admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 00:43:49 +00:00
parent ceb928e3cd
commit 3251f1298b
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
53 changed files with 3876 additions and 3876 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
2006/2xxx/CVE-2006-2712.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2712",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2712",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8.1 do not verify the integrity of a message digest, which allows remote attackers to modify and replay messages."
"lang": "eng",
"value": "Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8.1 do not verify the integrity of a message digest, which allows remote attackers to modify and replay messages."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.kb.cert.org/vuls/id/WDON-6Q6S8D",
"refsource" : "CONFIRM",
"url" : "http://www.kb.cert.org/vuls/id/WDON-6Q6S8D"
"name": "http://www.kb.cert.org/vuls/id/WDON-6QAQFH",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/WDON-6QAQFH"
},
{
"name" : "http://www.kb.cert.org/vuls/id/WDON-6QAQFH",
"refsource" : "CONFIRM",
"url" : "http://www.kb.cert.org/vuls/id/WDON-6QAQFH"
"name": "VU#456729",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/456729"
},
{
"name" : "VU#353769",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/353769"
"name": "20378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20378"
},
{
"name" : "VU#456729",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/456729"
"name": "VU#353769",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/353769"
},
{
"name" : "ADV-2006-2069",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2069"
"name": "ADV-2006-2069",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2069"
},
{
"name" : "1016184",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016184"
"name": "1016184",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016184"
},
{
"name" : "20378",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20378"
"name": "c5evm-client-message-digest-replay(26781)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26781"
},
{
"name" : "c5evm-client-message-digest-replay(26781)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26781"
"name": "http://www.kb.cert.org/vuls/id/WDON-6Q6S8D",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/WDON-6Q6S8D"
},
{
"name" : "c5evm-server-message-digest-replay(26765)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26765"
"name": "c5evm-server-message-digest-replay(26765)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26765"
}
]
}

110
2006/2xxx/CVE-2006-2744.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2744",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2744",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in p-popupgallery.php in F@cile Interactive Web 0.8.41 through 0.8.5 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in p-popupgallery.php in F@cile Interactive Web 0.8.41 through 0.8.5 allows remote attackers to execute arbitrary PHP code via a URL in the l parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060528 Advisory: F@cile Interactive Web <= 0.8x Multiple RemoteVulnerabilities.",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/435283/100/0/threaded"
"name": "20060528 Advisory: F@cile Interactive Web <= 0.8x Multiple RemoteVulnerabilities.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435283/100/0/threaded"
},
{
"name" : "http://www.nukedx.com/?getxpl=35",
"refsource" : "MISC",
"url" : "http://www.nukedx.com/?getxpl=35"
"name": "http://www.nukedx.com/?viewdoc=35",
"refsource": "MISC",
"url": "http://www.nukedx.com/?viewdoc=35"
},
{
"name" : "http://www.nukedx.com/?viewdoc=35",
"refsource" : "MISC",
"url" : "http://www.nukedx.com/?viewdoc=35"
"name": "ADV-2006-2036",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2036"
},
{
"name" : "18149",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18149"
"name": "http://www.nukedx.com/?getxpl=35",
"refsource": "MISC",
"url": "http://www.nukedx.com/?getxpl=35"
},
{
"name" : "ADV-2006-2036",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2036"
"name": "26100",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26100"
},
{
"name" : "26100",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26100"
"name": "f@cile-ppopupgallery-file-include(26839)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26839"
},
{
"name" : "20358",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20358"
"name": "18149",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18149"
},
{
"name" : "1010",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1010"
"name": "20358",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20358"
},
{
"name" : "f@cile-ppopupgallery-file-include(26839)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26839"
"name": "1010",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1010"
}
]
}

410
2006/2xxx/CVE-2006-2780.json
View File

@ -1,351 +1,351 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-2780",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2780",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via \"jsstr tagify,\" which leads to memory corruption."
"lang": "eng",
"value": "Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via \"jsstr tagify,\" which leads to memory corruption."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060602 rPSA-2006-0091-1 firefox thunderbird",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/435795/100/0/threaded"
"name": "27216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27216"
},
{
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html",
"refsource" : "CONFIRM",
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html"
"name": "20709",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20709"
},
{
"name" : "DSA-1118",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1118"
"name": "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html",
"refsource": "CONFIRM",
"url": "http://www.mozilla.org/security/announce/2006/mfsa2006-32.html"
},
{
"name" : "DSA-1120",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1120"
"name": "21176",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21176"
},
{
"name" : "DSA-1134",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2006/dsa-1134"
"name": "MDKSA-2006:145",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145"
},
{
"name" : "GLSA-200606-12",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml"
"name": "VU#466673",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/466673"
},
{
"name" : "GLSA-200606-21",
"refsource" : "GENTOO",
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml"
"name": "ADV-2006-3748",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3748"
},
{
"name" : "HPSBUX02153",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
"name": "USN-297-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/297-3/"
},
{
"name" : "SSRT061181",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
"name": "mozilla-browserengine-memory-corruption(26843)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26843"
},
{
"name" : "HPSBUX02156",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
"name": "USN-296-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/296-1/"
},
{
"name" : "SSRT061236",
"refsource" : "HP",
"url" : "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
"name": "USN-323-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/323-1/"
},
{
"name" : "MDKSA-2006:143",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143"
"name": "20561",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20561"
},
{
"name" : "MDKSA-2006:145",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145"
"name": "oval:org.mitre.oval:def:11305",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11305"
},
{
"name" : "MDKSA-2006:146",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146"
"name": "TA06-153A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA06-153A.html"
},
{
"name" : "RHSA-2006:0578",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0578.html"
"name": "21210",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21210"
},
{
"name" : "RHSA-2006:0610",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0610.html"
"name": "RHSA-2006:0594",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html"
},
{
"name" : "RHSA-2006:0611",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0611.html"
"name": "21336",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21336"
},
{
"name" : "RHSA-2006:0609",
"refsource" : "REDHAT",
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0609.html"
"name": "20382",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20382"
},
{
"name" : "RHSA-2006:0594",
"refsource" : "REDHAT",
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0594.html"
"name": "1016214",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016214"
},
{
"name" : "102943",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1"
"name": "20060602 rPSA-2006-0091-1 firefox thunderbird",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded"
},
{
"name" : "200387",
"refsource" : "SUNALERT",
"url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200387-1"
"name": "ADV-2006-3749",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3749"
},
{
"name" : "SUSE-SA:2006:035",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html"
"name": "RHSA-2006:0610",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html"
},
{
"name" : "USN-296-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/296-1/"
"name": "20376",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20376"
},
{
"name" : "USN-297-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/297-1/"
"name": "MDKSA-2006:146",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:146"
},
{
"name" : "USN-296-2",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/296-2/"
"name": "RHSA-2006:0609",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html"
},
{
"name" : "USN-297-3",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/297-3/"
"name": "21178",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21178"
},
{
"name" : "USN-323-1",
"refsource" : "UBUNTU",
"url" : "https://usn.ubuntu.com/323-1/"
"name": "1016202",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016202"
},
{
"name" : "VU#466673",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/466673"
"name": "21607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21607"
},
{
"name" : "TA06-153A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA06-153A.html"
"name": "18228",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18228"
},
{
"name" : "18228",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18228"
"name": "21532",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21532"
},
{
"name" : "oval:org.mitre.oval:def:11305",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11305"
"name": "21270",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21270"
},
{
"name" : "ADV-2006-2106",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2106"
"name": "ADV-2008-0083",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0083"
},
{
"name" : "ADV-2006-3748",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3748"
"name": "ADV-2007-3488",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3488"
},
{
"name" : "ADV-2006-3749",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3749"
"name": "21188",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21188"
},
{
"name" : "ADV-2007-3488",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/3488"
"name": "21134",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21134"
},
{
"name" : "ADV-2008-0083",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2008/0083"
"name": "21631",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21631"
},
{
"name" : "1016202",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016202"
"name": "SSRT061181",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
},
{
"name" : "1016214",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016214"
"name": "SSRT061236",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
},
{
"name" : "20376",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20376"
"name": "USN-296-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/296-2/"
},
{
"name" : "20382",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20382"
"name": "GLSA-200606-21",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-21.xml"
},
{
"name" : "20561",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20561"
"name": "DSA-1118",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1118"
},
{
"name" : "20709",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20709"
"name": "HPSBUX02153",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
},
{
"name" : "21134",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21134"
"name": "200387",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200387-1"
},
{
"name" : "21183",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21183"
"name": "DSA-1120",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1120"
},
{
"name" : "21176",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21176"
"name": "RHSA-2006:0611",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html"
},
{
"name" : "21178",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21178"
"name": "HPSBUX02156",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/446657/100/200/threaded"
},
{
"name" : "21188",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21188"
"name": "DSA-1134",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1134"
},
{
"name" : "21210",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21210"
"name": "GLSA-200606-12",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml"
},
{
"name" : "21269",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21269"
"name": "21324",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21324"
},
{
"name" : "21270",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21270"
"name": "21183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21183"
},
{
"name" : "21336",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21336"
"name": "102943",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102943-1"
},
{
"name" : "21324",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21324"
"name": "22066",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22066"
},
{
"name" : "21532",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21532"
"name": "21269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21269"
},
{
"name" : "21607",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21607"
"name": "SUSE-SA:2006:035",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html"
},
{
"name" : "21631",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21631"
"name": "USN-297-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/297-1/"
},
{
"name" : "22065",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22065"
"name": "RHSA-2006:0578",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html"
},
{
"name" : "22066",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22066"
"name": "ADV-2006-2106",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2106"
},
{
"name" : "27216",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/27216"
"name": "MDKSA-2006:143",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143"
},
{
"name" : "mozilla-browserengine-memory-corruption(26843)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26843"
"name": "22065",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22065"
}
]
}

