From 35434e011353305755aaf78accef67760d2795dd Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 04:42:17 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2001/0xxx/CVE-2001-0632.json | 130 ++++---- 2001/0xxx/CVE-2001-0765.json | 160 +++++----- 2001/0xxx/CVE-2001-0882.json | 34 +- 2008/1xxx/CVE-2008-1099.json | 240 +++++++------- 2008/1xxx/CVE-2008-1450.json | 34 +- 2008/1xxx/CVE-2008-1617.json | 160 +++++----- 2008/5xxx/CVE-2008-5363.json | 200 ++++++------ 2008/5xxx/CVE-2008-5507.json | 550 ++++++++++++++++----------------- 2008/5xxx/CVE-2008-5947.json | 140 ++++----- 2008/5xxx/CVE-2008-5955.json | 150 ++++----- 2011/2xxx/CVE-2011-2876.json | 140 ++++----- 2013/0xxx/CVE-2013-0453.json | 140 ++++----- 2013/0xxx/CVE-2013-0572.json | 130 ++++---- 2013/0xxx/CVE-2013-0588.json | 34 +- 2013/0xxx/CVE-2013-0723.json | 130 ++++---- 2013/0xxx/CVE-2013-0872.json | 140 ++++----- 2013/1xxx/CVE-2013-1301.json | 140 ++++----- 2013/3xxx/CVE-2013-3005.json | 200 ++++++------ 2013/3xxx/CVE-2013-3259.json | 150 ++++----- 2013/3xxx/CVE-2013-3492.json | 34 +- 2013/3xxx/CVE-2013-3521.json | 34 +- 2013/3xxx/CVE-2013-3974.json | 34 +- 2013/4xxx/CVE-2013-4260.json | 150 ++++----- 2013/4xxx/CVE-2013-4449.json | 240 +++++++------- 2013/4xxx/CVE-2013-4821.json | 140 ++++----- 2017/12xxx/CVE-2017-12046.json | 34 +- 2017/12xxx/CVE-2017-12223.json | 140 ++++----- 2017/12xxx/CVE-2017-12533.json | 142 ++++----- 2017/13xxx/CVE-2017-13268.json | 164 +++++----- 2017/13xxx/CVE-2017-13586.json | 34 +- 2017/13xxx/CVE-2017-13633.json | 34 +- 2017/13xxx/CVE-2017-13805.json | 130 ++++---- 2017/13xxx/CVE-2017-13889.json | 120 +++---- 2017/16xxx/CVE-2017-16330.json | 34 +- 2017/16xxx/CVE-2017-16517.json | 34 +- 2017/16xxx/CVE-2017-16952.json | 120 +++---- 2017/16xxx/CVE-2017-16955.json | 130 ++++---- 2017/16xxx/CVE-2017-16981.json | 34 +- 2017/17xxx/CVE-2017-17391.json | 34 +- 2017/17xxx/CVE-2017-17401.json | 34 +- 2017/17xxx/CVE-2017-17487.json | 34 +- 2017/17xxx/CVE-2017-17670.json | 150 ++++----- 2017/17xxx/CVE-2017-17842.json | 34 +- 2017/17xxx/CVE-2017-17965.json | 34 +- 2018/18xxx/CVE-2018-18048.json | 34 +- 2018/18xxx/CVE-2018-18077.json | 34 +- 2018/18xxx/CVE-2018-18157.json | 34 +- 2018/18xxx/CVE-2018-18191.json | 120 +++---- 2018/18xxx/CVE-2018-18242.json | 120 +++---- 2018/19xxx/CVE-2018-19605.json | 34 +- 2018/1xxx/CVE-2018-1084.json | 170 +++++----- 2018/1xxx/CVE-2018-1228.json | 34 +- 2018/1xxx/CVE-2018-1432.json | 200 ++++++------ 2018/1xxx/CVE-2018-1810.json | 34 +- 2018/1xxx/CVE-2018-1893.json | 34 +- 2018/5xxx/CVE-2018-5011.json | 140 ++++----- 2018/5xxx/CVE-2018-5113.json | 162 +++++----- 2018/5xxx/CVE-2018-5707.json | 34 +- 2018/5xxx/CVE-2018-5925.json | 152 ++++----- 59 files changed, 3220 insertions(+), 3220 deletions(-) diff --git a/2001/0xxx/CVE-2001-0632.json b/2001/0xxx/CVE-2001-0632.json index 8824d517c8e..47c23913aa1 100644 --- a/2001/0xxx/CVE-2001-0632.json +++ b/2001/0xxx/CVE-2001-0632.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0632", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0632", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010220 Advisory: Chili!Soft ASP Multiple Vulnerabilities ", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-02/0378.html" - }, - { - "name" : "20010224 Re: Advisory: Chili!Soft ASP Multiple Vulnerabilities ", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-02/0443.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "BUGTRAQ", + "name": "20010220 Advisory: Chili!Soft ASP Multiple Vulnerabilities", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0378.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20010224 Re: Advisory: Chili!Soft ASP Multiple Vulnerabilities", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0443.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0765.json b/2001/0xxx/CVE-2001-0765.json index da30837ce69..c00ff6a9372 100644 --- a/2001/0xxx/CVE-2001-0765.json +++ b/2001/0xxx/CVE-2001-0765.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0765", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0765", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20010702 BisonFTP Server V4R1 *.bdl upload Directory Traversal", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2001-07/0025.html" - }, - { - "name" : "http://www.bisonftp.com/ServRev.htm", - "refsource" : "CONFIRM", - "url" : "http://www.bisonftp.com/ServRev.htm" - }, - { - "name" : "2963", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2963" - }, - { - "name" : "bisonftp-bdl-directory-traversal(6782)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6782" - }, - { - "name" : "1888", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1888" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.bisonftp.com/ServRev.htm", + "refsource": "CONFIRM", + "url": "http://www.bisonftp.com/ServRev.htm" + }, + { + "name": "bisonftp-bdl-directory-traversal(6782)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6782" + }, + { + "name": "2963", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2963" + }, + { + "name": "1888", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1888" + }, + { + "name": "20010702 BisonFTP Server V4R1 *.bdl upload Directory Traversal", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2001-07/0025.html" + } + ] + } +} \ No newline at end of file diff --git a/2001/0xxx/CVE-2001-0882.json b/2001/0xxx/CVE-2001-0882.json index 58ee16e3f33..28f929974ff 100644 --- a/2001/0xxx/CVE-2001-0882.json +++ b/2001/0xxx/CVE-2001-0882.