From 332af5de6d9d1adc1e4d6c7e6f761d8f430334b3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 22:38:47 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/0xxx/CVE-2006-0529.json | 200 ++++++++++----------- 2006/1xxx/CVE-2006-1269.json | 180 +++++++++---------- 2006/5xxx/CVE-2006-5567.json | 230 ++++++++++++------------ 2006/5xxx/CVE-2006-5673.json | 180 +++++++++---------- 2006/5xxx/CVE-2006-5861.json | 180 +++++++++---------- 2007/2xxx/CVE-2007-2139.json | 220 +++++++++++------------ 2007/2xxx/CVE-2007-2633.json | 160 ++++++++--------- 2007/2xxx/CVE-2007-2843.json | 150 ++++++++-------- 2010/0xxx/CVE-2010-0305.json | 210 +++++++++++----------- 2010/0xxx/CVE-2010-0412.json | 160 ++++++++--------- 2010/0xxx/CVE-2010-0533.json | 130 +++++++------- 2010/0xxx/CVE-2010-0593.json | 180 +++++++++---------- 2010/1xxx/CVE-2010-1030.json | 160 ++++++++--------- 2010/1xxx/CVE-2010-1627.json | 140 +++++++-------- 2010/1xxx/CVE-2010-1945.json | 190 ++++++++++---------- 2010/3xxx/CVE-2010-3180.json | 320 ++++++++++++++++----------------- 2010/3xxx/CVE-2010-3271.json | 160 ++++++++--------- 2010/3xxx/CVE-2010-3648.json | 330 +++++++++++++++++------------------ 2010/3xxx/CVE-2010-3697.json | 180 +++++++++---------- 2010/4xxx/CVE-2010-4336.json | 220 +++++++++++------------ 2010/4xxx/CVE-2010-4953.json | 130 +++++++------- 2014/0xxx/CVE-2014-0297.json | 120 ++++++------- 2014/0xxx/CVE-2014-0711.json | 34 ++-- 2014/4xxx/CVE-2014-4271.json | 190 ++++++++++---------- 2014/4xxx/CVE-2014-4534.json | 120 ++++++------- 2014/4xxx/CVE-2014-4540.json | 120 ++++++------- 2014/8xxx/CVE-2014-8118.json | 170 +++++++++--------- 2014/8xxx/CVE-2014-8294.json | 120 ++++++------- 2014/8xxx/CVE-2014-8679.json | 34 ++-- 2014/8xxx/CVE-2014-8763.json | 180 +++++++++---------- 2014/9xxx/CVE-2014-9334.json | 150 ++++++++-------- 2014/9xxx/CVE-2014-9638.json | 190 ++++++++++---------- 2014/9xxx/CVE-2014-9922.json | 160 ++++++++--------- 2016/3xxx/CVE-2016-3260.json | 150 ++++++++-------- 2016/3xxx/CVE-2016-3397.json | 34 ++-- 2016/3xxx/CVE-2016-3419.json | 130 +++++++------- 2016/3xxx/CVE-2016-3477.json | 300 +++++++++++++++---------------- 2016/6xxx/CVE-2016-6091.json | 34 ++-- 2016/6xxx/CVE-2016-6408.json | 130 +++++++------- 2016/6xxx/CVE-2016-6889.json | 34 ++-- 2016/6xxx/CVE-2016-6891.json | 150 ++++++++-------- 2016/6xxx/CVE-2016-6965.json | 140 +++++++-------- 2016/7xxx/CVE-2016-7415.json | 160 ++++++++--------- 2016/8xxx/CVE-2016-8001.json | 34 ++-- 44 files changed, 3447 insertions(+), 3447 deletions(-) diff --git a/2006/0xxx/CVE-2006-0529.json b/2006/0xxx/CVE-2006-0529.json index 688843717ef..b2b5b510981 100644 --- a/2006/0xxx/CVE-2006-0529.json +++ b/2006/0xxx/CVE-2006-0529.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-0529", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20, as used in multiple CA products, allows remote attackers to cause a denial of service via a crafted message to TCP port 4105." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-0529", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20060202 CAID 33581 - CA Message Queuing Denial of Service Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/423785/100/0/threaded" - }, - { - "name" : "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33581", - "refsource" : "MISC", - "url" : "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33581" - }, - { - "name" : "http://supportconnectw.ca.com/public/ca_common_docs/camessagsecurity_notice.asp", - "refsource" : "CONFIRM", - "url" : "http://supportconnectw.ca.com/public/ca_common_docs/camessagsecurity_notice.asp" - }, - { - "name" : "16475", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16475" - }, - { - "name" : "ADV-2006-0414", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0414" - }, - { - "name" : "21146", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/21146" - }, - { - "name" : "1015571", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015571" - }, - { - "name" : "18681", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18681" - }, - { - "name" : "ca-cam-port4105-dos(24448)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24448" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Computer Associates (CA) Message Queuing (CAM / CAFT) before 1.07 Build 220_16 and 1.11 Build 29_20, as used in multiple CA products, allows remote attackers to cause a denial of service via a crafted message to TCP port 4105." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16475", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16475" + }, + { + "name": "http://supportconnectw.ca.com/public/ca_common_docs/camessagsecurity_notice.asp", + "refsource": "CONFIRM", + "url": "http://supportconnectw.ca.com/public/ca_common_docs/camessagsecurity_notice.asp" + }, + { + "name": "1015571", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015571" + }, + { + "name": "ADV-2006-0414", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0414" + }, + { + "name": "18681", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18681" + }, + { + "name": "ca-cam-port4105-dos(24448)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24448" + }, + { + "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33581", + "refsource": "MISC", + "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33581" + }, + { + "name": "21146", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/21146" + }, + { + "name": "20060202 CAID 33581 - CA Message Queuing Denial of Service Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/423785/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2006/1xxx/CVE-2006-1269.json b/2006/1xxx/CVE-2006-1269.json index d62827fad39..ad39d61d5de 100644 --- a/2006/1xxx/CVE-2006-1269.json +++ b/2006/1xxx/CVE-2006-1269.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-1269", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the parse function in parse.c in zoo 2.10 might allow local users to execute arbitrary code via long filename command line arguments, which are not properly handled during archive creation. NOTE: since this issue is local and not setuid, the set of attack scenarios is limited, although is reasonable to expect that there are some situations in which the zoo user might automatically list attacker-controlled filenames to add to the zoo archive." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-1269", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183426", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183426" - }, - { - "name" : "GLSA-200603-12", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200603-12.xml" - }, - { - "name" : "17126", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17126" - }, - { - "name" : "ADV-2006-0969", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0969" - }, - { - "name" : "19250", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19250" - }, - { - "name" : "19254", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19254" - }, - { - "name" : "zoo-parse-bo(25264)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25264" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the parse function in parse.c in zoo 2.10 might allow local users to execute arbitrary code via long filename command line arguments, which are not properly handled during archive creation. NOTE: since this issue is local and not setuid, the set of attack scenarios is limited, although is reasonable to expect that there are some situations in which the zoo user might automatically list attacker-controlled filenames to add to the zoo archive." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17126", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17126" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183426", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183426" + }, + { + "name": "GLSA-200603-12", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-12.xml" + }, + { + "name": "zoo-parse-bo(25264)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25264" + }, + { + "name": "ADV-2006-0969", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0969" + }, + { + "name": "19254", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19254" + }, + { + "name": "19250", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19250" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5567.json b/2006/5xxx/CVE-2006-5567.json index 11692cba561..79274c51639 100644 --- a/2006/5xxx/CVE-2006-5567.json +++ b/2006/5xxx/CVE-2006-5567.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5567", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5567", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061025 AOL Nullsoft Winamp Lyrics3 v2.00 tags Heap Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=432" - }, - { - "name" : "20061025 AOL Nullsoft Winamp Ultravox 'ultravox-max-msg' Header Heap Overflow Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=431" - }, - { - "name" : "http://www.winamp.com/player/version_history.php#5.31", - "refsource" : "CONFIRM", - "url" : "http://www.winamp.com/player/version_history.php#5.31" - }, - { - "name" : "VU#449092", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/449092" - }, - { - "name" : "20744", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20744" - }, - { - "name" : "oval:org.mitre.oval:def:15686", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15686" - }, - { - "name" : "ADV-2006-4196", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4196" - }, - { - "name" : "1017119", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017119" - }, - { - "name" : "1017120", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017120" - }, - { - "name" : "22580", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22580" - }, - { - "name" : "winamp-lyrics3-bo(29807)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29807" - }, - { - "name" : "winamp-ultravox-bo(29804)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29804" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:15686", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15686" + }, + { + "name": "1017119", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017119" + }, + { + "name": "20061025 AOL Nullsoft Winamp Lyrics3 v2.00 tags Heap Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=432" + }, + { + "name": "winamp-lyrics3-bo(29807)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29807" + }, + { + "name": "22580", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22580" + }, + { + "name": "20744", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20744" + }, + { + "name": "winamp-ultravox-bo(29804)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29804" + }, + { + "name": "VU#449092", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/449092" + }, + { + "name": "1017120", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017120" + }, + { + "name": "ADV-2006-4196", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4196" + }, + { + "name": "http://www.winamp.com/player/version_history.php#5.31", + "refsource": "CONFIRM", + "url": "http://www.winamp.com/player/version_history.php#5.31" + }, + { + "name": "20061025 AOL Nullsoft Winamp Ultravox 'ultravox-max-msg' Header Heap Overflow Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=431" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5673.json b/2006/5xxx/CVE-2006-5673.json index 32c4f5606be..01d0029b513 100644 --- a/2006/5xxx/CVE-2006-5673.json +++ b/2006/5xxx/CVE-2006-5673.