 gzip",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/446426/100/0/threaded"
},
{
"name" : "20070330 VMSA-2007-0002 VMware ESX security updates",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
},
{
"name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676",
"refsource" : "MISC",
"url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676"
},
{
"name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm",
"refsource" : "CONFIRM",
"url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm"
},
{
"name" : "http://docs.info.apple.com/article.html?artnum=304829",
"refsource" : "CONFIRM",
"url" : "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"name" : "https://issues.rpath.com/browse/RPL-615",
"refsource" : "CONFIRM",
"url" : "https://issues.rpath.com/browse/RPL-615"
},
{
"name" : "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html",
"refsource" : "CONFIRM",
"url" : "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
},
{
"name" : "APPLE-SA-2006-11-28",
"refsource" : "APPLE",
"url" : "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
},
{
"name" : "DSA-1181",
"refsource" : "DEBIAN",
"url" : "http://www.us.debian.org/security/2006/dsa-1181"
},
{
"name" : "FLSA:211760",
"refsource" : "FEDORA",
"url" : "http://www.securityfocus.com/archive/1/451324/100/0/threaded"
},
{
"name" : "FreeBSD-SA-06:21",
"refsource" : "FREEBSD",
"url" : "http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.asc"
},
{
"name" : "GLSA-200609-13",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200609-13.xml"
},
{
"name" : "GLSA-200611-24",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200611-24.xml"
},
{
"name" : "HPSBTU02168",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/450078/100/0/threaded"
},
{
"name" : "SSRT061237",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/450078/100/0/threaded"
},
{
"name" : "HPSBUX02195",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/462007/100/0/threaded"
},
{
"name" : "MDKSA-2006:167",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:167"
},
{
"name" : "OpenPKG-SA-2006.020",
"refsource" : "OPENPKG",
"url" : "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html"
},
{
"name" : "RHSA-2006:0667",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0667.html"
},
{
"name" : "20061001-01-P",
"refsource" : "SGI",
"url" : "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc"
},
{
"name" : "SSA:2006-262",
"refsource" : "SLACKWARE",
"url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852"
},
{
"name" : "102766",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1"
},
{
"name" : "SUSE-SA:2006:056",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_56_gzip.html"
},
{
"name" : "2006-0052",
"refsource" : "TRUSTIX",
"url" : "http://www.trustix.org/errata/2006/0052/"
},
{
"name" : "USN-349-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-349-1"
},
{
"name" : "TA06-333A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
},
{
"name" : "VU#381508",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/381508"
},
{
"name" : "20101",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/20101"
},
{
"name" : "oval:org.mitre.oval:def:10391",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10391"
},
{
"name" : "ADV-2006-3695",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3695"
},
{
"name" : "ADV-2006-4275",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4275"
},
{
"name" : "ADV-2006-4750",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4750"
},
{
"name" : "ADV-2006-4760",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4760"
},
{
"name" : "ADV-2007-0092",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0092"
},
{
"name" : "ADV-2007-0832",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0832"
},
{
"name" : "ADV-2007-1171",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/1171"
},
{
"name" : "1016883",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016883"
},
{
"name" : "22002",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22002"
},
{
"name" : "22009",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22009"
},
{
"name" : "22017",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22017"
},
{
"name" : "22033",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22033"
},
{
"name" : "22034",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22034"
},
{
"name" : "22012",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22012"
},
{
"name" : "22043",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22043"
},
{
"name" : "22085",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22085"
},
{
"name" : "22101",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22101"
},
{
"name" : "22027",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22027"
},
{
"name" : "22435",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22435"
},
{
"name" : "22661",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22661"
},
{
"name" : "22487",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22487"
},
{
"name" : "23153",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23153"
},
{
"name" : "23155",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23155"
},
{
"name" : "23156",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23156"
},
{
"name" : "21996",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21996"
},
{
"name" : "23679",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23679"
},
{
"name" : "24435",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24435"
},
{
"name" : "24636",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24636"
},
{
"name" : "gzip-lzh-array-code-execution(29040)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29040"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Array index error in the make_table function in unlzh.c in the LZH decompression component in gzip 1.3.5, when running on certain platforms, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GZIP archive that triggers an out-of-bounds write, aka a \"stack modification vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-4760",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4760"
},
{
"name": "ADV-2006-4750",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4750"
},
{
"name": "23679",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23679"
},
{
"name": "GLSA-200611-24",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200611-24.xml"
},
{
"name": "24435",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24435"
},
{
"name": "22085",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22085"
},
{
"name": "22043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22043"
},
{
"name": "SUSE-SA:2006:056",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_56_gzip.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-218.htm"
},
{
"name": "22487",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22487"
},
{
"name": "gzip-lzh-array-code-execution(29040)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29040"
},
{
"name": "https://issues.rpath.com/browse/RPL-615",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-615"
},
{
"name": "22033",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22033"
},
{
"name": "22002",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22002"
},
{
"name": "ADV-2006-3695",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3695"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=304829",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=304829"
},
{
"name": "21996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21996"
},
{
"name": "23153",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23153"
},
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676",
"refsource": "MISC",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204676"
},
{
"name": "22009",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22009"
},
{
"name": "22017",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22017"
},
{
"name": "ADV-2007-0092",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0092"
},
{
"name": "RHSA-2006:0667",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0667.html"
},
{
"name": "VU#381508",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/381508"
},
{
"name": "ADV-2007-1171",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1171"
},
{
"name": "GLSA-200609-13",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200609-13.xml"
},
{
"name": "FLSA:211760",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/451324/100/0/threaded"
},
{
"name": "FreeBSD-SA-06:21",
"refsource": "FREEBSD",
"url": "http://security.freebsd.org/advisories/FreeBSD-SA-06:21.gzip.asc"
},
{
"name": "OpenPKG-SA-2006.020",
"refsource": "OPENPKG",
"url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.020-gzip.html"
},
{
"name": "USN-349-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-349-1"
},
{
"name": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/esx25/doc/esx-254-200702-patch.html"
},
{
"name": "22435",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22435"
},
{
"name": "23156",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23156"
},
{
"name": "20070330 VMSA-2007-0002 VMware ESX security updates",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464268/100/0/threaded"
},
{
"name": "22027",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22027"
},
{
"name": "MDKSA-2006:167",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:167"
},
{
"name": "23155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23155"
},
{
"name": "HPSBUX02195",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/462007/100/0/threaded"
},
{
"name": "20101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20101"
},
{
"name": "2006-0052",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0052/"
},
{
"name": "oval:org.mitre.oval:def:10391",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10391"
},
{
"name": "102766",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102766-1"
},
{
"name": "HPSBTU02168",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/450078/100/0/threaded"
},
{
"name": "APPLE-SA-2006-11-28",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html"
},
{
"name": "TA06-333A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-333A.html"
},
{
"name": "20060919 rPSA-2006-0170-1 gzip",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446426/100/0/threaded"
},
{
"name": "24636",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24636"
},
{
"name": "22012",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22012"
},
{
"name": "20061001-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc"
},
{
"name": "1016883",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016883"
},
{
"name": "SSRT061237",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/450078/100/0/threaded"
},
{
"name": "SSA:2006-262",
"refsource": "SLACKWARE",
"url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.555852"
},
{
"name": "22034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22034"
},
{
"name": "22101",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22101"
},
{
"name": "DSA-1181",
"refsource": "DEBIAN",
"url": "http://www.us.debian.org/security/2006/dsa-1181"
},
{
"name": "ADV-2007-0832",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0832"
},
{
"name": "22661",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22661"
},
{
"name": "ADV-2006-4275",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4275"
}
]
}
}