92
2006/3xxx/CVE-2006-3347.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3347",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3347",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP 1.3.4 allows remote attackers to execute arbitrary SQL commands via the id parameter."
"lang": "eng",
"value": "SQL injection vulnerability in index.php in deV!Lz Clanportal DZCP 1.3.4 allows remote attackers to execute arbitrary SQL commands via the id parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "1968",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/1968"
"name": "ADV-2006-2628",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2628"
},
{
"name" : "18762",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18762"
"name": "dzcp-index-sql-injection(27495)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27495"
},
{
"name" : "ADV-2006-2628",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2628"
"name": "20927",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20927"
},
{
"name" : "26952",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/26952"
"name": "1968",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1968"
},
{
"name" : "20927",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20927"
"name": "26952",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26952"
},
{
"name" : "dzcp-index-sql-injection(27495)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27495"
"name": "18762",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18762"
}
]
}

104
2006/3xxx/CVE-2006-3390.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3390",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3390",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the (1) wp-admin, (2) wp-content, and (3) wp-includes directories, possibly due to uninitialized variables."
"lang": "eng",
"value": "WordPress 2.0.3 allows remote attackers to obtain the installation path via a direct request to various files, such as those in the (1) wp-admin, (2) wp-content, and (3) wp-includes directories, possibly due to uninitialized variables."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060702 WordPress 2.0.3 SQL Error and Full Path Disclosure",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/438942/100/0/threaded"
"name": "1187",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1187"
},
{
"name" : "20060704 Re: WordPress 2.0.3 SQL Error and Full Path Disclosure",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/439062/100/0/threaded"
"name": "20928",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20928"
},
{
"name" : "GLSA-200608-19",
"refsource" : "GENTOO",
"url" : "http://security.gentoo.org/glsa/glsa-200608-19.xml"
"name": "21447",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21447"
},
{
"name" : "18779",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/18779"
"name": "18779",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18779"
},
{
"name" : "ADV-2006-2661",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/2661"
"name": "20060704 Re: WordPress 2.0.3 SQL Error and Full Path Disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/439062/100/0/threaded"
},
{
"name" : "20928",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/20928"
"name": "GLSA-200608-19",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200608-19.xml"
},
{
"name" : "21447",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21447"
"name": "ADV-2006-2661",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2661"
},
{
"name" : "1187",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1187"
"name": "20060702 WordPress 2.0.3 SQL Error and Full Path Disclosure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/438942/100/0/threaded"
}
]
}

122
2006/3xxx/CVE-2006-3448.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3448",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2006-3448",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a long Syllabus string in crafted bookmark link files (cbo, cbl, or .cbm), a different issue than CVE-2005-1212."
"lang": "eng",
"value": "Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a long Syllabus string in crafted bookmark link files (cbo, cbl, or .cbm), a different issue than CVE-2005-1212."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20070213 MS Interactive Training .cbo Overflow",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/460009/100/0/threaded"
"name": "ADV-2007-0574",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0574"
},
{
"name" : "MS07-005",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-005"
"name": "MS07-005",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-005"
},
{
"name" : "TA07-044A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
"name": "24121",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24121"
},
{
"name" : "VU#466873",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/466873"
"name": "ms-stepbystep-bookmark-bo(30596)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30596"
},
{
"name" : "22484",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/22484"
"name": "VU#466873",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/466873"
},
{
"name" : "ADV-2007-0574",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2007/0574"
"name": "oval:org.mitre.oval:def:162",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A162"
},
{
"name" : "31883",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/31883"
"name": "20070213 MS Interactive Training .cbo Overflow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/460009/100/0/threaded"
},
{
"name" : "oval:org.mitre.oval:def:162",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A162"
"name": "TA07-044A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
},
{
"name" : "1017632",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1017632"
"name": "22484",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22484"
},
{
"name" : "24121",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/24121"
"name": "1017632",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017632"
},
{
"name" : "ms-stepbystep-bookmark-bo(30596)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30596"
"name": "31883",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31883"
}
]
}