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5673", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in bb_func_txt.php in miniBB 2.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5673", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2655", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2655" - }, - { - "name" : "http://www.minibb.net/forums/9_4274_0.html", - "refsource" : "CONFIRM", - "url" : "http://www.minibb.net/forums/9_4274_0.html" - }, - { - "name" : "20757", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20757" - }, - { - "name" : "ADV-2006-4222", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4222" - }, - { - "name" : "29971", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/29971" - }, - { - "name" : "22596", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22596" - }, - { - "name" : "minibb-bbfunctxt-file-include(29831)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29831" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in bb_func_txt.php in miniBB 2.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pathToFiles parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20757", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20757" + }, + { + "name": "29971", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/29971" + }, + { + "name": "http://www.minibb.net/forums/9_4274_0.html", + "refsource": "CONFIRM", + "url": "http://www.minibb.net/forums/9_4274_0.html" + }, + { + "name": "22596", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22596" + }, + { + "name": "ADV-2006-4222", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4222" + }, + { + "name": "minibb-bbfunctxt-file-include(29831)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29831" + }, + { + "name": "2655", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2655" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5861.json b/2006/5xxx/CVE-2006-5861.json index 878aee7cd2f..d9e7600468a 100644 --- a/2006/5xxx/CVE-2006-5861.json +++ b/2006/5xxx/CVE-2006-5861.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5861", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5861", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20061109 Citrix Presentation Server 4.0 IMA Service Invalid Name Length DoS Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=441" - }, - { - "name" : "http://support.citrix.com/article/CTX111186", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX111186" - }, - { - "name" : "20986", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20986" - }, - { - "name" : "ADV-2006-4429", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4429" - }, - { - "name" : "1017205", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017205" - }, - { - "name" : "22802", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22802" - }, - { - "name" : "citrix-imaserver-dos(30156)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30156" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Independent Management Architecture (IMA) service (ImaSrv.exe) in Citrix MetaFrame XP 1.0 and 2.0, and Presentation Server 3.0 and 4.0, allows remote attackers to cause a denial of service (service exit) via a crafted packet that causes the service to access an unmapped memory address and triggers an unhandled exception." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "citrix-imaserver-dos(30156)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30156" + }, + { + "name": "1017205", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017205" + }, + { + "name": "20061109 Citrix Presentation Server 4.0 IMA Service Invalid Name Length DoS Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=441" + }, + { + "name": "http://support.citrix.com/article/CTX111186", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX111186" + }, + { + "name": "20986", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20986" + }, + { + "name": "22802", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22802" + }, + { + "name": "ADV-2006-4429", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4429" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2139.json b/2007/2xxx/CVE-2007-2139.json index 827818abad1..2c363864890 100644 --- a/2007/2xxx/CVE-2007-2139.json +++ b/2007/2xxx/CVE-2007-2139.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2139", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2139", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070424 ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/466790/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html" - }, - { - "name" : "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp", - "refsource" : "CONFIRM", - "url" : "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp" - }, - { - "name" : "VU#979825", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/979825" - }, - { - "name" : "23635", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23635" - }, - { - "name" : "ADV-2007-1529", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1529" - }, - { - "name" : "35326", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35326" - }, - { - "name" : "1017952", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017952" - }, - { - "name" : "24972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24972" - }, - { - "name" : "2628", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2628" - }, - { - "name" : "brightstor-sun-rpc-bo(33854)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2628", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2628" + }, + { + "name": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp", + "refsource": "CONFIRM", + "url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp" + }, + { + "name": "VU#979825", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/979825" + }, + { + "name": "35326", + "refsource": "OSVDB", + "url": "http://osvdb.org/35326" + }, + { + "name": "24972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24972" + }, + { + "name": "brightstor-sun-rpc-bo(33854)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854" + }, + { + "name": "23635", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23635" + }, + { + "name": "20070424 ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded" + }, + { + "name": "1017952", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017952" + }, + { + "name": "ADV-2007-1529", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1529" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2633.json b/2007/2xxx/CVE-2007-2633.json index 8cca72e942d..081bcb4a485 100644 --- a/2007/2xxx/CVE-2007-2633.json +++ b/2007/2xxx/CVE-2007-2633.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2633", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2633", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.psoft.net/SS/fixes/index.php?id=94", - "refsource" : "CONFIRM", - "url" : "http://www.psoft.net/SS/fixes/index.php?id=94" - }, - { - "name" : "35977", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35977" - }, - { - "name" : "ADV-2007-1772", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1772" - }, - { - "name" : "25243", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25243" - }, - { - "name" : "hsphere-template-directory-traversal(34243)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34243" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in H-Sphere SiteStudio 1.6 allows remote attackers to read, or include and execute, arbitrary local files via a .. (dot dot) in the template parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "hsphere-template-directory-traversal(34243)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34243" + }, + { + "name": "ADV-2007-1772", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1772" + }, + { + "name": "25243", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25243" + }, + { + "name": "http://www.psoft.net/SS/fixes/index.php?id=94", + "refsource": "CONFIRM", + "url": "http://www.psoft.net/SS/fixes/index.php?id=94" + }, + { + "name": "35977", + "refsource": "OSVDB", + "url": "http://osvdb.org/35977" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2843.json b/2007/2xxx/CVE-2007-2843.json index bbcdc1b2929..56528c514ab 100644 --- a/2007/2xxx/CVE-2007-2843.json +++ b/2007/2xxx/CVE-2007-2843.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2843", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via Javascript, as demonstrated by a js script that accesses the location information of cross-domain web pages, probably involving setTimeout and timed events." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2843", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.businessinfo.co.uk/labs/googlesnoop/snoop.html", - "refsource" : "MISC", - "url" : "http://www.businessinfo.co.uk/labs/googlesnoop/snoop.html" - }, - { - "name" : "http://www.thespanner.co.uk/2007/05/18/safari-needs-fixing/", - "refsource" : "MISC", - "url" : "http://www.thespanner.co.uk/2007/05/18/safari-needs-fixing/" - }, - { - "name" : "24121", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24121" - }, - { - "name" : "38859", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38859" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-domain vulnerability in Apple Safari 2.0.4 allows remote attackers to access restricted information from other domains via Javascript, as demonstrated by a js script that accesses the location information of cross-domain web pages, probably involving setTimeout and timed events." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24121", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24121" + }, + { + "name": "http://www.thespanner.co.uk/2007/05/18/safari-needs-fixing/", + "refsource": "MISC", + "url": "http://www.thespanner.co.uk/2007/05/18/safari-needs-fixing/" + }, + { + "name": "http://www.businessinfo.co.uk/labs/googlesnoop/snoop.html", + "refsource": "MISC", + "url": "http://www.businessinfo.co.uk/labs/googlesnoop/snoop.html" + }, + { + "name": "38859", + "refsource": "OSVDB", + "url": "http://osvdb.org/38859" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0305.json b/2010/0xxx/CVE-2010-0305.json index cadd73e7d9f..c4c63d2fbf8 100644 --- a/2010/0xxx/CVE-2010-0305.json +++ b/2010/0xxx/CVE-2010-0305.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0305", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service (daemon crash) via a large number of c2s (aka client2server) messages that trigger a queue overload." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-0305", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20100129 CVE Request -- ejabberd", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/01/29/1" - }, - { - "name" : "[oss-security] 20100129 Re: CVE Request -- ejabberd", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/01/29/5" - }, - { - "name" : "https://support.process-one.net/browse/EJAB-1173", - "refsource" : "CONFIRM", - "url" : "https://support.process-one.net/browse/EJAB-1173" - }, - { - "name" : "DSA-2033", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2033" - }, - { - "name" : "38003", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38003" - }, - { - "name" : "62066", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/62066" - }, - { - "name" : "38337", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38337" - }, - { - "name" : "39423", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39423" - }, - { - "name" : "ADV-2010-0894", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0894" - }, - { - "name" : "ejabberd-client2server-dos(56025)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56025" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service (daemon crash) via a large number of c2s (aka client2server) messages that trigger a queue overload." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20100129 CVE Request -- ejabberd", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/01/29/1" + }, + { + "name": "38337", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38337" + }, + { + "name": "[oss-security] 20100129 Re: CVE Request -- ejabberd", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/01/29/5" + }, + { + "name": "62066", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/62066" + }, + { + "name": "ADV-2010-0894", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0894" + }, + { + "name": "ejabberd-client2server-dos(56025)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56025" + }, + { + "name": "DSA-2033", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2033" + }, + { + "name": "https://support.process-one.net/browse/EJAB-1173", + "refsource": "CONFIRM", + "url": "https://support.process-one.net/browse/EJAB-1173" + }, + { + "name": "38003", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38003" + }, + { + "name": "39423", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39423" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0412.json b/2010/0xxx/CVE-2010-0412.json index 40ad8b21385..7619cafaa9c 100644 --- a/2010/0xxx/CVE-2010-0412.json +++ b/2010/0xxx/CVE-2010-0412.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0412", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-0412", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60", - "refsource" : "MLIST", - "url" : "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html" - }, - { - "name" : "FEDORA-2010-1373", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html" - }, - { - "name" : "FEDORA-2010-1720", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html" - }, - { - "name" : "38316", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38316" - }, - { - "name" : "systemtap-stapserver-unspecified(56611)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56611" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2010-1373", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html" + }, + { + "name": "systemtap-stapserver-unspecified(56611)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56611" + }, + { + "name": "[scm-commits] 20100215 rpms/systemtap/devel systemtap-1.1-tighten-server-params.patch, NONE, 1.1 systemtap.spec, 1.59, 1.60", + "refsource": "MLIST", + "url": "http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html" + }, + { + "name": "FEDORA-2010-1720", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html" + }, + { + "name": "38316", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38316" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0533.json b/2010/0xxx/CVE-2010-0533.json index 0f6ecac4c45..6ac3aeeaf88 100644 --- a/2010/0xxx/CVE-2010-0533.json +++ b/2010/0xxx/CVE-2010-0533.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0533", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-0533", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4077", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4077" - }, - { - "name" : "APPLE-SA-2010-03-29-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attackers to list a share root's parent directory, and read and modify files in that directory, via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2010-03-29-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" + }, + { + "name": "http://support.apple.com/kb/HT4077", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4077" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0593.json b/2010/0xxx/CVE-2010-0593.json index eea78ac19a5..d42aa822545 100644 --- a/2010/0xxx/CVE-2010-0593.json +++ b/2010/0xxx/CVE-2010-0593.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0593", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0, PVC2300 Business Internet Video Camera before 1.1.2.6, WVC200 Wireless-G PTZ Internet Video Camera before 1.1.1.15, WVC210 Wireless-G PTZ Internet Video Camera before 1.1.1.15, and WVC2300 Wireless-G Business Internet Video Camera before 1.1.2.6 do not properly restrict read access to passwords, which allows context-dependent attackers to obtain sensitive information, related to (1) access by remote authenticated users to a PVC2300 or WVC2300 via a crafted URL, (2) leveraging setup privileges on a WVC200 or WVC210, and (3) leveraging administrative privileges on an RVS4000, aka Bug ID CSCte64726." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2010-0593", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100421 Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabit Security Routers Authentication Bypass Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b27511.shtml" - }, - { - "name" : "39612", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39612" - }, - { - "name" : "63978", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/63978" - }, - { - "name" : "1023906", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023906" - }, - { - "name" : "39510", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39510" - }, - { - "name" : "ADV-2010-0965", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0965" - }, - { - "name" : "cisco-small-business-unauth-access(58034)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58034" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0, PVC2300 Business Internet Video Camera before 1.1.2.6, WVC200 Wireless-G PTZ Internet Video Camera before 1.1.1.15, WVC210 Wireless-G PTZ Internet Video Camera before 1.1.1.15, and WVC2300 Wireless-G Business Internet Video Camera before 1.1.2.6 do not properly restrict read access to passwords, which allows context-dependent attackers to obtain sensitive information, related to (1) access by remote authenticated users to a PVC2300 or WVC2300 via a crafted URL, (2) leveraging setup privileges on a WVC200 or WVC210, and (3) leveraging administrative privileges on an RVS4000, aka Bug ID CSCte64726." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20100421 Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabit Security Routers Authentication Bypass Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b27511.shtml" + }, + { + "name": "1023906", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023906" + }, + { + "name": "cisco-small-business-unauth-access(58034)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58034" + }, + { + "name": "ADV-2010-0965", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0965" + }, + { + "name": "63978", + "refsource": "OSVDB", + "url": "http://osvdb.org/63978" + }, + { + "name": "39612", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39612" + }, + { + "name": "39510", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39510" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1030.json b/2010/1xxx/CVE-2010-1030.json index c68031d3310..f675ac29f32 100644 --- a/2010/1xxx/CVE-2010-1030.json +++ b/2010/1xxx/CVE-2010-1030.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1030", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP-UX B.11.31, with AudFilter rules enabled, allows local users to cause a denial of service via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2010-1030", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBUX02514", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=126996727024732&w=2" - }, - { - "name" : "SSRT100010", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=126996727024732&w=2" - }, - { - "name" : "39046", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39046" - }, - { - "name" : "oval:org.mitre.oval:def:11779", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11779" - }, - { - "name" : "1023772", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023772" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP-UX B.11.31, with AudFilter rules enabled, allows local users to cause a denial of service via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39046", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39046" + }, + { + "name": "oval:org.mitre.oval:def:11779", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11779" + }, + { + "name": "HPSBUX02514", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=126996727024732&w=2" + }, + { + "name": "SSRT100010", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=126996727024732&w=2" + }, + { + "name": "1023772", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023772" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1627.json b/2010/1xxx/CVE-2010-1627.json index 69d376ac18b..8a065547210 100644 --- a/2010/1xxx/CVE-2010-1627.json +++ b/2010/1xxx/CVE-2010-1627.