158
2006/6xxx/CVE-2006-6844.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6844",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the optional user comment module in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the user comment form."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6844",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20061225 XSS - CMS Made Simple v1.0.2",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/455306/100/0/threaded"
},
{
"name" : "http://www.l0j1k.com/security/CMSMadeSimple_1.0.2_25Dec06.txt",
"refsource" : "MISC",
"url" : "http://www.l0j1k.com/security/CMSMadeSimple_1.0.2_25Dec06.txt"
},
{
"name" : "21756",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21756"
},
{
"name" : "1017445",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017445"
},
{
"name" : "2087",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2087"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the optional user comment module in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the user comment form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21756",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21756"
},
{
"name": "1017445",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017445"
},
{
"name": "2087",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2087"
},
{
"name": "http://www.l0j1k.com/security/CMSMadeSimple_1.0.2_25Dec06.txt",
"refsource": "MISC",
"url": "http://www.l0j1k.com/security/CMSMadeSimple_1.0.2_25Dec06.txt"
},
{
"name": "20061225 XSS - CMS Made Simple v1.0.2",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/455306/100/0/threaded"
}
]
}
}

148
2006/6xxx/CVE-2006-6878.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6878",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "admin/uploads.php in PHP-Update 2.7 and earlier allows remote attackers to gain privileges by setting the rights[7] parameter to 1 during a login action."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "3020",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/3020"
},
{
"name" : "21789",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21789"
},
{
"name" : "23486",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23486"
},
{
"name" : "phpupdate-uploads-authentication-bypass(31126)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31126"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "admin/uploads.php in PHP-Update 2.7 and earlier allows remote attackers to gain privileges by setting the rights[7] parameter to 1 during a login action."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21789",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21789"
},
{
"name": "3020",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/3020"
},
{
"name": "23486",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23486"
},
{
"name": "phpupdate-uploads-authentication-bypass(31126)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31126"
}
]
}
}

158
2006/7xxx/CVE-2006-7016.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7016",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "phpjobboard allows remote attackers to bypass authentication and gain administrator privileges via a direct request to admin.php with adminop=job-edit."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20060525 phpjobboard Authecnical admin byPass",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/435119/30/4710/threaded"
},
{
"name" : "20060617 phpjobboard Authecnical admin byPass (fwd)",
"refsource" : "VIM",
"url" : "http://attrition.org/pipermail/vim/2006-June/000873.html"
},
{
"name" : "26561",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26561"
},
{
"name" : "2253",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2253"
},
{
"name" : "phpjobboard-admin-auth-bypass(26807)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26807"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "phpjobboard allows remote attackers to bypass authentication and gain administrator privileges via a direct request to admin.php with adminop=job-edit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060525 phpjobboard Authecnical admin byPass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435119/30/4710/threaded"
},
{
"name": "20060617 phpjobboard Authecnical admin byPass (fwd)",
"refsource": "VIM",
"url": "http://attrition.org/pipermail/vim/2006-June/000873.html"
},
{
"name": "2253",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2253"
},
{
"name": "phpjobboard-admin-auth-bypass(26807)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26807"
},
{
"name": "26561",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26561"
}
]
}
}