22
2006/3xxx/CVE-2006-3466.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3466",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2006-3466",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3600. Reason: This candidate is a reservation duplicate of CVE-2006-3600. Notes: All CVE users should reference CVE-2006-3600 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-3600. Reason: This candidate is a reservation duplicate of CVE-2006-3600. Notes: All CVE users should reference CVE-2006-3600 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

104
2006/3xxx/CVE-2006-3989.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-3989",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3989",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in index.php in Knusperleicht Shoutbox 4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sb_include_path parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
"name": "20060801 [Kurdish Security # 21] ShoutBox v4.4 Remote Command Execution",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/441815/100/0/threaded"
},
{
"name" : "2103",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2103"
"name": "2103",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2103"
},
{
"name" : "19273",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19273"
"name": "shoutbox-index-file-include(28123)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
},
{
"name" : "ADV-2006-3090",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3090"
"name": "19273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19273"
},
{
"name" : "27709",
"refsource" : "OSVDB",
"url" : "http://www.osvdb.org/27709"
"name": "27709",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27709"
},
{
"name" : "21302",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21302"
"name": "1325",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1325"
},
{
"name" : "1325",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1325"
"name": "21302",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21302"
},
{
"name" : "shoutbox-index-file-include(28123)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28123"
"name": "ADV-2006-3090",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3090"
}
]
}

86
2006/4xxx/CVE-2006-4057.json
View File

@ -1,81 +1,81 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4057",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4057",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Buffer overflow in the preview_create function in gui.cpp in Mitch Murray Eremove 1.4 allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a large email attachment."
"lang": "eng",
"value": "Buffer overflow in the preview_create function in gui.cpp in Mitch Murray Eremove 1.4 allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a large email attachment."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060804 [ECHO_ADV_42$2006] BufferOverflow in Eremove Client",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/442220/100/0/threaded"
"name": "http://advisories.echo.or.id/adv/adv42-theday-2006.txt",
"refsource": "MISC",
"url": "http://advisories.echo.or.id/adv/adv42-theday-2006.txt"
},
{
"name" : "http://advisories.echo.or.id/adv/adv42-theday-2006.txt",
"refsource" : "MISC",
"url" : "http://advisories.echo.or.id/adv/adv42-theday-2006.txt"
"name": "19352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19352"
},
{
"name" : "19352",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19352"
"name": "1368",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1368"
},
{
"name" : "1016640",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1016640"
"name": "1016640",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016640"
},
{
"name" : "1368",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/1368"
"name": "20060804 [ECHO_ADV_42$2006] BufferOverflow in Eremove Client",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442220/100/0/threaded"
}
]
}

92
2006/4xxx/CVE-2006-4122.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4122",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4122",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Simple one-file guestbook 1.0 and earlier allows remote attackers to bypass authentication and delete guestbook entries via a modified id parameter to guestbook.php."
"lang": "eng",
"value": "Simple one-file guestbook 1.0 and earlier allows remote attackers to bypass authentication and delete guestbook entries via a modified id parameter to guestbook.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060809 Simple one-file GuestBook 1.0",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/442884/100/0/threaded"
"name": "20060809 Simple one-file GuestBook 1.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/442884/100/0/threaded"
},
{
"name" : "http://it.security.netsons.org/exploit/simplegb.txt",
"refsource" : "MISC",
"url" : "http://it.security.netsons.org/exploit/simplegb.txt"
"name": "ADV-2006-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3229"
},
{
"name" : "19437",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19437"
"name": "19437",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19437"
},
{
"name" : "ADV-2006-3229",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3229"
"name": "http://it.security.netsons.org/exploit/simplegb.txt",
"refsource": "MISC",
"url": "http://it.security.netsons.org/exploit/simplegb.txt"
},
{
"name" : "21429",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21429"
"name": "simple-guestbook-authentication-bypass(28289)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28289"
},
{
"name" : "simple-guestbook-authentication-bypass(28289)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/28289"
"name": "21429",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21429"
}
]
}

116
2006/4xxx/CVE-2006-4481.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4481",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4481",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017."
"lang": "eng",
"value": "The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.php.net/release_5_1_5.php",
"refsource" : "CONFIRM",
"url" : "http://www.php.net/release_5_1_5.php"
"name": "http://www.php.net/release_5_1_5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/release_5_1_5.php"
},
{
"name" : "MDKSA-2006:162",
"refsource" : "MANDRIVA",
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:162"
"name": "21768",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21768"
},
{
"name" : "SUSE-SA:2006:052",
"refsource" : "SUSE",
"url" : "http://www.novell.com/linux/security/advisories/2006_52_php.html"
"name": "USN-342-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-342-1"
},
{
"name" : "USN-342-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/usn-342-1"
"name": "22039",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22039"
},
{
"name" : "19582",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/19582"
"name": "MDKSA-2006:162",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:162"
},
{
"name" : "ADV-2006-3318",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/3318"
"name": "19582",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19582"
},
{
"name" : "21546",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21546"
"name": "21546",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21546"
},
{
"name" : "21768",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21768"
"name": "ADV-2006-3318",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3318"
},
{
"name" : "21842",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/21842"
"name": "21842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21842"
},
{
"name" : "22039",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/22039"
"name": "SUSE-SA:2006:052",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_52_php.html"
}
]
}

98
2006/4xxx/CVE-2006-4518.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-4518",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4518",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop."
"lang": "eng",
"value": "Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061126 Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=444"
"name": "21295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21295"
},
{
"name" : "http://forums.qbik.com/viewtopic.php?t=4215",
"refsource" : "CONFIRM",
"url" : "http://forums.qbik.com/viewtopic.php?t=4215"
"name": "20061126 Qbik WinGate Compressed Name Pointer Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=444"
},
{
"name" : "21295",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21295"
"name": "1017284",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017284"
},
{
"name" : "ADV-2006-4711",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4711"
"name": "http://forums.qbik.com/viewtopic.php?t=4215",
"refsource": "CONFIRM",
"url": "http://forums.qbik.com/viewtopic.php?t=4215"
},
{
"name" : "1017284",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017284"
"name": "qbik-name-pointer-dos(30491)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30491"
},
{
"name" : "23029",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23029"
"name": "ADV-2006-4711",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4711"
},
{
"name" : "qbik-name-pointer-dos(30491)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30491"
"name": "23029",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23029"
}
]
}