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1627", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-1627", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20100517 CVE request: phpbb 3.0.7 and before 3.0.5", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/05/16/1" - }, - { - "name" : "[oss-security] 20100518 Re: CVE request: phpbb 3.0.7 and before 3.0.5", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/05/18/6" - }, - { - "name" : "http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195", - "refsource" : "CONFIRM", - "url" : "http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20100518 Re: CVE request: phpbb 3.0.7 and before 3.0.5", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/05/18/6" + }, + { + "name": "http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195", + "refsource": "CONFIRM", + "url": "http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195" + }, + { + "name": "[oss-security] 20100517 CVE request: phpbb 3.0.7 and before 3.0.5", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/05/16/1" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1945.json b/2010/1xxx/CVE-2010-1945.json index 4b47ee6fb03..461b875a27e 100644 --- a/2010/1xxx/CVE-2010-1945.json +++ b/2010/1xxx/CVE-2010-1945.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1945", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) action.class.php, (2) architecte.class.php, (3) avis.class.php, (4) bible.class.php, and (5) blocnote.class.php in obj/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1945", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "12366", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/12366" - }, - { - "name" : "http://packetstormsecurity.org/1004-exploits/openfoncier-rfilfi.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1004-exploits/openfoncier-rfilfi.txt" - }, - { - "name" : "64196", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/64196" - }, - { - "name" : "64197", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/64197" - }, - { - "name" : "64198", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/64198" - }, - { - "name" : "64199", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/64199" - }, - { - "name" : "64200", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/64200" - }, - { - "name" : "39607", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39607" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) action.class.php, (2) architecte.class.php, (3) avis.class.php, (4) bible.class.php, and (5) blocnote.class.php in obj/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "64197", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/64197" + }, + { + "name": "12366", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/12366" + }, + { + "name": "http://packetstormsecurity.org/1004-exploits/openfoncier-rfilfi.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1004-exploits/openfoncier-rfilfi.txt" + }, + { + "name": "39607", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39607" + }, + { + "name": "64196", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/64196" + }, + { + "name": "64200", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/64200" + }, + { + "name": "64199", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/64199" + }, + { + "name": "64198", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/64198" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3180.json b/2010/3xxx/CVE-2010-3180.json index 5f2bc1019bf..cc8d0beeac6 100644 --- a/2010/3xxx/CVE-2010-3180.json +++ b/2010/3xxx/CVE-2010-3180.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3180", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3180", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2010/mfsa2010-66.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2010/mfsa2010-66.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=588929", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=588929" - }, - { - "name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox", - "refsource" : "CONFIRM", - "url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100114250", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100114250" - }, - { - "name" : "http://support.avaya.com/css/P8/documents/100120156", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/css/P8/documents/100120156" - }, - { - "name" : "DSA-2124", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2124" - }, - { - "name" : "FEDORA-2010-16885", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html" - }, - { - "name" : "FEDORA-2010-16897", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html" - }, - { - "name" : "MDVSA-2010:210", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:210" - }, - { - "name" : "MDVSA-2010:211", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:211" - }, - { - "name" : "RHSA-2010:0781", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0781.html" - }, - { - "name" : "RHSA-2010:0782", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0782.html" - }, - { - "name" : "RHSA-2010:0780", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0780.html" - }, - { - "name" : "RHSA-2010:0861", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0861.html" - }, - { - "name" : "RHSA-2010:0896", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0896.html" - }, - { - "name" : "USN-997-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-997-1" - }, - { - "name" : "USN-998-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-998-1" - }, - { - "name" : "44248", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44248" - }, - { - "name" : "oval:org.mitre.oval:def:12158", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12158" - }, - { - "name" : "42867", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42867" - }, - { - "name" : "ADV-2011-0061", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0061" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2010:0782", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0782.html" + }, + { + "name": "RHSA-2010:0896", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0896.html" + }, + { + "name": "MDVSA-2010:210", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:210" + }, + { + "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox", + "refsource": "CONFIRM", + "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox" + }, + { + "name": "44248", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44248" + }, + { + "name": "oval:org.mitre.oval:def:12158", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12158" + }, + { + "name": "RHSA-2010:0781", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0781.html" + }, + { + "name": "42867", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42867" + }, + { + "name": "MDVSA-2010:211", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:211" + }, + { + "name": "ADV-2011-0061", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0061" + }, + { + "name": "USN-998-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-998-1" + }, + { + "name": "http://www.mozilla.org/security/announce/2010/mfsa2010-66.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-66.html" + }, + { + "name": "DSA-2124", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2124" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100114250", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100114250" + }, + { + "name": "http://support.avaya.com/css/P8/documents/100120156", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/css/P8/documents/100120156" + }, + { + "name": "USN-997-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-997-1" + }, + { + "name": "FEDORA-2010-16897", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050077.html" + }, + { + "name": "RHSA-2010:0861", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0861.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=588929", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=588929" + }, + { + "name": "RHSA-2010:0780", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0780.html" + }, + { + "name": "FEDORA-2010-16885", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/050154.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3271.json b/2010/3xxx/CVE-2010-3271.json index fda6303154f..27709dbf7b3 100644 --- a/2010/3xxx/CVE-2010-3271.json +++ b/2010/3xxx/CVE-2010-3271.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3271", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Integrated Solutions Console (aka administrative console) in IBM WebSphere Application Server (WAS) 7.0.0.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that disable certain security options via an Edit action to console/adminSecurityDetail.do followed by a save action to console/syncworkspace.do." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-3271", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20110615 CORE-2010-1021: IBM WebSphere Application Server Cross-Site Request Forgery", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/518465/100/0/threaded" - }, - { - "name" : "17404", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/17404" - }, - { - "name" : "http://www.coresecurity.com/content/IBM-WebSphere-CSRF", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/content/IBM-WebSphere-CSRF" - }, - { - "name" : "48305", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/48305" - }, - { - "name" : "8281", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Integrated Solutions Console (aka administrative console) in IBM WebSphere Application Server (WAS) 7.0.0.