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2001-0882", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2001-0882", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1099.json b/2008/1xxx/CVE-2008-1099.json index d1d005670ae..6e1d21cea95 100644 --- a/2008/1xxx/CVE-2008-1099.json +++ b/2008/1xxx/CVE-2008-1099.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1099", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1099", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://hg.moinmo.in/moin/1.5/rev/4a7de0173734", - "refsource" : "CONFIRM", - "url" : "http://hg.moinmo.in/moin/1.5/rev/4a7de0173734" - }, - { - "name" : "http://moinmo.in/SecurityFixes", - "refsource" : "CONFIRM", - "url" : "http://moinmo.in/SecurityFixes" - }, - { - "name" : "DSA-1514", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1514" - }, - { - "name" : "FEDORA-2008-3301", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00510.html" - }, - { - "name" : "FEDORA-2008-3328", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00538.html" - }, - { - "name" : "GLSA-200803-27", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml" - }, - { - "name" : "USN-716-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/716-1/" - }, - { - "name" : "28177", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28177" - }, - { - "name" : "29262", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29262" - }, - { - "name" : "29444", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29444" - }, - { - "name" : "30031", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30031" - }, - { - "name" : "33755", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33755" - }, - { - "name" : "moinmoin-macrogetval-information-disclosure(41038)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41038" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30031", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30031" + }, + { + "name": "33755", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33755" + }, + { + "name": "GLSA-200803-27", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml" + }, + { + "name": "28177", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28177" + }, + { + "name": "29262", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29262" + }, + { + "name": "http://moinmo.in/SecurityFixes", + "refsource": "CONFIRM", + "url": "http://moinmo.in/SecurityFixes" + }, + { + "name": "moinmoin-macrogetval-information-disclosure(41038)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41038" + }, + { + "name": "FEDORA-2008-3328", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00538.html" + }, + { + "name": "FEDORA-2008-3301", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00510.html" + }, + { + "name": "29444", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29444" + }, + { + "name": "USN-716-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/716-1/" + }, + { + "name": "http://hg.moinmo.in/moin/1.5/rev/4a7de0173734", + "refsource": "CONFIRM", + "url": "http://hg.moinmo.in/moin/1.5/rev/4a7de0173734" + }, + { + "name": "DSA-1514", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1514" + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1450.json b/2008/1xxx/CVE-2008-1450.json index 3d7196a5c3a..189a265c4eb 100644 --- a/2008/1xxx/CVE-2008-1450.json +++ b/2008/1xxx/CVE-2008-1450.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1450", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2008-1450", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2008/1xxx/CVE-2008-1617.json b/2008/1xxx/CVE-2008-1617.json index 7797ea7e853..40c6be173de 100644 --- a/2008/1xxx/CVE-2008-1617.json +++ b/2008/1xxx/CVE-2008-1617.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-1617", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-1617", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf", - "refsource" : "MISC", - "url" : "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf" - }, - { - "name" : "28628", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28628" - }, - { - "name" : "ADV-2008-1134", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1134/references" - }, - { - "name" : "29733", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29733" - }, - { - "name" : "worksite-webtransferctrl-code-execution(41699)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41699" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in Web TransferCtrl Class 8,2,1,4 (iManFile.cab), as used in WorkSite Web 8.2 before SP1 P2, allows remote attackers to execute arbitrary code via JavaScript that sets the Server property to a string, then sets the string to null." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28628", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28628" + }, + { + "name": "ADV-2008-1134", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1134/references" + }, + { + "name": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf", + "refsource": "MISC", + "url": "http://www.mwrinfosecurity.com/publications/mwri_interwoven-worksite-activex-control-remote-code-execution_2008-03-10.pdf" + }, + { + "name": "29733", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29733" + }, + { + "name": "worksite-webtransferctrl-code-execution(41699)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41699" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5363.json b/2008/5xxx/CVE-2008-5363.json index f3f87495939..3c6bb6d333f 100644 --- a/2008/5xxx/CVE-2008-5363.json +++ b/2008/5xxx/CVE-2008-5363.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5363", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not validate character elements during retrieval from the dictionary data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5363", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081122 Adobe Flash Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/498561/100/0/threaded" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb08-22.html", - "refsource" : "MISC", - "url" : "http://www.adobe.com/support/security/bulletins/apsb08-22.html" - }, - { - "name" : "http://www.isecpartners.com/advisories/2008-01-flash.txt", - "refsource" : "MISC", - "url" : "http://www.isecpartners.com/advisories/2008-01-flash.txt" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm" - }, - { - "name" : "GLSA-200903-23", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200903-23.xml" - }, - { - "name" : "248586", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1" - }, - { - "name" : "33390", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33390" - }, - { - "name" : "34226", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34226" - }, - { - "name" : "4692", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4692" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not validate character elements during retrieval from the dictionary data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20081122 Adobe Flash Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/498561/100/0/threaded" + }, + { + "name": "33390", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33390" + }, + { + "name": "http://www.isecpartners.com/advisories/2008-01-flash.txt", + "refsource": "MISC", + "url": "http://www.isecpartners.com/advisories/2008-01-flash.txt" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb08-22.html", + "refsource": "MISC", + "url": "http://www.adobe.com/support/security/bulletins/apsb08-22.html" + }, + { + "name": "34226", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34226" + }, + { + "name": "4692", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4692" + }, + { + "name": "GLSA-200903-23", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200903-23.xml" + }, + { + "name": "248586", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5507.json b/2008/5xxx/CVE-2008-5507.json index e354c76286d..f757cfb541d 100644 --- a/2008/5xxx/CVE-2008-5507.json +++ b/2008/5xxx/CVE-2008-5507.json @@ -1,277 +1,277 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5507", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2008-5507", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081218 Firefox cross-domain text theft (CESA-2008-011)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/499353/100/0/threaded" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=461735", - "refsource" : "MISC", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=461735" - }, - { - "name" : "http://scary.beasts.org/security/CESA-2008-011.html", - "refsource" : "MISC", - "url" : "http://scary.beasts.org/security/CESA-2008-011.html" - }, - { - "name" : "http://www.mozilla.org/security/announce/2008/mfsa2008-65.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2008/mfsa2008-65.html" - }, - { - "name" : "DSA-1697", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1697" - }, - { - "name" : "DSA-1704", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1704" - }, - { - "name" : "DSA-1707", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1707" - }, - { - "name" : "DSA-1696", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1696" - }, - { - "name" : "MDVSA-2008:245", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245" - }, - { - "name" : "MDVSA-2009:012", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2009:012" - }, - { - "name" : "MDVSA-2008:244", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244" - }, - { - "name" : "RHSA-2008:1036", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-1036.html" - }, - { - "name" : "RHSA-2008:1037", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-1037.html" - }, - { - "name" : "RHSA-2009:0002", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-0002.html" - }, - { - "name" : "256408", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" - }, - { - "name" : "258748", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1" - }, - { - "name" : "USN-690-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/690-1/" - }, - { - "name" : "USN-690-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-690-2" - }, - { - "name" : "USN-690