218
2010/2xxx/CVE-2010-2759.json
View File

@ -1,112 +1,112 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2759",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.bugzilla.org/security/3.2.7/",
"refsource" : "CONFIRM",
"url" : "http://www.bugzilla.org/security/3.2.7/"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=583690",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=583690"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=623423",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=623423"
},
{
"name" : "FEDORA-2010-13072",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html"
},
{
"name" : "FEDORA-2010-13086",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html"
},
{
"name" : "FEDORA-2010-13171",
"refsource" : "FEDORA",
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html"
},
{
"name" : "42275",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/42275"
},
{
"name" : "40892",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/40892"
},
{
"name" : "41128",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/41128"
},
{
"name" : "ADV-2010-2035",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2035"
},
{
"name" : "ADV-2010-2205",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2010/2205"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-2035",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2035"
},
{
"name": "FEDORA-2010-13072",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046534.html"
},
{
"name": "FEDORA-2010-13171",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046518.html"
},
{
"name": "40892",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40892"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=623423",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=623423"
},
{
"name": "FEDORA-2010-13086",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-August/046546.html"
},
{
"name": "42275",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42275"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=583690",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=583690"
},
{
"name": "http://www.bugzilla.org/security/3.2.7/",
"refsource": "CONFIRM",
"url": "http://www.bugzilla.org/security/3.2.7/"
},
{
"name": "41128",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41128"
},
{
"name": "ADV-2010-2205",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2205"
}
]
}
}

268
2011/0xxx/CVE-2011-0080.json
View File

@ -1,137 +1,137 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0080",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.mozilla.org/security/announce/2011/mfsa2011-12.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2011/mfsa2011-12.html"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=615147",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=615147"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=634257",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=634257"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=637621",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=637621"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=637957",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=637957"
},
{
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=638236",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=638236"
},
{
"name" : "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird",
"refsource" : "CONFIRM",
"url" : "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird"
},
{
"name" : "http://downloads.avaya.com/css/P8/documents/100134543",
"refsource" : "CONFIRM",
"url" : "http://downloads.avaya.com/css/P8/documents/100134543"
},
{
"name" : "http://downloads.avaya.com/css/P8/documents/100144158",
"refsource" : "CONFIRM",
"url" : "http://downloads.avaya.com/css/P8/documents/100144158"
},
{
"name" : "DSA-2227",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2227"
},
{
"name" : "DSA-2228",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2228"
},
{
"name" : "DSA-2235",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2235"
},
{
"name" : "MDVSA-2011:080",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:080"
},
{
"name" : "MDVSA-2011:079",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2011:079"
},
{
"name" : "47641",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/47641"
},
{
"name" : "oval:org.mitre.oval:def:13866",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13866"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=637621",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=637621"
},
{
"name": "DSA-2228",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2228"
},
{
"name": "47641",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47641"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=637957",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=637957"
},
{
"name": "MDVSA-2011:079",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:079"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=634257",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=634257"
},
{
"name": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird",
"refsource": "CONFIRM",
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_thunderbird"
},
{
"name": "DSA-2235",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2235"
},
{
"name": "oval:org.mitre.oval:def:13866",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13866"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=638236",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=638236"
},
{
"name": "http://downloads.avaya.com/css/P8/documents/100134543",
"refsource": "CONFIRM",
"url": "http://downloads.avaya.com/css/P8/documents/100134543"
},
{
"name": "http://www.mozilla.org/security/announce/2011/mfsa2011-12.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2011/mfsa2011-12.html"
},
{
"name": "MDVSA-2011:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:080"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=615147",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=615147"
},
{
"name": "DSA-2227",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2227"
},
{
"name": "http://downloads.avaya.com/css/P8/documents/100144158",
"refsource": "CONFIRM",
"url": "http://downloads.avaya.com/css/P8/documents/100144158"
}
]
}
}

32
2011/0xxx/CVE-2011-0304.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0304",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0304",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

318
2011/0xxx/CVE-2011-0558.json
View File

@ -1,162 +1,162 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0558",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-0558",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20110208 Adobe Flash Player ActionScript Integer Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=893"
},
{
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-02.html",
"refsource" : "CONFIRM",
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2",
"refsource" : "CONFIRM",
"url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2"
},
{
"name" : "RHSA-2011:0206",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0206.html"
},
{
"name" : "RHSA-2011:0259",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0259.html"
},
{
"name" : "RHSA-2011:0368",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2011-0368.html"
},
{
"name" : "SUSE-SA:2011:009",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html"
},
{
"name" : "46194",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46194"
},
{
"name" : "oval:org.mitre.oval:def:14056",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14056"
},
{
"name" : "oval:org.mitre.oval:def:16129",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16129"
},
{
"name" : "1025055",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025055"
},
{
"name" : "43267",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43267"
},
{
"name" : "43292",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43292"
},
{
"name" : "43340",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43340"
},
{
"name" : "43351",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43351"
},
{
"name" : "43747",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43747"
},
{
"name" : "ADV-2011-0348",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0348"
},
{
"name" : "ADV-2011-0383",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0383"
},
{
"name" : "ADV-2011-0402",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0402"
},
{
"name" : "ADV-2011-0646",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0646"
},
{
"name" : "flashplayer-actionscript-code-exec(65230)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65230"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:16129",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16129"
},
{
"name": "ADV-2011-0348",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0348"
},
{
"name": "46194",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46194"
},
{
"name": "1025055",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025055"
},
{
"name": "ADV-2011-0646",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0646"
},
{
"name": "43267",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43267"
},
{
"name": "20110208 Adobe Flash Player ActionScript Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=893"
},
{
"name": "43292",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43292"
},
{
"name": "43351",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43351"
},
{
"name": "43340",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43340"
},
{
"name": "ADV-2011-0383",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0383"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-02.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-02.html"
},
{
"name": "43747",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43747"
},
{
"name": "ADV-2011-0402",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0402"
},
{
"name": "RHSA-2011:0259",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0259.html"
},
{
"name": "oval:org.mitre.oval:def:14056",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14056"
},
{
"name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2",
"refsource": "CONFIRM",
"url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2"
},
{
"name": "flashplayer-actionscript-code-exec(65230)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65230"
},
{
"name": "RHSA-2011:0206",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0206.html"
},
{
"name": "SUSE-SA:2011:009",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html"
},
{
"name": "RHSA-2011:0368",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0368.html"
}
]
}
}