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that disable certain security options via an Edit action to console/adminSecurityDetail.do followed by a save action to console/syncworkspace.do." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20110615 CORE-2010-1021: IBM WebSphere Application Server Cross-Site Request Forgery", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/518465/100/0/threaded" + }, + { + "name": "http://www.coresecurity.com/content/IBM-WebSphere-CSRF", + "refsource": "MISC", + "url": "http://www.coresecurity.com/content/IBM-WebSphere-CSRF" + }, + { + "name": "48305", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/48305" + }, + { + "name": "17404", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/17404" + }, + { + "name": "8281", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8281" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3648.json b/2010/3xxx/CVE-2010-3648.json index bf49b42650e..d1308634639 100644 --- a/2010/3xxx/CVE-2010-3648.json +++ b/2010/3xxx/CVE-2010-3648.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3648", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2010-3648", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb10-26.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb10-26.html" - }, - { - "name" : "http://support.apple.com/kb/HT4435", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4435" - }, - { - "name" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1", - "refsource" : "CONFIRM", - "url" : "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1" - }, - { - "name" : "APPLE-SA-2010-11-10-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" - }, - { - "name" : "GLSA-201101-09", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201101-09.xml" - }, - { - "name" : "HPSBMA02663", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=130331642631603&w=2" - }, - { - "name" : "SSRT100428", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=130331642631603&w=2" - }, - { - "name" : "RHSA-2010:0829", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0829.html" - }, - { - "name" : "RHSA-2010:0834", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0834.html" - }, - { - "name" : "RHSA-2010:0867", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2010-0867.html" - }, - { - "name" : "SUSE-SA:2010:055", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html" - }, - { - "name" : "44684", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/44684" - }, - { - "name" : "oval:org.mitre.oval:def:11842", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11842" - }, - { - "name" : "oval:org.mitre.oval:def:15980", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15980" - }, - { - "name" : "42183", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42183" - }, - { - "name" : "42926", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42926" - }, - { - "name" : "43026", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/43026" - }, - { - "name" : "ADV-2010-2903", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2903" - }, - { - "name" : "ADV-2010-2906", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2906" - }, - { - "name" : "ADV-2010-2918", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2918" - }, - { - "name" : "ADV-2011-0173", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0173" - }, - { - "name" : "ADV-2011-0192", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0192" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2011-0192", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0192" + }, + { + "name": "42183", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42183" + }, + { + "name": "http://support.apple.com/kb/HT4435", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4435" + }, + { + "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1", + "refsource": "CONFIRM", + "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1" + }, + { + "name": "43026", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/43026" + }, + { + "name": "GLSA-201101-09", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml" + }, + { + "name": "ADV-2010-2918", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2918" + }, + { + "name": "44684", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/44684" + }, + { + "name": "APPLE-SA-2010-11-10-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html" + }, + { + "name": "RHSA-2010:0834", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html" + }, + { + "name": "SUSE-SA:2010:055", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html" + }, + { + "name": "42926", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42926" + }, + { + "name": "SSRT100428", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=130331642631603&w=2" + }, + { + "name": "ADV-2010-2903", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2903" + }, + { + "name": "HPSBMA02663", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=130331642631603&w=2" + }, + { + "name": "ADV-2011-0173", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0173" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb10-26.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html" + }, + { + "name": "ADV-2010-2906", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2906" + }, + { + "name": "RHSA-2010:0867", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html" + }, + { + "name": "oval:org.mitre.oval:def:15980", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15980" + }, + { + "name": "oval:org.mitre.oval:def:11842", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11842" + }, + { + "name": "RHSA-2010:0829", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/3xxx/CVE-2010-3697.json b/2010/3xxx/CVE-2010-3697.json index cb900b5f9ce..0a647eb27d8 100644 --- a/2010/3xxx/CVE-2010-3697.json +++ b/2010/3xxx/CVE-2010-3697.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-3697", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x before 2.1.10, in certain circumstances involving long-term database outages, does not properly handle long queue times for requests, which allows remote attackers to cause a denial of service (daemon crash) by sending many requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-3697", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20101001 CVE request: freeradius", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/10/01/3" - }, - { - "name" : "[oss-security] 20101001 Re: CVE request: freeradius", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2010/10/01/8" - }, - { - "name" : "http://freeradius.org/press/index.html#2.1.10", - "refsource" : "CONFIRM", - "url" : "http://freeradius.org/press/index.html#2.1.10" - }, - { - "name" : "http://github.com/alandekok/freeradius-server/commit/ff94dd35673bba1476594299d31ce8293b8bd223", - "refsource" : "CONFIRM", - "url" : "http://github.com/alandekok/freeradius-server/commit/ff94dd35673bba1476594299d31ce8293b8bd223" - }, - { - "name" : "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=35", - "refsource" : "CONFIRM", - "url" : "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=35" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=639397", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=639397" - }, - { - "name" : "41621", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41621" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x before 2.1.10, in certain circumstances involving long-term database outages, does not properly handle long queue times for requests, which allows remote attackers to cause a denial of service (daemon crash) by sending many requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41621", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41621" + }, + { + "name": "http://github.com/alandekok/freeradius-server/commit/ff94dd35673bba1476594299d31ce8293b8bd223", + "refsource": "CONFIRM", + "url": "http://github.com/alandekok/freeradius-server/commit/ff94dd35673bba1476594299d31ce8293b8bd223" + }, + { + "name": "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=35", + "refsource": "CONFIRM", + "url": "https://bugs.freeradius.org/bugzilla/show_bug.cgi?id=35" + }, + { + "name": "[oss-security] 20101001 CVE request: freeradius", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/10/01/3" + }, + { + "name": "http://freeradius.org/press/index.html#2.1.10", + "refsource": "CONFIRM", + "url": "http://freeradius.org/press/index.html#2.1.10" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=639397", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639397" + }, + { + "name": "[oss-security] 20101001 Re: CVE request: freeradius", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2010/10/01/8" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4336.json b/2010/4xxx/CVE-2010-4336.json index 746aa640f49..1c6d609bacf 100644 --- a/2010/4xxx/CVE-2010-4336.json +++ b/2010/4xxx/CVE-2010-4336.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4336", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a timestamp whose value is 10 or less, as demonstrated by creating RRD files using the (1) RRDtool and (2) RRDCacheD plugins." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-4336", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605092", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605092" - }, - { - "name" : "http://collectd.org/news.shtml#news86", - "refsource" : "CONFIRM", - "url" : "http://collectd.org/news.shtml#news86" - }, - { - "name" : "DSA-2133", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2010/dsa-2133" - }, - { - "name" : "FEDORA-2010-19031", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052875.html" - }, - { - "name" : "SUSE-SR:2011:009", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" - }, - { - "name" : "45075", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/45075" - }, - { - "name" : "42393", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42393" - }, - { - "name" : "42491", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42491" - }, - { - "name" : "42846", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42846" - }, - { - "name" : "ADV-2010-3196", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/3196" - }, - { - "name" : "ADV-2011-0041", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0041" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a timestamp whose value is 10 or less, as demonstrated by creating RRD files using the (1) RRDtool and (2) RRDCacheD plugins." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SR:2011:009", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html" + }, + { + "name": "42491", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42491" + }, + { + "name": "DSA-2133", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2010/dsa-2133" + }, + { + "name": "42846", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42846" + }, + { + "name": "ADV-2011-0041", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0041" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605092", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605092" + }, + { + "name": "FEDORA-2010-19031", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052875.html" + }, + { + "name": "ADV-2010-3196", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/3196" + }, + { + "name": "http://collectd.org/news.shtml#news86", + "refsource": "CONFIRM", + "url": "http://collectd.org/news.shtml#news86" + }, + { + "name": "45075", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/45075" + }, + { + "name": "42393", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42393" + } + ] + } +} \ No newline at end of file diff --git a/2010/4xxx/CVE-2010-4953.json b/2010/4xxx/CVE-2010-4953.json index 5a9dca946b3..6c37981363b 100644 --- a/2010/4xxx/CVE-2010-4953.json +++ b/2010/4xxx/CVE-2010-4953.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-4953", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-4953", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/" - }, - { - "name" : "jwcalendar-unspec-code-execution(61057)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/61057" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 allows remote attackers to execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-015/" + }, + { + "name": "jwcalendar-unspec-code-execution(61057)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61057" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0297.json b/2014/0xxx/CVE-2014-0297.json index 6681cd41672..ca109a6d72d 100644 --- a/2014/0xxx/CVE-2014-0297.json +++ b/2014/0xxx/CVE-2014-0297.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0297", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0308, CVE-2014-0312, and CVE-2014-0324." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-0297", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-012", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0308, CVE-2014-0312, and CVE-2014-0324." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS14-012", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-012" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0711.json b/2014/0xxx/CVE-2014-0711.json index 5b0d4e9b581..5e567966ad8 100644 --- a/2014/0xxx/CVE-2014-0711.json +++ b/2014/0xxx/CVE-2014-0711.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0711", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-0711", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4271.json b/2014/4xxx/CVE-2014-4271.json index bccfcda2f4b..9e4a79b269c 100644 --- a/2014/4xxx/CVE-2014-4271.json +++ b/2014/4xxx/CVE-2014-4271.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4271", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Hyperion Essbase component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect availability via unknown vectors related to Agent." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-4271", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534161/100/0/threaded" - }, - { - "name" : "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Dec/23" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" - }, - { - "name" : "68572", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68572" - }, - { - "name" : "1030579", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030579" - }, - { - "name" : "59241", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59241" - }, - { - "name" : "oracle-cpujul2014-cve20144271(94562)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/94562" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Hyperion Essbase component in Oracle Hyperion 11.1.2.2 and 11.1.2.3 allows remote attackers to affect availability via unknown vectors related to Agent." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "68572", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68572" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html" + }, + { + "name": "1030579", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030579" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded" + }, + { + "name": "oracle-cpujul2014-cve20144271(94562)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94562" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html" + }, + { + "name": "59241", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59241" + }, + { + "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Dec/23" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4534.json b/2014/4xxx/CVE-2014-4534.json index 81753ec373e..d3d73bde6e8 100644 --- a/2014/4xxx/CVE-2014-4534.json +++ b/2014/4xxx/CVE-2014-4534.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4534", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in videoplayer/autoplay.php in the HTML5 Video Player with Playlist plugin 2.4.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) theme or (2) playlistmod parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4534", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://codevigilant.com/disclosure/wp-plugin-html5-video-player-with-playlist-a3-cross-site-scripting-xss", - "refsource" : "MISC", - "url" : "http://codevigilant.com/disclosure/wp-plugin-html5-video-player-with-playlist-a3-cross-site-scripting-xss" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in videoplayer/autoplay.php in the HTML5 Video Player with Playlist plugin 2.4.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) theme or (2) playlistmod parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://codevigilant.com/disclosure/wp-plugin-html5-video-player-with-playlist-a3-cross-site-scripting-xss", + "refsource": "MISC", + "url": "http://codevigilant.com/disclosure/wp-plugin-html5-video-player-with-playlist-a3-cross-site-scripting-xss" + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4540.json b/2014/4xxx/CVE-2014-4540.json index 57abbd00f5d..a0b15a2bd42 100644 --- a/2014/4xxx/CVE-2014-4540.json +++ b/2014/4xxx/CVE-2014-4540.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4540", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in oleggo-twitter/twitter_login_form.php in the Oleggo LiveStream plugin 0.2.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the msg parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4540", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://codevigilant.com/disclosure/wp-plugin-oleggo-livestream-a3-cross-site-scripting-xss", - "refsource" : "MISC", - "url" : "http://codevigilant.com/disclosure/wp-plugin-oleggo-livestream-a3-cross-site-scripting-xss" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in oleggo-twitter/twitter_login_form.php in the Oleggo LiveStream plugin 0.2.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the msg parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://codevigilant.com/disclosure/wp-plugin-oleggo-livestream-a3-cross-site-scripting-xss", + "refsource": "MISC", + "url": "http://codevigilant.com/disclosure/wp-plugin-oleggo-livestream-a3-cross-site-scripting-xss" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8118.json b/2014/8xxx/CVE-2014-8118.json index fdc01c16644..f344a4fb7a9 100644 --- a/2014/8xxx/CVE-2014-8118.json +++ b/2014/8xxx/CVE-2014-8118.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8118", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-8118", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://advisories.mageia.org/MGASA-2014-0529.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0529.html" - }, - { - "name" : "DSA-3129", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3129" - }, - { - "name" : "GLSA-201811-22", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201811-22" - }, - { - "name" : "MDVSA-2014:251", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:251" - }, - { - "name" : "MDVSA-2015:056", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:056" - }, - { - "name" : "RHSA-2014:1976", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-1976.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDVSA-2015:056", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:056" + }, + { + "name": "GLSA-201811-22", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201811-22" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0529.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0529.html" + }, + { + "name": "MDVSA-2014:251", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:251" + }, + { + "name": "DSA-3129", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3129" + }, + { + "name": "RHSA-2014:1976", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-1976.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8294.json b/2014/8xxx/CVE-2014-8294.json index a0c0e90355d..5f7445fbd1c 100644 --- a/2014/8xxx/CVE-2014-8294.json +++ b/2014/8xxx/CVE-2014-8294.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8294", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Voice Of Web AllMyGuests 0.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) allmyphp_cookie cookie to admin.php or the (2) Username or (3) Password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8294", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/128479/AllMyGuests-0.4.1-XSS-SQL-Injection-Insecure-Cookie-Handling.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/128479/AllMyGuests-0.4.1-XSS-SQL-Injection-Insecure-Cookie-Handling.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Voice Of Web AllMyGuests 0.4.1 allow remote attackers to execute arbitrary SQL commands via the (1) allmyphp_cookie cookie to admin.php or the (2) Username or (3) Password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/128479/AllMyGuests-0.4.1-XSS-SQL-Injection-Insecure-Cookie-Handling.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/128479/AllMyGuests-0.4.1-XSS-SQL-Injection-Insecure-Cookie-Handling.