-3", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/690-3/" - }, - { - "name" : "USN-701-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-701-1" - }, - { - "name" : "USN-701-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-701-2" - }, - { - "name" : "32882", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32882" - }, - { - "name" : "oval:org.mitre.oval:def:9376", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9376" - }, - { - "name" : "1021423", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021423" - }, - { - "name" : "33231", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33231" - }, - { - "name" : "33433", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33433" - }, - { - "name" : "33216", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33216" - }, - { - "name" : "33232", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33232" - }, - { - "name" : "33523", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33523" - }, - { - "name" : "33547", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33547" - }, - { - "name" : "33184", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33184" - }, - { - "name" : "33188", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33188" - }, - { - "name" : "33189", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33189" - }, - { - "name" : "33203", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33203" - }, - { - "name" : "33204", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33204" - }, - { - "name" : "33205", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33205" - }, - { - "name" : "33421", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33421" - }, - { - "name" : "33434", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33434" - }, - { - "name" : "34501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34501" - }, - { - "name" : "35080", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35080" - }, - { - "name" : "33408", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33408" - }, - { - "name" : "33415", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33415" - }, - { - "name" : "ADV-2009-0977", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/0977" - }, - { - "name" : "mozilla-javascripturl-infor-disclosure(47413)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47413" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to bypass the same origin policy and access portions of data from another domain via a JavaScript URL that redirects to the target resource, which generates an error if the target data does not have JavaScript syntax, which can be accessed using the window.onerror DOM API." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32882", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32882" + }, + { + "name": "33408", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33408" + }, + { + "name": "DSA-1697", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1697" + }, + { + "name": "USN-690-3", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/690-3/" + }, + { + "name": "33205", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33205" + }, + { + "name": "33421", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33421" + }, + { + "name": "33232", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33232" + }, + { + "name": "RHSA-2008:1036", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-1036.html" + }, + { + "name": "ADV-2009-0977", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/0977" + }, + { + "name": "oval:org.mitre.oval:def:9376", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9376" + }, + { + "name": "USN-690-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-690-2" + }, + { + "name": "20081218 Firefox cross-domain text theft (CESA-2008-011)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/499353/100/0/threaded" + }, + { + "name": "USN-701-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-701-1" + }, + { + "name": "33231", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33231" + }, + { + "name": "MDVSA-2008:245", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:245" + }, + { + "name": "USN-690-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/690-1/" + }, + { + "name": "MDVSA-2009:012", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:012" + }, + { + "name": "33203", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33203" + }, + { + "name": "33433", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33433" + }, + { + "name": "http://scary.beasts.org/security/CESA-2008-011.html", + "refsource": "MISC", + "url": "http://scary.beasts.org/security/CESA-2008-011.html" + }, + { + "name": "DSA-1707", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1707" + }, + { + "name": "33216", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33216" + }, + { + "name": "256408", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1" + }, + { + "name": "1021423", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021423" + }, + { + "name": "http://www.mozilla.org/security/announce/2008/mfsa2008-65.