148
2011/0xxx/CVE-2011-0641.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0641",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/admin.php in the StatPressCN plugin 1.9.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) what1, (2) what2, (3) what3, (4) what4, and (5) what5 parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0641",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "45950",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45950"
},
{
"name" : "70595",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70595"
},
{
"name" : "43016",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43016"
},
{
"name" : "statpresscn-admin-xss(64882)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64882"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/admin.php in the StatPressCN plugin 1.9.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) what1, (2) what2, (3) what3, (4) what4, and (5) what5 parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "70595",
"refsource": "OSVDB",
"url": "http://osvdb.org/70595"
},
{
"name": "statpresscn-admin-xss(64882)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64882"
},
{
"name": "45950",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45950"
},
{
"name": "43016",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43016"
}
]
}
}

178
2011/0xxx/CVE-2011-0678.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0678",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code by uploading an executable file via the UploadDirectory and Accepted Extensions fields in the getImagefile component of EasyEdit.cfm."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0678",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-002.html",
"refsource" : "MISC",
"url" : "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-002.html"
},
{
"name" : "VU#528212",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/528212"
},
{
"name" : "45985",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/45985"
},
{
"name" : "70669",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70669"
},
{
"name" : "43031",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43031"
},
{
"name" : "ADV-2011-0217",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0217"
},
{
"name" : "activeweb-easyedit-file-upload(65013)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65013"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code by uploading an executable file via the UploadDirectory and Accepted Extensions fields in the getImagefile component of EasyEdit.cfm."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-002.html",
"refsource": "MISC",
"url": "http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-002.html"
},
{
"name": "activeweb-easyedit-file-upload(65013)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65013"
},
{
"name": "45985",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45985"
},
{
"name": "43031",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43031"
},
{
"name": "VU#528212",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/528212"
},
{
"name": "70669",
"refsource": "OSVDB",
"url": "http://osvdb.org/70669"
},
{
"name": "ADV-2011-0217",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0217"
}
]
}
}

32
2011/1xxx/CVE-2011-1620.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1620",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1620",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

158
2011/1xxx/CVE-2011-1852.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1852",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a (1) DATA or (2) ERROR opcode."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2011-1852",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.zerodayinitiative.com/advisories/ZDI-11-164/",
"refsource" : "MISC",
"url" : "http://www.zerodayinitiative.com/advisories/ZDI-11-164/"
},
{
"name" : "HPSBGN02680",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02822750"
},
{
"name" : "SSRT100361",
"refsource" : "HP",
"url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02822750"
},
{
"name" : "47789",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/47789"
},
{
"name" : "1025519",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1025519"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a (1) DATA or (2) ERROR opcode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBGN02680",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02822750"
},
{
"name": "1025519",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025519"
},
{
"name": "SSRT100361",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02822750"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-164/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-164/"
},
{
"name": "47789",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47789"
}
]
}
}

138
2011/1xxx/CVE-2011-1902.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1902",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php",
"refsource" : "MISC",
"url" : "http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php"
},
{
"name" : "https://support.proofpoint.com/article.cgi?article_id=338413",
"refsource" : "MISC",
"url" : "https://support.proofpoint.com/article.cgi?article_id=338413"
},
{
"name" : "VU#790980",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/790980"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6.2.0.237 and earlier in Proofpoint Protection Server 5.5.3, 5.5.4, 5.5.5, 6.0.2, 6.1.1, and 6.2.0 allows remote attackers to read arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.proofpoint.com/article.cgi?article_id=338413",
"refsource": "MISC",
"url": "https://support.proofpoint.com/article.cgi?article_id=338413"
},
{
"name": "VU#790980",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/790980"
},
{
"name": "http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php",
"refsource": "MISC",
"url": "http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php"
}
]
}
}

138
2011/1xxx/CVE-2011-1970.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1970",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka \"DNS Uninitialized Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-1970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS11-058",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-058"
},
{
"name" : "TA11-221A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-221A.html"
},
{
"name" : "oval:org.mitre.oval:def:12870",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12870"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DNS server in Microsoft Windows Server 2003 SP2 and Windows Server 2008 SP2, R2, and R2 SP1 does not properly initialize memory, which allows remote attackers to cause a denial of service (service outage) via a query for a nonexistent domain, aka \"DNS Uninitialized Memory Corruption Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:12870",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12870"
},
{
"name": "MS11-058",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-058"
},
{
"name": "TA11-221A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-221A.html"
}
]
}
}

148
2011/3xxx/CVE-2011-3376.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3376",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/DefaultInstanceManager.java?r1=1176588&r2=1176587&pathrev=1176588",
"refsource" : "CONFIRM",
"url" : "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/DefaultInstanceManager.java?r1=1176588&r2=1176587&pathrev=1176588"
},
{
"name" : "http://svn.apache.org/viewvc?view=revision&revision=1176588",
"refsource" : "CONFIRM",
"url" : "http://svn.apache.org/viewvc?view=revision&revision=1176588"
},
{
"name" : "http://tomcat.apache.org/security-7.html",
"refsource" : "CONFIRM",
"url" : "http://tomcat.apache.org/security-7.html"
},
{
"name" : "50603",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/50603"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "org/apache/catalina/core/DefaultInstanceManager.java in Apache Tomcat 7.x before 7.0.22 does not properly restrict ContainerServlets in the Manager application, which allows local users to gain privileges by using an untrusted web application to access the Manager application's functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://svn.apache.org/viewvc?view=revision&revision=1176588",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1176588"
},
{
"name": "http://tomcat.apache.org/security-7.html",
"refsource": "CONFIRM",
"url": "http://tomcat.apache.org/security-7.html"
},
{
"name": "50603",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50603"
},
{
"name": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/DefaultInstanceManager.java?r1=1176588&r2=1176587&pathrev=1176588",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/core/DefaultInstanceManager.java?r1=1176588&r2=1176587&pathrev=1176588"
}
]
}
}