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8679.json b/2014/8xxx/CVE-2014-8679.json index d718eeb6b3c..7f4c764ac29 100644 --- a/2014/8xxx/CVE-2014-8679.json +++ b/2014/8xxx/CVE-2014-8679.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8679", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-8679", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/8xxx/CVE-2014-8763.json b/2014/8xxx/CVE-2014-8763.json index fcc6c4a0bb9..8e97c5257ea 100644 --- a/2014/8xxx/CVE-2014-8763.json +++ b/2014/8xxx/CVE-2014-8763.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-8763", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "DokuWiki before 2014-05-05b, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a password starting with a null (\\0) character and a valid user name, which triggers an unauthenticated bind." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-8763", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[dokuwiki] 20140918 Fwd: Dokuwiki (maybe) security issue: Null byte poisoning in LDAP authentication", - "refsource" : "MLIST", - "url" : "http://www.freelists.org/post/dokuwiki/Fwd-Dokuwiki-maybe-security-issue-Null-byte-poisoning-in-LDAP-authentication" - }, - { - "name" : "[oss-security] 20141013 CVE request: various security flaws in dokuwiki", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/10/13/3" - }, - { - "name" : "[oss-security] 20141016 Re: CVE request: various security flaws in dokuwiki", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/10/16/9" - }, - { - "name" : "https://github.com/splitbrain/dokuwiki/pull/868", - "refsource" : "CONFIRM", - "url" : "https://github.com/splitbrain/dokuwiki/pull/868" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2014-0438.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2014-0438.html" - }, - { - "name" : "DSA-3059", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-3059" - }, - { - "name" : "61983", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61983" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DokuWiki before 2014-05-05b, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a password starting with a null (\\0) character and a valid user name, which triggers an unauthenticated bind." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[dokuwiki] 20140918 Fwd: Dokuwiki (maybe) security issue: Null byte poisoning in LDAP authentication", + "refsource": "MLIST", + "url": "http://www.freelists.org/post/dokuwiki/Fwd-Dokuwiki-maybe-security-issue-Null-byte-poisoning-in-LDAP-authentication" + }, + { + "name": "61983", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61983" + }, + { + "name": "http://advisories.mageia.org/MGASA-2014-0438.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2014-0438.html" + }, + { + "name": "[oss-security] 20141013 CVE request: various security flaws in dokuwiki", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/10/13/3" + }, + { + "name": "[oss-security] 20141016 Re: CVE request: various security flaws in dokuwiki", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/10/16/9" + }, + { + "name": "DSA-3059", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-3059" + }, + { + "name": "https://github.com/splitbrain/dokuwiki/pull/868", + "refsource": "CONFIRM", + "url": "https://github.com/splitbrain/dokuwiki/pull/868" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9334.json b/2014/9xxx/CVE-2014-9334.json index c443bfdf56b..54ec4ba5bff 100644 --- a/2014/9xxx/CVE-2014-9334.json +++ b/2014/9xxx/CVE-2014-9334.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9334", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the Bird Feeder plugin 1.2.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) user or (2) password parameter in the bird-feeder page to wp-admin/options-general.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-9334", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20141217 Bird Feeder v1.2.3 WP Plugin - CSRF & XSS Vulnerability", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Dec/69" - }, - { - "name" : "http://packetstormsecurity.com/files/129623/WordPress-Bird-Feeder-1.2.3-CSRF-XSS.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/129623/WordPress-Bird-Feeder-1.2.3-CSRF-XSS.html" - }, - { - "name" : "http://www.vulnerability-lab.com/get_content.php?id=1372", - "refsource" : "MISC", - "url" : "http://www.vulnerability-lab.com/get_content.php?id=1372" - }, - { - "name" : "birdfeeder-wordperss-multiple-xss(99474)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99474" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the Bird Feeder plugin 1.2.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) user or (2) password parameter in the bird-feeder page to wp-admin/options-general.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/129623/WordPress-Bird-Feeder-1.2.3-CSRF-XSS.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/129623/WordPress-Bird-Feeder-1.2.3-CSRF-XSS.html" + }, + { + "name": "20141217 Bird Feeder v1.2.3 WP Plugin - CSRF & XSS Vulnerability", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Dec/69" + }, + { + "name": "birdfeeder-wordperss-multiple-xss(99474)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99474" + }, + { + "name": "http://www.vulnerability-lab.com/get_content.php?id=1372", + "refsource": "MISC", + "url": "http://www.vulnerability-lab.com/get_content.php?id=1372" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9638.json b/2014/9xxx/CVE-2014-9638.json index f2ebb08b64d..4292f058cbd 100644 --- a/2014/9xxx/CVE-2014-9638.json +++ b/2014/9xxx/CVE-2014-9638.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9638", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-9638", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150119 vorbis-tools issues", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Jan/78" - }, - { - "name" : "[oss-security] 20150121 CVE request: two issues in vorbis-tools", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/01/21/5" - }, - { - "name" : "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/01/22/9" - }, - { - "name" : "https://trac.xiph.org/ticket/2137", - "refsource" : "MISC", - "url" : "https://trac.xiph.org/ticket/2137" - }, - { - "name" : "FEDORA-2015-2330", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html" - }, - { - "name" : "FEDORA-2015-2335", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html" - }, - { - "name" : "openSUSE-SU-2015:0522", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html" - }, - { - "name" : "72290", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72290" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://trac.xiph.org/ticket/2137", + "refsource": "MISC", + "url": "https://trac.xiph.org/ticket/2137" + }, + { + "name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/01/21/5" + }, + { + "name": "FEDORA-2015-2335", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html" + }, + { + "name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/01/22/9" + }, + { + "name": "openSUSE-SU-2015:0522", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html" + }, + { + "name": "20150119 vorbis-tools issues", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Jan/78" + }, + { + "name": "FEDORA-2015-2330", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html" + }, + { + "name": "72290", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72290" + } + ] + } +} \ No newline at end of file diff --git a/2014/9xxx/CVE-2014-9922.json b/2014/9xxx/CVE-2014-9922.json index b58348b8981..02221d482a7 100644 --- a/2014/9xxx/CVE-2014-9922.json +++ b/2014/9xxx/CVE-2014-9922.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-9922", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2014-9922", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121" - }, - { - "name" : "http://source.android.com/security/bulletin/2017-04-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2017-04-01.html" - }, - { - "name" : "https://github.com/torvalds/linux/commit/69c433ed2ecd2d3264efd7afec4439524b319121", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/69c433ed2ecd2d3264efd7afec4439524b319121" - }, - { - "name" : "97354", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97354" - }, - { - "name" : "1038201", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=69c433ed2ecd2d3264efd7afec4439524b319121" + }, + { + "name": "http://source.android.com/security/bulletin/2017-04-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2017-04-01.html" + }, + { + "name": "https://github.com/torvalds/linux/commit/69c433ed2ecd2d3264efd7afec4439524b319121", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/69c433ed2ecd2d3264efd7afec4439524b319121" + }, + { + "name": "97354", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97354" + }, + { + "name": "1038201", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038201" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3260.json b/2016/3xxx/CVE-2016-3260.json index e3df7e09302..b422350b45b 100644 --- a/2016/3xxx/CVE-2016-3260.json +++ b/2016/3xxx/CVE-2016-3260.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3260", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-3260", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-084", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084" - }, - { - "name" : "MS16-085", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085" - }, - { - "name" : "91580", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91580" - }, - { - "name" : "1036283", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036283" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Microsoft (1) JScript 9, (2) VBScript, and (3) Chakra JavaScript engines, as used in Microsoft Internet Explorer 11, Microsoft Edge, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036283", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036283" + }, + { + "name": "91580", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91580" + }, + { + "name": "MS16-084", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-084" + }, + { + "name": "MS16-085", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-085" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3397.json b/2016/3xxx/CVE-2016-3397.json index 7bfebe9cd51..adb5282e18c 100644 --- a/2016/3xxx/CVE-2016-3397.json +++ b/2016/3xxx/CVE-2016-3397.