110
2006/6xxx/CVE-2006-6299.json
View File

@ -1,101 +1,101 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6299",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6299",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow."
"lang": "eng",
"value": "Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061201 Novell ZENworks Asset Management Collection Client Heap Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=447"
"name": "ADV-2006-4829",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4829"
},
{
"name" : "20061201 Novell ZENworks Asset Management Msg.dll Heap Overflow Vulnerability",
"refsource" : "IDEFENSE",
"url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=448"
"name": "20061201 Novell ZENworks Asset Management Msg.dll Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=448"
},
{
"name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974824.htm",
"refsource" : "CONFIRM",
"url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974824.htm"
"name": "20061201 Novell ZENworks Asset Management Collection Client Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=447"
},
{
"name" : "21395",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21395"
"name": "1017326",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017326"
},
{
"name" : "21400",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21400"
"name": "23157",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23157"
},
{
"name" : "ADV-2006-4829",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/4829"
"name": "zenworks-assetmanagement-collection-bo(30665)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30665"
},
{
"name" : "1017326",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017326"
"name": "21400",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21400"
},
{
"name" : "23157",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23157"
"name": "21395",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21395"
},
{
"name" : "zenworks-assetmanagement-collection-bo(30665)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30665"
"name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974824.htm",
"refsource": "CONFIRM",
"url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974824.htm"
}
]
}

74
2006/6xxx/CVE-2006-6403.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6403",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6403",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "mystats.php in MyStats 1.0.8 and earlier allows remote attackers to obtain the installation path via (1) details and (2) by array parameters, probably resulting in a path disclosure in an error message."
"lang": "eng",
"value": "mystats.php in MyStats 1.0.8 and earlier allows remote attackers to obtain the installation path via (1) details and (2) by array parameters, probably resulting in a path disclosure in an error message."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20061112 MyStats <=1.0.8 [injection sql, multiples xss, array & full path",
"refsource" : "BUGTRAQ",
"url" : "http://marc.info/?l=bugtraq&m=116344068502988&w=2"
"name": "mystats-mystats-path-disclosure(30213)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30213"
},
{
"name" : "1017210",
"refsource" : "SECTRACK",
"url" : "http://securitytracker.com/id?1017210"
"name": "1017210",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017210"
},
{
"name" : "mystats-mystats-path-disclosure(30213)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30213"
"name": "20061112 MyStats <=1.0.8 [injection sql, multiples xss, array & full path",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=116344068502988&w=2"
}
]
}

92
2006/6xxx/CVE-2006-6715.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-6715",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6715",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the settings[footer] parameter."
"lang": "eng",
"value": "PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the settings[footer] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20080324 [DSECRG-08-020] RFI-LFI in PowerClan 1.14a",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/490009/100/0/threaded"
"name": "2973",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2973"
},
{
"name" : "2973",
"refsource" : "EXPLOIT-DB",
"url" : "https://www.exploit-db.com/exploits/2973"
"name": "23450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23450"
},
{
"name" : "20061222 Source verify of PowerClan RFI",
"refsource" : "VIM",
"url" : "http://www.attrition.org/pipermail/vim/2006-December/001194.html"
"name": "ADV-2006-5119",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/5119"
},
{
"name" : "21707",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/21707"
"name": "21707",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21707"
},
{
"name" : "ADV-2006-5119",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2006/5119"
"name": "20080324 [DSECRG-08-020] RFI-LFI in PowerClan 1.14a",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490009/100/0/threaded"
},
{
"name" : "23450",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/23450"
"name": "20061222 Source verify of PowerClan RFI",
"refsource": "VIM",
"url": "http://www.attrition.org/pipermail/vim/2006-December/001194.html"
}
]
}

92
2006/7xxx/CVE-2006-7037.json
View File

@ -1,86 +1,86 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2006-7037",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-7037",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the \"is-locked\" attribute, and (4) view locked data, which is stored in plaintext."
"lang": "eng",
"value": "Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the \"is-locked\" attribute, and (4) view locked data, which is stored in plaintext."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20060608 Mathcad Area Lock Vulnerability",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/436441/30/4560/threaded"
"name": "mathcad-locked-area-security-bypass(27118)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27118"
},
{
"name" : "2305",
"refsource" : "SREASON",
"url" : "http://securityreason.com/securityalert/2305"
"name": "2305",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2305"
},
{
"name" : "mathcad-area-password-security-bypass(27115)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27115"
"name": "mathcad-timestamp-security-bypass(27116)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27116"
},
{
"name" : "mathcad-islocked-security-bypass(27117)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27117"
"name": "mathcad-area-password-security-bypass(27115)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27115"
},
{
"name" : "mathcad-locked-area-security-bypass(27118)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27118"
"name": "20060608 Mathcad Area Lock Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/436441/30/4560/threaded"
},
{
"name" : "mathcad-timestamp-security-bypass(27116)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/27116"
"name": "mathcad-islocked-security-bypass(27117)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27117"
}
]
}

68
2010/2xxx/CVE-2010-2197.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2010-2197",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2197",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag."
"lang": "eng",
"value": "rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows user-assisted remote attackers to remove home directories via vectors involving a ;~ (semicolon tilde) sequence in a Name tag."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=125517",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=125517"
"name": "rpm-rpmbuild-weak-security(59423)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59423"
},
{
"name" : "rpm-rpmbuild-weak-security(59423)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/59423"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=125517",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=125517"
}
]
}

98
2011/0xxx/CVE-2011-0029.json
View File

@ -1,91 +1,91 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0029",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-0029",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka \"Remote Desktop Insecure Library Loading Vulnerability.\""
"lang": "eng",
"value": "Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka \"Remote Desktop Insecure Library Loading Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS11-017",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-017"
"name": "MS11-017",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-017"
},
{
"name" : "TA11-067A",
"refsource" : "CERT",
"url" : "http://www.us-cert.gov/cas/techalerts/TA11-067A.html"
"name": "oval:org.mitre.oval:def:12480",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12480"
},
{
"name" : "71014",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/71014"
"name": "71014",
"refsource": "OSVDB",
"url": "http://osvdb.org/71014"
},
{
"name" : "oval:org.mitre.oval:def:12480",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12480"
"name": "ADV-2011-0616",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0616"
},
{
"name" : "1025172",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025172"
"name": "TA11-067A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-067A.html"
},
{
"name" : "43628",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43628"
"name": "43628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43628"
},
{
"name" : "ADV-2011-0616",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0616"
"name": "1025172",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025172"
}
]
}

