diff --git a/2009/5xxx/CVE-2009-5145.json b/2009/5xxx/CVE-2009-5145.json index f1fe745450f..f6524c6b927 100644 --- a/2009/5xxx/CVE-2009-5145.json +++ b/2009/5xxx/CVE-2009-5145.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2009-5145", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,37 +27,61 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://bugs.launchpad.net/zope2/+bug/490514", - "refsource": "CONFIRM", - "url": "https://bugs.launchpad.net/zope2/+bug/490514" - }, - { - "name": "72792", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/72792/info" - }, - { - "name": "[oss-security] 20150302 Re: XSS In Zope", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2015/03/02/7" - }, - { - "name": "http://cve.killedkenny.io/cve/CVE-2009-5145", + "url": "http://cve.killedkenny.io/cve/CVE-2009-5145", "refsource": "MISC", - "url": "http://cve.killedkenny.io/cve/CVE-2009-5145" + "name": "http://cve.killedkenny.io/cve/CVE-2009-5145" }, { - "name": "https://github.com/zopefoundation/Zope/commit/2abdf14620f146857dc8e3ffd2b6a754884c331d", - "refsource": "CONFIRM", - "url": "https://github.com/zopefoundation/Zope/commit/2abdf14620f146857dc8e3ffd2b6a754884c331d" - }, - { - "name": "https://security-tracker.debian.org/tracker/CVE-2009-5145/", + "url": "http://www.openwall.com/lists/oss-security/2015/03/02/7", "refsource": "MISC", - "url": "https://security-tracker.debian.org/tracker/CVE-2009-5145/" + "name": "http://www.openwall.com/lists/oss-security/2015/03/02/7" + }, + { + "url": "http://www.securityfocus.com/bid/72792/info", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/72792/info" + }, + { + "url": "https://bugs.launchpad.net/zope2/+bug/490514", + "refsource": "MISC", + "name": "https://bugs.launchpad.net/zope2/+bug/490514" + }, + { + "url": "https://github.com/zopefoundation/Zope/commit/2abdf14620f146857dc8e3ffd2b6a754884c331d", + "refsource": "MISC", + "name": "https://github.com/zopefoundation/Zope/commit/2abdf14620f146857dc8e3ffd2b6a754884c331d" + }, + { + "url": "https://security-tracker.debian.org/tracker/CVE-2009-5145/", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2009-5145/" } ] } diff --git a/2010/0xxx/CVE-2010-0001.json b/2010/0xxx/CVE-2010-0001.json index 8dec51b2778..b5eba860d09 100644 --- a/2010/0xxx/CVE-2010-0001.json +++ b/2010/0xxx/CVE-2010-0001.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "CVE-2010-0001 gzip: (64 bit) Integer underflow by decompressing LZW format files" + "value": "Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted archive that uses LZW compression, leading to an array index error." } ] }, @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "Integer Overflow or Wraparound", - "cweId": "CWE-190" + "value": "n/a" } ] } @@ -32,38 +31,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Red Hat Enterprise Linux 3", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "0:1.3.3-15.rhel3", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat Enterprise Linux 4", - "version": { - "version_data": [ - { - "version_value": "0:1.3.3-18.el4_8.1", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat Enterprise Linux 5", - "version": { - "version_data": [ - { - "version_value": "0:1.3.5-11.el5_4.1", - "version_affected": "!" + "version_affected": "=", + "version_value": "n/a" } ] } @@ -216,21 +193,6 @@ "refsource": "MISC", "name": "http://www.vupen.com/english/advisories/2010/1872" }, - { - "url": "https://access.redhat.com/errata/RHSA-2010:0061", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2010:0061" - }, - { - "url": "https://access.redhat.com/security/cve/CVE-2010-0001", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2010-0001" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554418", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=554418" - }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10546", "refsource": "MISC", @@ -240,31 +202,11 @@ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7511", "refsource": "MISC", "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7511" - } - ] - }, - "impact": { - "cvss": [ + }, { - "accessComplexity": "MEDIUM", - "accessVector": "NETWORK", - "authentication": "NONE", - "availabilityImpact": "PARTIAL", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 6.8, - "collateralDamagePotential": "NOT_DEFINED", - "confidentialityImpact": "PARTIAL", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 0, - "exploitability": "NOT_DEFINED", - "integrityImpact": "PARTIAL", - "integrityRequirement": "NOT_DEFINED", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "targetDistribution": "NOT_DEFINED", - "temporalScore": 0, - "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", - "version": "2.0" + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554418", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=554418" } ] } diff --git a/2010/0xxx/CVE-2010-0003.json b/2010/0xxx/CVE-2010-0003.json index 11bc15916e0..d35330a02c9 100644 --- a/2010/0xxx/CVE-2010-0003.json +++ b/2010/0xxx/CVE-2010-0003.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2010-0003", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,127 +27,151 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "[oss-security] 20100112 CVE request - kernel: infoleak if print-fatal-signals=1", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2010/01/12/1" + "url": "http://www.debian.org/security/2010/dsa-2005", + "refsource": "MISC", + "name": "http://www.debian.org/security/2010/dsa-2005" }, { - "name": "RHSA-2010:0146", - "refsource": "REDHAT", - "url": "https://rhn.redhat.com/errata/RHSA-2010-0146.html" + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html" }, { - "name": "RHSA-2010:0147", - "refsource": "REDHAT", - "url": "http://www.redhat.com/support/errata/RHSA-2010-0147.html" + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0", + "refsource": "MISC", + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0" }, { - "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4", - "refsource": "CONFIRM", - "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4" + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.html" }, { - "name": "37724", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/37724" + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html" }, { - "name": "38779", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/38779" + "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html" }, { - "name": "SUSE-SA:2010:012", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html" + "url": "http://patchwork.kernel.org/patch/69752/", + "refsource": "MISC", + "name": "http://patchwork.kernel.org/patch/69752/" }, { - "name": "http://patchwork.kernel.org/patch/69752/", - "refsource": "CONFIRM", - "url": "http://patchwork.kernel.org/patch/69752/" + "url": "http://secunia.com/advisories/38333", + "refsource": "MISC", + "name": "http://secunia.com/advisories/38333" }, { - "name": "SUSE-SA:2010:014", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html" + "url": "http://secunia.com/advisories/38492", + "refsource": "MISC", + "name": "http://secunia.com/advisories/38492" }, { - "name": "FEDORA-2010-0919", - "refsource": "FEDORA", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-January/034250.html" + "url": "http://secunia.com/advisories/38779", + "refsource": "MISC", + "name": "http://secunia.com/advisories/38779" }, { - "name": "DSA-1996", - "refsource": "DEBIAN", - "url": "http://www.debian.org/security/2010/dsa-1996" + "url": "http://secunia.com/advisories/39033", + "refsource": "MISC", + "name": "http://secunia.com/advisories/39033" }, { - "name": "43315", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/43315" + "url": "http://secunia.com/advisories/43315", + "refsource": "MISC", + "name": "http://secunia.com/advisories/43315" }, { - "name": "39033", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/39033" + "url": "http://www.debian.org/security/2010/dsa-1996", + "refsource": "MISC", + "name": "http://www.debian.org/security/2010/dsa-1996" }, { - "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0", - "refsource": "CONFIRM", - "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b45c6e76bc2c72f6426c14bed64fdcbc9bf37cb0" + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4", + "refsource": "MISC", + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.4" }, { - "name": "38333", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/38333" + "url": "http://www.openwall.com/lists/oss-security/2010/01/12/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2010/01/12/1" }, { - "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", - "refsource": "CONFIRM", - "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" + "url": "http://www.openwall.com/lists/oss-security/2010/01/13/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2010/01/13/4" }, { - "name": "[oss-security] 20100113 Re: CVE request - kernel: infoleak if print-fatal-signals=1", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2010/01/13/4" + "url": "http://www.redhat.com/support/errata/RHSA-2010-0147.html", + "refsource": "MISC", + "name": "http://www.redhat.com/support/errata/RHSA-2010-0147.html" }, { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=554578", - "refsource": "CONFIRM", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554578" + "url": "http://www.redhat.com/support/errata/RHSA-2010-0161.html", + "refsource": "MISC", + "name": "http://www.redhat.com/support/errata/RHSA-2010-0161.html" }, { - "name": "oval:org.mitre.oval:def:10550", - "refsource": "OVAL", - "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10550" + "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded", + "refsource": "MISC", + "name": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" }, { - "name": "DSA-2005", - "refsource": "DEBIAN", - "url": "http://www.debian.org/security/2010/dsa-2005" + "url": "http://www.securityfocus.com/bid/37724", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/37724" }, { - "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", - "refsource": "BUGTRAQ", - "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded" + "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", + "refsource": "MISC", + "name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html" }, { - "name": "SUSE-SA:2010:010", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html" + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10550", + "refsource": "MISC", + "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10550" }, { - "name": "38492", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/38492" + "url": "https://rhn.redhat.com/errata/RHSA-2010-0146.html", + "refsource": "MISC", + "name": "https://rhn.redhat.com/errata/RHSA-2010-0146.html" }, { - "name": "RHSA-2010:0161", - "refsource": "REDHAT", - "url": "http://www.redhat.com/support/errata/RHSA-2010-0161.html" + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=554578", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=554578" } ] } diff --git a/2010/0xxx/CVE-2010-0006.json b/2010/0xxx/CVE-2010-0006.json index fca038f314f..f276517757a 100644 --- a/2010/0xxx/CVE-2010-0006.json +++ b/2010/0xxx/CVE-2010-0006.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "CVE-2010-0006 kernel: ipv6: skb_dst() can be NULL in ipv6_hop_jumbo()" + "value": "The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567." } ] }, @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "NULL Pointer Dereference", - "cweId": "CWE-476" + "value": "n/a" } ] } @@ -40,8 +39,8 @@ "version": { "version_data": [ { - "version_value": "n/a", - "version_affected": "=" + "version_affected": "=", + "version_value": "n/a" } ] } @@ -119,41 +118,11 @@ "refsource": "MISC", "name": "http://www.securityfocus.com/bid/37810" }, - { - "url": "https://access.redhat.com/security/cve/CVE-2010-0006", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2010-0006" - }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=555217", "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=555217" } ] - }, - "impact": { - "cvss": [ - { - "accessComplexity": "LOW", - "accessVector": "NETWORK", - "authentication": "NONE", - "availabilityImpact": "COMPLETE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 7.8, - "collateralDamagePotential": "NOT_DEFINED", - "confidentialityImpact": "NONE", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 0, - "exploitability": "NOT_DEFINED", - "integrityImpact": "NONE", - "integrityRequirement": "NOT_DEFINED", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "targetDistribution": "NOT_DEFINED", - "temporalScore": 0, - "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", - "version": "2.0" - } - ] } } \ No newline at end of file