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3397", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-3397", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3419.json b/2016/3xxx/CVE-2016-3419.json index b73eb3d896e..4eac6b1b8f7 100644 --- a/2016/3xxx/CVE-2016-3419.json +++ b/2016/3xxx/CVE-2016-3419.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-3419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035629", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035629" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via vectors related to Filesystem." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035629", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035629" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3477.json b/2016/3xxx/CVE-2016-3477.json index 3c7d8ee5a79..711215d540b 100644 --- a/2016/3xxx/CVE-2016-3477.json +++ b/2016/3xxx/CVE-2016-3477.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3477", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-3477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "DSA-3624", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3624" - }, - { - "name" : "DSA-3632", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3632" - }, - { - "name" : "RHSA-2016:1601", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1601.html" - }, - { - "name" : "RHSA-2016:1602", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1602.html" - }, - { - "name" : "RHSA-2016:1603", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1603.html" - }, - { - "name" : "RHSA-2016:1604", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1604.html" - }, - { - "name" : "RHSA-2016:1637", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1637.html" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "openSUSE-SU-2016:2278", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html" - }, - { - "name" : "USN-3040-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3040-1" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91902", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91902" - }, - { - "name" : "1036362", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036362" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3040-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3040-1" + }, + { + "name": "RHSA-2016:1603", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1603.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "DSA-3632", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3632" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/" + }, + { + "name": "RHSA-2016:1601", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1601.html" + }, + { + "name": "91902", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91902" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" + }, + { + "name": "1036362", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036362" + }, + { + "name": "openSUSE-SU-2016:2278", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html" + }, + { + "name": "DSA-3624", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3624" + }, + { + "name": "RHSA-2016:1637", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1637.html" + }, + { + "name": "RHSA-2016:1602", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1602.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "RHSA-2016:1604", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1604.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6091.json b/2016/6xxx/CVE-2016-6091.json index 4164c4c3f83..c0292e15503 100644 --- a/2016/6xxx/CVE-2016-6091.json +++ b/2016/6xxx/CVE-2016-6091.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6091", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-1897, CVE-2015-0119. Reason: This candidate is a duplicate of CVE-2015-1897 and CVE-2015-0119. Notes: All CVE users should reference CVE-2015-1897 and/or CVE-2015-0119 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-6091", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-1897, CVE-2015-0119. Reason: This candidate is a duplicate of CVE-2015-1897 and CVE-2015-0119. Notes: All CVE users should reference CVE-2015-1897 and/or CVE-2015-0119 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6408.json b/2016/6xxx/CVE-2016-6408.json index 5ad41e0f37a..3d2ca45b949 100644 --- a/2016/6xxx/CVE-2016-6408.json +++ b/2016/6xxx/CVE-2016-6408.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6408", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCvb17814." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-6408", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160921 Cisco Prime Home Web-Based User Interface XML External Entity Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-cph" - }, - { - "name" : "93092", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93092" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Prime Home 5.2.0 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCvb17814." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93092", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93092" + }, + { + "name": "20160921 Cisco Prime Home Web-Based User Interface XML External Entity Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-cph" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6889.json b/2016/6xxx/CVE-2016-6889.json index c4301370eca..23265379acb 100644 --- a/2016/6xxx/CVE-2016-6889.json +++ b/2016/6xxx/CVE-2016-6889.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6889", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6889", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6891.json b/2016/6xxx/CVE-2016-6891.json index e1519d02584..99b523879a0 100644 --- a/2016/6xxx/CVE-2016-6891.json +++ b/2016/6xxx/CVE-2016-6891.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6891", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-6891", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/flawed-matrixssl-code-highlights-need-for-better-iot-update-practices/", - "refsource" : "MISC", - "url" : "http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/flawed-matrixssl-code-highlights-need-for-better-iot-update-practices/" - }, - { - "name" : "https://github.com/matrixssl/matrixssl/blob/3-8-6-open/CHANGES.md", - "refsource" : "CONFIRM", - "url" : "https://github.com/matrixssl/matrixssl/blob/3-8-6-open/CHANGES.md" - }, - { - "name" : "VU#396440", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/396440" - }, - { - "name" : "93498", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93498" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/matrixssl/matrixssl/blob/3-8-6-open/CHANGES.md", + "refsource": "CONFIRM", + "url": "https://github.com/matrixssl/matrixssl/blob/3-8-6-open/CHANGES.md" + }, + { + "name": "VU#396440", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/396440" + }, + { + "name": "93498", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93498" + }, + { + "name": "http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/flawed-matrixssl-code-highlights-need-for-better-iot-update-practices/", + "refsource": "MISC", + "url": "http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/flawed-matrixssl-code-highlights-need-for-better-iot-update-practices/" + } + ] + } +} \ No newline at end of file diff --git a/2016/6xxx/CVE-2016-6965.json b/2016/6xxx/CVE-2016-6965.json index d60ce8465ab..8080798431a 100644 --- a/2016/6xxx/CVE-2016-6965.json +++ b/2016/6xxx/CVE-2016-6965.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-6965", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-6965", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" - }, - { - "name" : "93491", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93491" - }, - { - "name" : "1036986", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036986" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1089, CVE-2016-1091, CVE-2016-6944, CVE-2016-6945, CVE-2016-6946, CVE-2016-6949, CVE-2016-6952, CVE-2016-6953, CVE-2016-6961, CVE-2016-6962, CVE-2016-6963, CVE-2016-6964, CVE-2016-6967, CVE-2016-6968, CVE-2016-6969, CVE-2016-6971, CVE-2016-6979, CVE-2016-6988, and CVE-2016-6993." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036986", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036986" + }, + { + "name": "93491", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93491" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-33.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/7xxx/CVE-2016-7415.json b/2016/7xxx/CVE-2016-7415.json index bf5cc5389ca..41b4761b9ca 100644 --- a/2016/7xxx/CVE-2016-7415.json +++ b/2016/7xxx/CVE-2016-7415.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-7415", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-7415", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/09/15/10" - }, - { - "name" : "https://bugs.php.net/bug.php?id=73007", - "refsource" : "MISC", - "url" : "https://bugs.php.net/bug.php?id=73007" - }, - { - "name" : "https://www.tenable.com/security/tns-2016-19", - "refsource" : "CONFIRM", - "url" : "https://www.tenable.com/security/tns-2016-19" - }, - { - "name" : "GLSA-201701-58", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-58" - }, - { - "name" : "93022", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93022" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode (ICU) through 57.1 for C/C++ allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long locale string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.php.net/bug.php?id=73007", + "refsource": "MISC", + "url": "https://bugs.php.net/bug.php?id=73007" + }, + { + "name": "[oss-security] 20160915 Re: CVE assignment for PHP 5.6.26 and 7.0.11", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/09/15/10" + }, + { + "name": "GLSA-201701-58", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-58" + }, + { + "name": "https://www.tenable.com/security/tns-2016-19", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2016-19" + }, + { + "name": "93022", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93022" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8001.json b/2016/8xxx/CVE-2016-8001.json index 00ca5a03225..c5ec7c37b2e 100644 --- a/2016/8xxx/CVE-2016-8001.json +++ b/2016/8xxx/CVE-2016-8001.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8001", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8001", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file