134
2011/0xxx/CVE-2011-0531.json
View File

@ -1,121 +1,121 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0531",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0531",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to \"class mismatching\" and the MKV_IS_ID macro."
"lang": "eng",
"value": "demux/mkv/mkv.hpp in the MKV demuxer plugin in VideoLAN VLC media player 1.1.6.1 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary commands via a crafted MKV (WebM or Matroska) file that triggers memory corruption, related to \"class mismatching\" and the MKV_IS_ID macro."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20110131 CVE request: code execution in VLC media player",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/01/31/4"
"name": "70698",
"refsource": "OSVDB",
"url": "http://osvdb.org/70698"
},
{
"name" : "[oss-security] 20110131 Re: CVE request: code execution in VLC media player",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2011/01/31/8"
"name": "ADV-2011-0363",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0363"
},
{
"name" : "http://git.videolan.org/?p=vlc.git;a=commit;h=59491dcedffbf97612d2c572943b56ee4289dd07",
"refsource" : "CONFIRM",
"url" : "http://git.videolan.org/?p=vlc.git;a=commit;h=59491dcedffbf97612d2c572943b56ee4289dd07"
"name": "43242",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43242"
},
{
"name" : "http://www.videolan.org/security/sa1102.html",
"refsource" : "CONFIRM",
"url" : "http://www.videolan.org/security/sa1102.html"
"name": "oval:org.mitre.oval:def:12415",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12415"
},
{
"name" : "DSA-2159",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2159"
"name": "DSA-2159",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2159"
},
{
"name" : "46060",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46060"
"name": "http://www.videolan.org/security/sa1102.html",
"refsource": "CONFIRM",
"url": "http://www.videolan.org/security/sa1102.html"
},
{
"name" : "70698",
"refsource" : "OSVDB",
"url" : "http://osvdb.org/70698"
"name": "vlc-mkv-code-execution(65045)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65045"
},
{
"name" : "oval:org.mitre.oval:def:12415",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12415"
"name": "43131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43131"
},
{
"name" : "1025018",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025018"
"name": "[oss-security] 20110131 CVE request: code execution in VLC media player",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/01/31/4"
},
{
"name" : "43131",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43131"
"name": "1025018",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025018"
},
{
"name" : "43242",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43242"
"name": "46060",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46060"
},
{
"name" : "ADV-2011-0363",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0363"
"name": "http://git.videolan.org/?p=vlc.git;a=commit;h=59491dcedffbf97612d2c572943b56ee4289dd07",
"refsource": "CONFIRM",
"url": "http://git.videolan.org/?p=vlc.git;a=commit;h=59491dcedffbf97612d2c572943b56ee4289dd07"
},
{
"name" : "vlc-mkv-code-execution(65045)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/65045"
"name": "[oss-security] 20110131 Re: CVE request: code execution in VLC media player",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/01/31/8"
}
]
}

22
2011/0xxx/CVE-2011-0948.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-0948",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0948",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

116
2011/1xxx/CVE-2011-1400.json
View File

@ -1,106 +1,106 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1400",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1400",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote attackers to execute arbitrary code via a crafted TeX document."
"lang": "eng",
"value": "The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote attackers to execute arbitrary code via a crafted TeX document."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://svn.debian.org/wsvn/debian-tex/?op=comp&compare[]=%2Ftex-common%2Ftrunk@4781&compare[]=%2Ftex-common%2Ftrunk@4812",
"refsource" : "CONFIRM",
"url" : "http://svn.debian.org/wsvn/debian-tex/?op=comp&compare[]=%2Ftex-common%2Ftrunk@4781&compare[]=%2Ftex-common%2Ftrunk@4812"
"name": "texcommon-shellescapecommands-ce(66249)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66249"
},
{
"name" : "http://svn.debian.org/wsvn/debian-tex/tex-common/trunk/?op=log",
"refsource" : "CONFIRM",
"url" : "http://svn.debian.org/wsvn/debian-tex/tex-common/trunk/?op=log"
"name": "43973",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43973"
},
{
"name" : "DSA-2198",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2011/dsa-2198"
"name": "http://svn.debian.org/wsvn/debian-tex/?op=comp&compare[]=%2Ftex-common%2Ftrunk@4781&compare[]=%2Ftex-common%2Ftrunk@4812",
"refsource": "CONFIRM",
"url": "http://svn.debian.org/wsvn/debian-tex/?op=comp&compare[]=%2Ftex-common%2Ftrunk@4781&compare[]=%2Ftex-common%2Ftrunk@4812"
},
{
"name" : "USN-1103-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-1103-1"
"name": "46986",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46986"
},
{
"name" : "46986",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/46986"
"name": "ADV-2011-0731",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0731"
},
{
"name" : "43816",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43816"
"name": "http://svn.debian.org/wsvn/debian-tex/tex-common/trunk/?op=log",
"refsource": "CONFIRM",
"url": "http://svn.debian.org/wsvn/debian-tex/tex-common/trunk/?op=log"
},
{
"name" : "43973",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/43973"
"name": "USN-1103-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1103-1"
},
{
"name" : "ADV-2011-0731",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0731"
"name": "DSA-2198",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2198"
},
{
"name" : "ADV-2011-0861",
"refsource" : "VUPEN",
"url" : "http://www.vupen.com/english/advisories/2011/0861"
"name": "ADV-2011-0861",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0861"
},
{
"name" : "texcommon-shellescapecommands-ce(66249)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/66249"
"name": "43816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43816"
}
]
}

80
2011/1xxx/CVE-2011-1450.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1450",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-1450",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to \"dangling pointers.\""
"lang": "eng",
"value": "Google Chrome before 11.0.696.57 does not properly present file dialogs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to \"dangling pointers.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://code.google.com/p/chromium/issues/detail?id=77349",
"refsource" : "CONFIRM",
"url" : "http://code.google.com/p/chromium/issues/detail?id=77349"
"name": "google-chrome-file-dialogs-dos(67157)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67157"
},
{
"name" : "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html",
"refsource" : "CONFIRM",
"url" : "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html"
"name": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html",
"refsource": "CONFIRM",
"url": "http://googlechromereleases.blogspot.com/2011/04/chrome-stable-update.html"
},
{
"name" : "oval:org.mitre.oval:def:14633",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14633"
"name": "oval:org.mitre.oval:def:14633",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14633"
},
{
"name" : "google-chrome-file-dialogs-dos(67157)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67157"
"name": "http://code.google.com/p/chromium/issues/detail?id=77349",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/chromium/issues/detail?id=77349"
}
]
}

68
2011/1xxx/CVE-2011-1649.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1649",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-1649",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Internet Streamer application in Cisco Content Delivery System (CDS) with software 2.5.7, 2.5.8, and 2.5.9 before build 126 allows remote attackers to cause a denial of service (Web Engine crash) via a crafted URL, aka Bug IDs CSCtg67333 and CSCth25341."
"lang": "eng",
"value": "The Internet Streamer application in Cisco Content Delivery System (CDS) with software 2.5.7, 2.5.8, and 2.5.9 before build 126 allows remote attackers to cause a denial of service (Web Engine crash) via a crafted URL, aka Bug IDs CSCtg67333 and CSCth25341."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110525 Cisco Content Delivery System Internet Streamer: Web Server Vulnerability",
"refsource" : "CISCO",
"url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f18b.shtml"
"name": "20110525 Cisco Content Delivery System Internet Streamer: Web Server Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b7f18b.shtml"
},
{
"name" : "1025564",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1025564"
"name": "1025564",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025564"
}
]
}