138
2011/3xxx/CVE-2011-3413.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3413",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an invalid OfficeArt record in a PowerPoint document, aka \"OfficeArt Shape RCE Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-3413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "MS11-094",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-094"
},
{
"name" : "TA11-347A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-347A.html"
},
{
"name" : "oval:org.mitre.oval:def:14581",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14581"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an invalid OfficeArt record in a PowerPoint document, aka \"OfficeArt Shape RCE Vulnerability.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:14581",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14581"
},
{
"name": "TA11-347A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-347A.html"
},
{
"name": "MS11-094",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-094"
}
]
}
}

138
2011/3xxx/CVE-2011-3824.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3824",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/auth.php and certain other files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource" : "MISC",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
},
{
"name" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/yourls-1.5",
"refsource" : "MISC",
"url" : "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/yourls-1.5"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/auth.php and certain other files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20110627 Re: CVE request: Joomla unspecified information disclosure vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/06/27/6"
},
{
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/yourls-1.5",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/yourls-1.5"
},
{
"name": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README",
"refsource": "MISC",
"url": "http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README"
}
]
}
}

118
2011/4xxx/CVE-2011-4053.json
View File

@ -1,62 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4053",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) before 9.0.0.11291 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-353-01.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-11-353-01.pdf"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) before 9.0.0.11291 allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-353-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-11-353-01.pdf"
}
]
}
}

32
2011/4xxx/CVE-2011-4388.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4388",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-4388",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}
}

188
2011/4xxx/CVE-2011-4597.json
View File

@ -1,97 +1,97 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4597",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote attackers to enumerate usernames via a series of requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4597",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20111222 Exploit for Asterisk Security Advisory AST-2011-013",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2011-12/0151.html"
},
{
"name" : "[oss-security] 20111209 CVE Request -- Asterisk -- AST-2011-013 and AST-2011-014",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/12/09/3"
},
{
"name" : "[oss-security] 20111209 Re: CVE Request -- Asterisk -- AST-2011-013 and AST-2011-014",
"refsource" : "MLIST",
"url" : "http://openwall.com/lists/oss-security/2011/12/09/4"
},
{
"name" : "[asterisk-dev] 20111108 Summary: SIP, NAT, security concerns, oh my!",
"refsource" : "MLIST",
"url" : "http://lists.digium.com/pipermail/asterisk-dev/2011-November/052191.html"
},
{
"name" : "http://downloads.asterisk.org/pub/security/AST-2011-013.html",
"refsource" : "CONFIRM",
"url" : "http://downloads.asterisk.org/pub/security/AST-2011-013.html"
},
{
"name" : "DSA-2367",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2367"
},
{
"name" : "77597",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/77597"
},
{
"name" : "47273",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47273"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote attackers to enumerate usernames via a series of requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "77597",
"refsource": "OSVDB",
"url": "http://osvdb.org/77597"
},
{
"name": "http://downloads.asterisk.org/pub/security/AST-2011-013.html",
"refsource": "CONFIRM",
"url": "http://downloads.asterisk.org/pub/security/AST-2011-013.html"
},
{
"name": "[oss-security] 20111209 Re: CVE Request -- Asterisk -- AST-2011-013 and AST-2011-014",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/12/09/4"
},
{
"name": "[oss-security] 20111209 CVE Request -- Asterisk -- AST-2011-013 and AST-2011-014",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/12/09/3"
},
{
"name": "47273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47273"
},
{
"name": "20111222 Exploit for Asterisk Security Advisory AST-2011-013",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-12/0151.html"
},
{
"name": "DSA-2367",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2367"
},
{
"name": "[asterisk-dev] 20111108 Summary: SIP, NAT, security concerns, oh my!",
"refsource": "MLIST",
"url": "http://lists.digium.com/pipermail/asterisk-dev/2011-November/052191.html"
}
]
}
}

32
2013/5xxx/CVE-2013-5101.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5101",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5101",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

148
2013/5xxx/CVE-2013-5120.json
View File

@ -1,77 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5120",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows remote attackers to execute arbitrary SQL commands via the search[gender] parameter to user/browse/view_/."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "20130807 PHPFox v3.6.0 (build3) Multiple SQL Injection vulnerabilities",
"refsource" : "BUGTRAQ",
"url" : "http://archives.neohapsis.com/archives/bugtraq/2013-08/0048.html"
},
{
"name" : "27430",
"refsource" : "EXPLOIT-DB",
"url" : "http://www.exploit-db.com/exploits/27430"
},
{
"name" : "61660",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/61660"
},
{
"name" : "96028",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/96028"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows remote attackers to execute arbitrary SQL commands via the search[gender] parameter to user/browse/view_/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "61660",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61660"
},
{
"name": "96028",
"refsource": "OSVDB",
"url": "http://osvdb.org/96028"
},
{
"name": "27430",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/27430"
},
{
"name": "20130807 PHPFox v3.6.0 (build3) Multiple SQL Injection vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-08/0048.html"
}
]
}
}