74
2011/1xxx/CVE-2011-1985.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-1985",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2011-1985",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka \"Win32k Null Pointer De-reference Vulnerability.\""
"lang": "eng",
"value": "win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka \"Win32k Null Pointer De-reference Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS11-077",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-077"
"name": "1026165",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026165"
},
{
"name" : "oval:org.mitre.oval:def:12935",
"refsource" : "OVAL",
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12935"
"name": "MS11-077",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-077"
},
{
"name" : "1026165",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id?1026165"
"name": "oval:org.mitre.oval:def:12935",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12935"
}
]
}

80
2011/3xxx/CVE-2011-3593.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-3593",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3593",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A certain Red Hat patch to the vlan_hwaccel_do_receive function in net/8021q/vlan_core.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows remote attackers to cause a denial of service (system crash) via priority-tagged VLAN frames."
"lang": "eng",
"value": "A certain Red Hat patch to the vlan_hwaccel_do_receive function in net/8021q/vlan_core.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows remote attackers to cause a denial of service (system crash) via priority-tagged VLAN frames."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20120305 CVE-2011-3593 kernel: vlan: fix panic when handling priority tagged frames",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2012/03/05/3"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=742846",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=742846"
},
{
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=742846",
"refsource" : "CONFIRM",
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=742846"
"name": "[oss-security] 20120305 CVE-2011-3593 kernel: vlan: fix panic when handling priority tagged frames",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/05/3"
},
{
"name" : "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=0e48f8daac293335e16e007663b9f4d248f89f0c",
"refsource" : "CONFIRM",
"url" : "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=0e48f8daac293335e16e007663b9f4d248f89f0c"
"name": "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=fadca7bdc43b02f518585d9547019966415cadfd",
"refsource": "CONFIRM",
"url": "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=fadca7bdc43b02f518585d9547019966415cadfd"
},
{
"name" : "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=fadca7bdc43b02f518585d9547019966415cadfd",
"refsource" : "CONFIRM",
"url" : "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=fadca7bdc43b02f518585d9547019966415cadfd"
"name": "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=0e48f8daac293335e16e007663b9f4d248f89f0c",
"refsource": "CONFIRM",
"url": "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=0e48f8daac293335e16e007663b9f4d248f89f0c"
}
]
}

22
2011/4xxx/CVE-2011-4242.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4242",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4242",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2011/4xxx/CVE-2011-4533.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4533",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-4533",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "zenAdminSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted packet to TCP port 50777, aka Reference Number 25240."
"lang": "eng",
"value": "zenAdminSrv.exe in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted packet to TCP port 50777, aka Reference Number 25240."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf",
"refsource" : "MISC",
"url" : "http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf"
"name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf",
"refsource": "MISC",
"url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-013-01.pdf"
},
{
"name" : "47892",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/47892"
"name": "47892",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47892"
}
]
}

22
2011/4xxx/CVE-2011-4779.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4779",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-4779",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4642. Reason: This candidate is a reservation duplicate of CVE-2011-4642. Notes: All CVE users should reference CVE-2011-4642 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4642. Reason: This candidate is a reservation duplicate of CVE-2011-4642. Notes: All CVE users should reference CVE-2011-4642 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

22
2011/4xxx/CVE-2011-4982.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-4982",
"STATE" : "REJECT"
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2011-4982",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
"lang": "eng",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none."
}
]
}

80
2011/5xxx/CVE-2011-5073.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2011-5073",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5073",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to inject arbitrary web script or HTML via the (1) mode parameter to contact_support.php; (2) contractid parameter to contract_add_service.php; (3) user parameter to edit_backup_users.php; (4) id parameter to edit_escalation_path.php; the Referer to (5) forgotpwd.php, (6) an approvalpage action to billable_incidents.php, or (7) transactions.php; (8) action parameter to inbox.php; (9) search_string parameter in a findcontact action to incident_add.php; table1 parameter to (10) report_customers.php, (11) report_incidents_by_engineer.php, (12) report_incidents_by_site.php, or (13) report_marketing.php; or the (14) startdate or (15) enddate parameter to report_incidents_by_vendor.php."
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to inject arbitrary web script or HTML via the (1) mode parameter to contact_support.php; (2) contractid parameter to contract_add_service.php; (3) user parameter to edit_backup_users.php; (4) id parameter to edit_escalation_path.php; the Referer to (5) forgotpwd.php, (6) an approvalpage action to billable_incidents.php, or (7) transactions.php; (8) action parameter to inbox.php; (9) search_string parameter in a findcontact action to incident_add.php; table1 parameter to (10) report_customers.php, (11) report_incidents_by_engineer.php, (12) report_incidents_by_site.php, or (13) report_marketing.php; or the (14) startdate or (15) enddate parameter to report_incidents_by_vendor.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20110914 Multiple vulnerabilities in SiT! Support Incident Tracker",
"refsource" : "BUGTRAQ",
"url" : "http://www.securityfocus.com/archive/1/519636"
"name": "http://sitracker.org/wiki/ReleaseNotes365",
"refsource": "CONFIRM",
"url": "http://sitracker.org/wiki/ReleaseNotes365"
},
{
"name" : "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_sit_support_incident_tracker.html",
"refsource" : "MISC",
"url" : "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_sit_support_incident_tracker.html"
"name": "20110914 Multiple vulnerabilities in SiT! Support Incident Tracker",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/519636"
},
{
"name" : "http://sitracker.org/wiki/ReleaseNotes365",
"refsource" : "CONFIRM",
"url" : "http://sitracker.org/wiki/ReleaseNotes365"
"name": "46019",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46019"
},
{
"name" : "46019",
"refsource" : "SECUNIA",
"url" : "http://secunia.com/advisories/46019"
"name": "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_sit_support_incident_tracker.html",
"refsource": "MISC",
"url": "https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_sit_support_incident_tracker.html"
}
]
}

62
2013/5xxx/CVE-2013-5049.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5049",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2013-5049",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
"lang": "eng",
"value": "Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "MS13-097",
"refsource" : "MS",
"url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097"
"name": "MS13-097",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-097"
}
]
}

68
2013/5xxx/CVE-2013-5496.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2013-5496",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-5496",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote authenticated users to cause a denial of service (network-element reload) via a crafted packet, aka Bug ID CSCui51551."
"lang": "eng",
"value": "Open Network Environment Platform (ONEP) in Cisco NX-OS allows remote authenticated users to cause a denial of service (network-element reload) via a crafted packet, aka Bug ID CSCui51551."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20130913 Cisco Open Network Environment Platform Unvalidated Pointer Vulnerability",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5496"
"name": "1029036",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029036"
},
{
"name" : "1029036",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1029036"
"name": "20130913 Cisco Open Network Environment Platform Unvalidated Pointer Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5496"
}
]
}