32
2013/5xxx/CVE-2013-5235.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5235",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-5235",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

228
2014/2xxx/CVE-2014-2283.json
View File

@ -1,117 +1,117 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2283",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2283",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www.wireshark.org/security/wnpa-sec-2014-03.html",
"refsource" : "CONFIRM",
"url" : "http://www.wireshark.org/security/wnpa-sec-2014-03.html"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9730",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9730"
},
{
"name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9802",
"refsource" : "CONFIRM",
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9802"
},
{
"name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=217293ba4a0353bf5d657e74fe8623dd3c86fe08",
"refsource" : "CONFIRM",
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=217293ba4a0353bf5d657e74fe8623dd3c86fe08"
},
{
"name" : "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark10",
"refsource" : "CONFIRM",
"url" : "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark10"
},
{
"name" : "DSA-2871",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2014/dsa-2871"
},
{
"name" : "RHSA-2014:0342",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-0342.html"
},
{
"name" : "openSUSE-SU-2014:0382",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-03/msg00046.html"
},
{
"name" : "openSUSE-SU-2014:0383",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2014-03/msg00047.html"
},
{
"name" : "1029907",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029907"
},
{
"name" : "57480",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57480"
},
{
"name" : "57489",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/57489"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "57489",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57489"
},
{
"name": "57480",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57480"
},
{
"name": "openSUSE-SU-2014:0382",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00046.html"
},
{
"name": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark10",
"refsource": "CONFIRM",
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark10"
},
{
"name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=217293ba4a0353bf5d657e74fe8623dd3c86fe08",
"refsource": "CONFIRM",
"url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=217293ba4a0353bf5d657e74fe8623dd3c86fe08"
},
{
"name": "1029907",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029907"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9802",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9802"
},
{
"name": "openSUSE-SU-2014:0383",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00047.html"
},
{
"name": "DSA-2871",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2871"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9730",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9730"
},
{
"name": "RHSA-2014:0342",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0342.html"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2014-03.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2014-03.html"
}
]
}
}

32
2014/2xxx/CVE-2014-2932.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2932",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2932",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

158
2014/3xxx/CVE-2014-3199.json
View File

@ -1,82 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-3199",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 38.0.2125.101, has an erroneous fallback outcome for wrapper-selection failures, which allows remote attackers to cause a denial of service via vectors that trigger stopping a worker process that had been handling an Event object."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2014-3199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html"
},
{
"name" : "https://crbug.com/395411",
"refsource" : "CONFIRM",
"url" : "https://crbug.com/395411"
},
{
"name" : "https://src.chromium.org/viewvc/blink?revision=179340&view=revision",
"refsource" : "CONFIRM",
"url" : "https://src.chromium.org/viewvc/blink?revision=179340&view=revision"
},
{
"name" : "RHSA-2014:1626",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2014-1626.html"
},
{
"name" : "70273",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70273"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The wrap function in bindings/core/v8/custom/V8EventCustom.cpp in the V8 bindings in Blink, as used in Google Chrome before 38.0.2125.101, has an erroneous fallback outcome for wrapper-selection failures, which allows remote attackers to cause a denial of service via vectors that trigger stopping a worker process that had been handling an Event object."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:1626",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1626.html"
},
{
"name": "https://crbug.com/395411",
"refsource": "CONFIRM",
"url": "https://crbug.com/395411"
},
{
"name": "70273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70273"
},
{
"name": "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html"
},
{
"name": "https://src.chromium.org/viewvc/blink?revision=179340&view=revision",
"refsource": "CONFIRM",
"url": "https://src.chromium.org/viewvc/blink?revision=179340&view=revision"
}
]
}
}

32
2014/6xxx/CVE-2014-6044.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6044",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6044",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

138
2014/6xxx/CVE-2014-6074.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6074",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM UrbanCode Deploy 6.1.0.2 before IF1 allows remote authenticated users to read keystore secret keys via a direct request to a UI page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683551",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683551"
},
{
"name" : "69640",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69640"
},
{
"name" : "ibm-urbancodedeploy-cve20146074-keys(95726)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95726"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM UrbanCode Deploy 6.1.0.2 before IF1 allows remote authenticated users to read keystore secret keys via a direct request to a UI page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-urbancodedeploy-cve20146074-keys(95726)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95726"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683551",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683551"
},
{
"name": "69640",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69640"
}
]
}
}

128
2014/6xxx/CVE-2014-6102.json
View File

@ -1,67 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6102",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX008, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products do not properly handle logout actions, which allows remote attackers to bypass intended Cognos BI Direct Integration access restrictions by leveraging an unattended workstation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6102",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695597",
"refsource" : "CONFIRM",
"url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21695597"
},
{
"name" : "ibm-maximo-cve20146102-sec-bypass(96141)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/96141"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Maximo Asset Management 7.1 through 7.1.1.13 and 7.5.0 before 7.5.0.6 IFIX008, Maximo Asset Management 7.5.0 through 7.5.0.3 and 7.5.1 through 7.5.1.2 for SmartCloud Control Desk, and Maximo Asset Management 7.1 through 7.1.1.13 and 7.2 for Tivoli IT Asset Management for IT and certain other products do not properly handle logout actions, which allows remote attackers to bypass intended Cognos BI Direct Integration access restrictions by leveraging an unattended workstation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21695597",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21695597"
},
{
"name": "ibm-maximo-cve20146102-sec-bypass(96141)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96141"
}
]
}
}

138
2014/6xxx/CVE-2014-6775.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6775",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Light for Pets (aka com.helenwoodward.light4pets) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#384585",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/384585"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Light for Pets (aka com.helenwoodward.light4pets) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#384585",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/384585"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