62
2014/2xxx/CVE-2014-2128.json
View File

@ -1,61 +1,61 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2128",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2128",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2) allows remote attackers to bypass authentication via (1) a crafted cookie value within modified HTTP POST data or (2) a crafted URL, aka Bug ID CSCua85555."
"lang": "eng",
"value": "The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47, 8.3 before 8.3(2.40), 8.4 before 8.4(7.3), 8.6 before 8.6(1.13), 9.0 before 9.0(3.8), and 9.1 before 9.1(3.2) allows remote attackers to bypass authentication via (1) a crafted cookie value within modified HTTP POST data or (2) a crafted URL, aka Bug ID CSCua85555."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "20140409 Multiple Vulnerabilities in Cisco ASA Software",
"refsource" : "CISCO",
"url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa"
"name": "20140409 Multiple Vulnerabilities in Cisco ASA Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-asa"
}
]
}

22
2014/2xxx/CVE-2014-2394.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-2394",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2394",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

68
2014/6xxx/CVE-2014-6050.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6050",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6050",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "phpMyFAQ before 2.8.13 allows remote attackers to bypass the CAPTCHA protection mechanism by replaying the request."
"lang": "eng",
"value": "phpMyFAQ before 2.8.13 allows remote attackers to bypass the CAPTCHA protection mechanism by replaying the request."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://techdefencelabs.com/security-advisories.html",
"refsource" : "MISC",
"url" : "http://techdefencelabs.com/security-advisories.html"
"name": "http://techdefencelabs.com/security-advisories.html",
"refsource": "MISC",
"url": "http://techdefencelabs.com/security-advisories.html"
},
{
"name" : "https://www.phpmyfaq.de/security/advisory-2014-09-16",
"refsource" : "CONFIRM",
"url" : "https://www.phpmyfaq.de/security/advisory-2014-09-16"
"name": "https://www.phpmyfaq.de/security/advisory-2014-09-16",
"refsource": "CONFIRM",
"url": "https://www.phpmyfaq.de/security/advisory-2014-09-16"
}
]
}

80
2014/6xxx/CVE-2014-6268.json
View File

@ -1,76 +1,76 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6268",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6268",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest users to cause a denial of service (host crash) via vectors involving an uninitialized FIFO-based event channel control block when (1) binding or (2) moving an event to a different VCPU."
"lang": "eng",
"value": "The evtchn_fifo_set_pending function in Xen 4.4.x allows local guest users to cause a denial of service (host crash) via vectors involving an uninitialized FIFO-based event channel control block when (1) binding or (2) moving an event to a different VCPU."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://xenbits.xen.org/xsa/advisory-107.html",
"refsource" : "CONFIRM",
"url" : "http://xenbits.xen.org/xsa/advisory-107.html"
"name": "1030829",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030829"
},
{
"name" : "69753",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/69753"
"name": "http://xenbits.xen.org/xsa/advisory-107.html",
"refsource": "CONFIRM",
"url": "http://xenbits.xen.org/xsa/advisory-107.html"
},
{
"name" : "1030829",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1030829"
"name": "xen-fifo-dos(95837)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95837"
},
{
"name" : "xen-fifo-dos(95837)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95837"
"name": "69753",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69753"
}
]
}

68
2014/6xxx/CVE-2014-6467.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6467",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2014-6467",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-6453, CVE-2014-6545, and CVE-2014-6560."
"lang": "eng",
"value": "Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-6453, CVE-2014-6545, and CVE-2014-6560."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource" : "CONFIRM",
"url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"name" : "70514",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/70514"
"name": "70514",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70514"
}
]
}

68
2014/6xxx/CVE-2014-6604.json
View File

@ -1,66 +1,66 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6604",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-6604",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in the Subscribe2 plugin before 10.16 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ip parameter."
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in the Subscribe2 plugin before 10.16 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ip parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "http://barmat.io/blog/2014/10/01/stored-xss-vulnerability-in-the-wordpress-plugin-subscribe2/",
"refsource" : "MISC",
"url" : "http://barmat.io/blog/2014/10/01/stored-xss-vulnerability-in-the-wordpress-plugin-subscribe2/"
"name": "https://plugins.trac.wordpress.org/changeset/993564/subscribe2",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/993564/subscribe2"
},
{
"name" : "https://plugins.trac.wordpress.org/changeset/993564/subscribe2",
"refsource" : "CONFIRM",
"url" : "https://plugins.trac.wordpress.org/changeset/993564/subscribe2"
"name": "http://barmat.io/blog/2014/10/01/stored-xss-vulnerability-in-the-wordpress-plugin-subscribe2/",
"refsource": "MISC",
"url": "http://barmat.io/blog/2014/10/01/stored-xss-vulnerability-in-the-wordpress-plugin-subscribe2/"
}
]
}

74
2014/6xxx/CVE-2014-6664.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-6664",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-6664",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Latin Angels Music HD (aka com.applizards.lafreetj) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Latin Angels Music HD (aka com.applizards.lafreetj) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#356161",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/356161"
},
{
"name" : "VU#356161",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/356161"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7374.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7374",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7374",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The SPIN - Motion Comic (aka me.narr8.android.serial.spin) application 2.1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The SPIN - Motion Comic (aka me.narr8.android.serial.spin) application 2.1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#231201",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/231201"
},
{
"name" : "VU#231201",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/231201"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7469.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7469",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7469",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Best Beginning (aka com.bbbeta) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Best Beginning (aka com.bbbeta) application 2.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#789825",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/789825"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#789825",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/789825"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7608.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7608",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7608",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Carrier Enterprise HVAC Assist (aka com.es.CE) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Carrier Enterprise HVAC Assist (aka com.es.CE) application 4.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#770465",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/770465"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#770465",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/770465"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2014/7xxx/CVE-2014-7713.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7713",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7713",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The Skin&Ink Magazine (aka com.triactivemedia.skinandink) application @7F08017A for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The Skin&Ink Magazine (aka com.triactivemedia.skinandink) application @7F08017A for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"name" : "VU#609337",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/609337"
"name": "VU#609337",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/609337"
}
]
}

74
2014/7xxx/CVE-2014-7771.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2014-7771",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-7771",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The World Tamil Bayan (aka com.wWorldTamilBayan) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
"lang": "eng",
"value": "The World Tamil Bayan (aka com.wWorldTamilBayan) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource" : "MISC",
"url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
"name": "VU#984569",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/984569"
},
{
"name" : "VU#582497",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/582497"
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name" : "VU#984569",
"refsource" : "CERT-VN",
"url" : "http://www.kb.cert.org/vuls/id/984569"
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}