138
2014/6xxx/CVE-2014-6820.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6820",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Amebra Ameba (aka jp.honeytrap15.amebra) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#580913",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/580913"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Amebra Ameba (aka jp.honeytrap15.amebra) application 1.0.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#580913",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/580913"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

138
2014/6xxx/CVE-2014-6931.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6931",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Treves Dance Center (aka com.myapphone.android.myapptrvesdancecenter) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6931",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#404297",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/404297"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Treves Dance Center (aka com.myapphone.android.myapptrvesdancecenter) application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#404297",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/404297"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

138
2014/7xxx/CVE-2014-7298.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7298",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7298",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "http://twitter.com/travemme/statuses/525298393971564544",
"refsource" : "MISC",
"url" : "http://twitter.com/travemme/statuses/525298393971564544"
},
{
"name" : "https://exploithub.com/centrify-data-leakage.html",
"refsource" : "MISC",
"url" : "https://exploithub.com/centrify-data-leakage.html"
},
{
"name" : "http://www.centrify.com/support/announcements.asp#20141014",
"refsource" : "CONFIRM",
"url" : "http://www.centrify.com/support/announcements.asp#20141014"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exploithub.com/centrify-data-leakage.html",
"refsource": "MISC",
"url": "https://exploithub.com/centrify-data-leakage.html"
},
{
"name": "http://twitter.com/travemme/statuses/525298393971564544",
"refsource": "MISC",
"url": "http://twitter.com/travemme/statuses/525298393971564544"
},
{
"name": "http://www.centrify.com/support/announcements.asp#20141014",
"refsource": "CONFIRM",
"url": "http://www.centrify.com/support/announcements.asp#20141014"
}
]
}
}

138
2014/7xxx/CVE-2014-7421.json
View File

@ -1,72 +1,72 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7421",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Revel in the Rideau Lakes (aka com.mytoursapp.android.app326) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#244577",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/244577"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Revel in the Rideau Lakes (aka com.mytoursapp.android.app326) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#244577",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/244577"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}

130
2017/0xxx/CVE-2017-0706.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-07-05T00:00:00",
"ID" : "CVE-2017-0706",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android",
"version" : {
"version_data" : [
{
"version_value" : "Android kernel"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-35195787. References: B-RB#120532."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-07-05T00:00:00",
"ID": "CVE-2017-0706",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name": "Google Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2017-07-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name" : "99482",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99482"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-35195787. References: B-RB#120532."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-07-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-07-01"
},
{
"name": "99482",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99482"
}
]
}
}

142
2017/0xxx/CVE-2017-0778.json
View File

@ -1,74 +1,74 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-09-05T00:00:00",
"ID" : "CVE-2017-0778",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android",
"version" : {
"version_data" : [
{
"version_value" : "7.0"
},
{
"version_value" : "7.1.1"
},
{
"version_value" : "7.1.2"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-62133227."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-09-05T00:00:00",
"ID": "CVE-2017-0778",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "7.0"
},
{
"version_value": "7.1.1"
},
{
"version_value": "7.1.2"
}
]
}
}
]
},
"vendor_name": "Google Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2017-09-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-09-01"
},
{
"name" : "100649",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/100649"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-62133227."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100649",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100649"
},
{
"name": "https://source.android.com/security/bulletin/2017-09-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-09-01"
}
]
}
}

130
2017/0xxx/CVE-2017-0831.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"DATE_PUBLIC" : "2017-11-06T00:00:00",
"ID" : "CVE-2017-0831",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android",
"version" : {
"version_data" : [
{
"version_value" : "8.0"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the Android framework (window manager). Product: Android. Versions: 8.0. Android ID: A-37442941."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of privilege"
}
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-11-06T00:00:00",
"ID": "CVE-2017-0831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "8.0"
}
]
}
}
]
},
"vendor_name": "Google Inc."
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://source.android.com/security/bulletin/2017-11-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name" : "101775",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/101775"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An elevation of privilege vulnerability in the Android framework (window manager). Product: Android. Versions: 8.0. Android ID: A-37442941."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "101775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101775"
}
]
}
}

32
2017/0xxx/CVE-2017-0844.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-0844",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-0844",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2017/18xxx/CVE-2017-18113.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-18113",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18113",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2017/18xxx/CVE-2017-18114.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-18114",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-18114",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

244
2017/1xxx/CVE-2017-1100.json
View File

@ -1,125 +1,125 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2017-1100",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Rational Quality Manager",
"version" : {
"version_data" : [
{
"version_value" : "4.0"
},
{
"version_value" : "4.0.1"
},
{
"version_value" : "4.0.3"
},
{
"version_value" : "4.0.0.1"
},
{
"version_value" : "4.0.0.2"
},
{
"version_value" : "4.0.2"
},
{
"version_value" : "4.0.4"
},
{
"version_value" : "4.0.5"
},
{
"version_value" : "4.0.6"
},
{
"version_value" : "5.0"
},
{
"version_value" : "4.0.7"
},
{
"version_value" : "5.0.1"
},
{
"version_value" : "5.0.2"
},
{
"version_value" : "6.0"
},
{
"version_value" : "6.0.1"
},
{
"version_value" : "6.0.2"
},
{
"version_value" : "6.0.3"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120661."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2017-1100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rational Quality Manager",
"version": {
"version_data": [
{
"version_value": "4.0"
},
{
"version_value": "4.0.1"
},
{
"version_value": "4.0.3"
},
{
"version_value": "4.0.0.1"
},
{
"version_value": "4.0.0.2"
},
{
"version_value": "4.0.2"
},
{
"version_value": "4.0.4"
},
{
"version_value": "4.0.5"
},
{
"version_value": "4.0.6"
},
{
"version_value": "5.0"
},
{
"version_value": "4.0.7"
},
{
"version_value": "5.0.1"
},
{
"version_value": "5.0.2"
},
{
"version_value": "6.0"
},
{
"version_value": "6.0.1"
},
{
"version_value": "6.0.2"
},
{
"version_value": "6.0.3"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/120661",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/120661"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22004428",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22004428"
},
{
"name" : "99006",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/99006"
},
{
"name" : "1038698",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1038698"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 120661."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-Site Scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120661",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/120661"
},
{
"name": "99006",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99006"
},
{
"name": "1038698",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038698"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22004428",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22004428"
}
]
}
}