74
2017/0xxx/CVE-2017-0337.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@nvidia.com",
"ID" : "CVE-2017-0337",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@nvidia.com",
"ID": "CVE-2017-0337",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Kernel-3.18"
"version_value": "Kernel-3.18"
}
]
}
}
]
},
"vendor_name" : "Nvidia Corporation"
"vendor_name": "Nvidia Corporation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-31992762. References: N-CVE-2017-0337."
"lang": "eng",
"value": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-31992762. References: N-CVE-2017-0337."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Elevation of Privilege"
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-03-01.html",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-03-01.html"
"name": "1037968",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037968"
},
{
"name" : "96723",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96723"
"name": "96723",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96723"
},
{
"name" : "1037968",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037968"
"name": "https://source.android.com/security/bulletin/2017-03-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-03-01.html"
}
]
}

80
2017/0xxx/CVE-2017-0487.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@google.com",
"ID" : "CVE-2017-0487",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2017-0487",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Android",
"version" : {
"version_data" : [
"product_name": "Android",
"version": {
"version_data": [
{
"version_value" : "Android-6.0"
"version_value": "Android-6.0"
},
{
"version_value" : "Android-6.0.1"
"version_value": "Android-6.0.1"
},
{
"version_value" : "Android-7.0"
"version_value": "Android-7.0"
},
{
"version_value" : "Android-7.1.1"
"version_value": "Android-7.1.1"
}
]
}
}
]
},
"vendor_name" : "Google Inc."
"vendor_name": "Google Inc."
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33751193."
"lang": "eng",
"value": "A denial of service vulnerability in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33751193."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of service"
"lang": "eng",
"value": "Denial of service"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://source.android.com/security/bulletin/2017-03-01",
"refsource" : "CONFIRM",
"url" : "https://source.android.com/security/bulletin/2017-03-01"
"name": "https://source.android.com/security/bulletin/2017-03-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-03-01"
},
{
"name" : "96733",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/96733"
"name": "1037968",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037968"
},
{
"name" : "1037968",
"refsource" : "SECTRACK",
"url" : "http://www.securitytracker.com/id/1037968"
"name": "96733",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96733"
}
]
}

22
2017/0xxx/CVE-2017-0958.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-0958",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-0958",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

66
2017/18xxx/CVE-2017-18103.json
View File

@ -1,63 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@atlassian.com",
"DATE_PUBLIC" : "2018-07-18T00:00:00",
"ID" : "CVE-2017-18103",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "security@atlassian.com",
"DATE_PUBLIC": "2018-07-18T00:00:00",
"ID": "CVE-2017-18103",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "atlassian-http",
"version" : {
"version_data" : [
"product_name": "atlassian-http",
"version": {
"version_data": [
{
"version_affected" : "<",
"version_value" : "2.0.2"
"version_affected": "<",
"version_value": "2.0.2"
}
]
}
}
]
},
"vendor_name" : "Atlassian"
"vendor_name": "Atlassian"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "The atlassian-http library, as used in various Atlassian products, before version 2.0.2 allows remote attackers to spoof web content in the Mozilla Firefox Browser through uploaded files that have a content-type of application/mathml+xml."
"lang": "eng",
"value": "The atlassian-http library, as used in various Atlassian products, before version 2.0.2 allows remote attackers to spoof web content in the Mozilla Firefox Browser through uploaded files that have a content-type of application/mathml+xml."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Content Spoofing"
"lang": "eng",
"value": "Content Spoofing"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://jira.atlassian.com/browse/HTTP-3",
"refsource" : "CONFIRM",
"url" : "https://jira.atlassian.com/browse/HTTP-3"
"name": "https://jira.atlassian.com/browse/HTTP-3",
"refsource": "CONFIRM",
"url": "https://jira.atlassian.com/browse/HTTP-3"
}
]
}

22
2017/1xxx/CVE-2017-1042.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1042",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1042",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

22
2017/1xxx/CVE-2017-1052.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1052",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1052",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

116
2017/1xxx/CVE-2017-1524.json
View File

@ -1,111 +1,111 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2018-03-20T00:00:00",
"ID" : "CVE-2017-1524",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-03-20T00:00:00",
"ID": "CVE-2017-1524",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Rational Collaborative Lifecycle Management",
"version" : {
"version_data" : [
"product_name": "Rational Collaborative Lifecycle Management",
"version": {
"version_data": [
{
"version_value" : "5.0"
"version_value": "5.0"
},
{
"version_value" : "5.0.1"
"version_value": "5.0.1"
},
{
"version_value" : "5.0.2"
"version_value": "5.0.2"
},
{
"version_value" : "6.0"
"version_value": "6.0"
},
{
"version_value" : "6.0.1"
"version_value": "6.0.1"
},
{
"version_value" : "6.0.2"
"version_value": "6.0.2"
},
{
"version_value" : "6.0.3"
"version_value": "6.0.3"
},
{
"version_value" : "6.0.4"
"version_value": "6.0.4"
},
{
"version_value" : "6.0.5"
"version_value": "6.0.5"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request that could be used to aid future attacks. IBM X-Force ID: 129970."
"lang": "eng",
"value": "IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request that could be used to aid future attacks. IBM X-Force ID: 129970."
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"I" : "N",
"PR" : "L",
"S" : "U",
"SCORE" : "4.300",
"UI" : "N"
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "N",
"PR": "L",
"S": "U",
"SCORE": "4.300",
"UI": "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/129970",
"refsource" : "MISC",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/129970"
"name": "103477",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103477"
},
{
"name" : "http://www.ibm.com/support/docview.wss?uid=swg22014815",
"refsource" : "CONFIRM",
"url" : "http://www.ibm.com/support/docview.wss?uid=swg22014815"
"name": "http://www.ibm.com/support/docview.wss?uid=swg22014815",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22014815"
},
{
"name" : "103477",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/103477"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129970",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/129970"
}
]
}

22
2017/1xxx/CVE-2017-1663.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-1663",
"STATE" : "RESERVED"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1663",
"STATE": "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

74
2017/5xxx/CVE-2017-5614.json
View File

@ -1,71 +1,71 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-5614",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-5614",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value" : "n/a"
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
"vendor_name": "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the (1) success or (2) failure parameter."
"lang": "eng",
"value": "Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the (1) success or (2) failure parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "n/a"
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
"references": {
"reference_data": [
{
"name" : "[oss-security] 20170128 Re: CVE request: cgiemail multiple vulnerabilities",
"refsource" : "MLIST",
"url" : "http://www.openwall.com/lists/oss-security/2017/01/28/8"
"name": "95870",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95870"
},
{
"name" : "https://news.cpanel.com/tsr-2017-0001-full-disclosure/",
"refsource" : "MISC",
"url" : "https://news.cpanel.com/tsr-2017-0001-full-disclosure/"
"name": "https://news.cpanel.com/tsr-2017-0001-full-disclosure/",
"refsource": "MISC",
"url": "https://news.cpanel.com/tsr-2017-0001-full-disclosure/"
},
{
"name" : "95870",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/95870"
"name": "[oss-security] 20170128 Re: CVE request: cgiemail multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/01/28/8"
}
]
}