206
2017/1xxx/CVE-2017-1341.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-12-04T00:00:00",
"ID" : "CVE-2017-1341",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "MQ",
"version" : {
"version_data" : [
{
"version_value" : "9.0"
},
{
"version_value" : "9.0.1"
},
{
"version_value" : "9.0.0.1"
},
{
"version_value" : "9.0.2"
},
{
"version_value" : "8.0.0.1"
},
{
"version_value" : "8.0.0.2"
},
{
"version_value" : "8.0.0.3"
},
{
"version_value" : "8.0.0.4"
},
{
"version_value" : "8.0.0.5"
},
{
"version_value" : "8.0.0.6"
},
{
"version_value" : "8.0.0.7"
},
{
"version_value" : "9.0.3"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM WebSphere MQ 8.0 and 9.0 could allow, under special circumstances, an unauthorized user to access an object which they should have been denied access. IBM X-Force ID: 126456."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Bypass Security"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-12-04T00:00:00",
"ID": "CVE-2017-1341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MQ",
"version": {
"version_data": [
{
"version_value": "9.0"
},
{
"version_value": "9.0.1"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.2"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.0.6"
},
{
"version_value": "8.0.0.7"
},
{
"version_value": "9.0.3"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126456",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/126456"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22005400",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22005400"
},
{
"name" : "102042",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/102042"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM WebSphere MQ 8.0 and 9.0 could allow, under special circumstances, an unauthorized user to access an object which they should have been denied access. IBM X-Force ID: 126456."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Bypass Security"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126456",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/126456"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22005400",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22005400"
},
{
"name": "102042",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102042"
}
]
}
}

130
2017/1xxx/CVE-2017-1491.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2017-09-01T00:00:00",
"ID" : "CVE-2017-1491",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "QRadar Network Security",
"version" : {
"version_data" : [
{
"version_value" : "5.4"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM QRadar Network Security 5.4 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 128689."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-09-01T00:00:00",
"ID": "CVE-2017-1491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QRadar Network Security",
"version": {
"version_data": [
{
"version_value": "5.4"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128689",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/128689"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22007535",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22007535"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM QRadar Network Security 5.4 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. IBM X-Force ID: 128689."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22007535",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22007535"
},
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128689",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128689"
}
]
}
}

32
2017/1xxx/CVE-2017-1620.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1620",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1620",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

32
2017/1xxx/CVE-2017-1754.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1754",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1754",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

178
2017/5xxx/CVE-2017-5023.json
View File

@ -1,92 +1,92 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-5023",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android",
"version" : {
"version_data" : [
{
"version_value" : "Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "type confusion"
}
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-5023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android",
"version": {
"version_data": [
{
"version_value": "Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html",
"refsource" : "CONFIRM",
"url" : "https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html"
},
{
"name" : "https://crbug.com/651443",
"refsource" : "CONFIRM",
"url" : "https://crbug.com/651443"
},
{
"name" : "DSA-3776",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2017/dsa-3776"
},
{
"name" : "GLSA-201701-66",
"refsource" : "GENTOO",
"url" : "https://security.gentoo.org/glsa/201701-66"
},
{
"name" : "RHSA-2017:0206",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2017-0206.html"
},
{
"name" : "95792",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95792"
},
{
"name" : "1037718",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037718"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Type confusion in Histogram in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, and 56.0.2924.87 for Android, allowed a remote attacker to potentially exploit a near null dereference via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "type confusion"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95792",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95792"
},
{
"name": "https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html",
"refsource": "CONFIRM",
"url": "https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html"
},
{
"name": "GLSA-201701-66",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-66"
},
{
"name": "RHSA-2017:0206",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0206.html"
},
{
"name": "1037718",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037718"
},
{
"name": "https://crbug.com/651443",
"refsource": "CONFIRM",
"url": "https://crbug.com/651443"
},
{
"name": "DSA-3776",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3776"
}
]
}
}

32
2017/5xxx/CVE-2017-5272.json
View File

@ -1,18 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5272",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5272",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

120
2017/5xxx/CVE-2017-5719.json
View File

@ -1,63 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "secure@intel.com",
"DATE_PUBLIC" : "2017-11-20T00:00:00",
"ID" : "CVE-2017-5719",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Deep Learning Training Tool",
"version" : {
"version_data" : [
{
"version_value" : "Beta 1"
}
]
}
}
]
},
"vendor_name" : "Intel Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
}
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2017-11-20T00:00:00",
"ID": "CVE-2017-5719",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Deep Learning Training Tool",
"version": {
"version_data": [
{
"version_value": "Beta 1"
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00100&languageid=en-fr",
"refsource" : "CONFIRM",
"url" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00100&languageid=en-fr"
}
]
}
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00100&languageid=en-fr",
"refsource": "CONFIRM",
"url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00100&languageid=en-fr"
}
]
}
}