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2008/mfsa2008-65.html" + }, + { + "name": "RHSA-2008:1037", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-1037.html" + }, + { + "name": "DSA-1704", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1704" + }, + { + "name": "DSA-1696", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1696" + }, + { + "name": "33204", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33204" + }, + { + "name": "USN-701-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-701-2" + }, + { + "name": "33184", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33184" + }, + { + "name": "mozilla-javascripturl-infor-disclosure(47413)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47413" + }, + { + "name": "RHSA-2009:0002", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-0002.html" + }, + { + "name": "258748", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-258748-1" + }, + { + "name": "MDVSA-2008:244", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:244" + }, + { + "name": "33415", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33415" + }, + { + "name": "33188", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33188" + }, + { + "name": "33523", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33523" + }, + { + "name": "35080", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35080" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=461735", + "refsource": "MISC", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=461735" + }, + { + "name": "33547", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33547" + }, + { + "name": "33434", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33434" + }, + { + "name": "33189", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33189" + }, + { + "name": "34501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34501" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5947.json b/2008/5xxx/CVE-2008-5947.json index 5f68d2b5058..7d3b88b2d19 100644 --- a/2008/5xxx/CVE-2008-5947.json +++ b/2008/5xxx/CVE-2008-5947.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5947", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in include/class_yapbbcooker.php in YapBB 1.2.Beta 2 allows remote attackers to execute arbitrary PHP code via a URL in the cfgIncludeDirectory parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5947", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/0808-exploits/yapbb-rfi.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0808-exploits/yapbb-rfi.txt" - }, - { - "name" : "30686", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30686" - }, - { - "name" : "yapbb-classyapbbcooker-file-include(44473)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44473" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in include/class_yapbbcooker.php in YapBB 1.2.Beta 2 allows remote attackers to execute arbitrary PHP code via a URL in the cfgIncludeDirectory parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30686", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30686" + }, + { + "name": "http://packetstormsecurity.org/0808-exploits/yapbb-rfi.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0808-exploits/yapbb-rfi.txt" + }, + { + "name": "yapbb-classyapbbcooker-file-include(44473)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44473" + } + ] + } +} \ No newline at end of file diff --git a/2008/5xxx/CVE-2008-5955.json b/2008/5xxx/CVE-2008-5955.json index c0db4ec48b4..c7c13e34b7b 100644 --- a/2008/5xxx/CVE-2008-5955.json +++ b/2008/5xxx/CVE-2008-5955.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-5955", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET Webboard) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-5955", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7337", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7337" - }, - { - "name" : "32635", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32635" - }, - { - "name" : "32994", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32994" - }, - { - "name" : "wbstreet-show-sql-injection(47073)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47073" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in show.php in Wbstreet (aka PHPSTREET Webboard) 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32635", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32635" + }, + { + "name": "wbstreet-show-sql-injection(47073)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47073" + }, + { + "name": "7337", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7337" + }, + { + "name": "32994", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32994" + } + ] + } +} \ No newline at end of file diff --git a/2011/2xxx/CVE-2011-2876.json b/2011/2xxx/CVE-2011-2876.json index c997920a68c..ce781de4b7b 100644 --- a/2011/2xxx/CVE-2011-2876.json +++ b/2011/2xxx/CVE-2011-2876.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2011-2876", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a text line box." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2011-2876", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://code.google.com/p/chromium/issues/detail?id=93788", - "refsource" : "CONFIRM", - "url" : "http://code.google.com/p/chromium/issues/detail?id=93788" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html" - }, - { - "name" : "oval:org.mitre.oval:def:14439", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14439" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Google Chrome before 14.0.835.202 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a text line box." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://code.google.com/p/chromium/issues/detail?id=93788", + "refsource": "CONFIRM", + "url": "http://code.google.com/p/chromium/issues/detail?id=93788" + }, + { + "name": "oval:org.mitre.oval:def:14439", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14439" + }, + { + "name": "http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0453.json b/2013/0xxx/CVE-2013-0453.json index 1183a809dc0..72ac6e3aeb9 100644 --- a/2013/0xxx/CVE-2013-0453.json +++ b/2013/0xxx/CVE-2013-0453.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0453", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli Endpoint Manager (TEM) before 8.2.1372 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-0453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21631351", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21631351" - }, - { - "name" : "IV37766", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IV37766" - }, - { - "name" : "tem-web-reports-xss(80969)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/80969" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli Endpoint Manager (TEM) before 8.2.1372 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "tem-web-reports-xss(80969)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80969" + }, + { + "name": "IV37766", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV37766" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21631351", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21631351" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0572.json b/2013/0xxx/CVE-2013-0572.json index 9f0294f7939..6e4c0bd0058 100644 --- a/2013/0xxx/CVE-2013-0572.json +++ b/2013/0xxx/CVE-2013-0572.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0572", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-0572", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21635328", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21635328" - }, - { - "name" : "asf-cve20130572-spoofing(83247)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/83247" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21635328", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635328" + }, + { + "name": "asf-cve20130572-spoofing(83247)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83247" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0588.json b/2013/0xxx/CVE-2013-0588.json index 669a733f6b2..a81f748377e 100644 --- a/2013/0xxx/CVE-2013-0588.json +++ b/2013/0xxx/CVE-2013-0588.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0588", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-0588", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0723.json b/2013/0xxx/CVE-2013-0723.json index b8c0cf0ab36..ceddf18d343 100644 --- a/2013/0xxx/CVE-2013-0723.json +++ b/2013/0xxx/CVE-2013-0723.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0723", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a crafted spreadsheet file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2013-0723", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "1028713", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1028713" - }, - { - "name" : "51418", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/51418/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a crafted spreadsheet file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "51418", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/51418/" + }, + { + "name": "1028713", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1028713" + } + ] + } +} \ No newline at end of file diff --git a/2013/0xxx/CVE-2013-0872.json b/2013/0xxx/CVE-2013-0872.json index 243fce45166..745ded7cf5f 100644 --- a/2013/0xxx/CVE-2013-0872.json +++ b/2013/0xxx/CVE-2013-0872.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-0872", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The swr_init function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid or unsupported (1) input or (2) output channel layout, related to an out-of-bounds array access." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2013-0872", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=21cd905cd44a4bbafe8631bbaa6021d328413ce5", - "refsource" : "CONFIRM", - "url" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=21cd905cd44a4bbafe8631bbaa6021d328413ce5" - }, - { - "name" : "http://www.ffmpeg.org/security.html", - "refsource" : "CONFIRM", - "url" : "http://www.ffmpeg.org/security.html" - }, - { - "name" : "GLSA-201603-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-06" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The swr_init function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid or unsupported (1) input or (2) output channel layout, related to an out-of-bounds array access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ffmpeg.org/security.html", + "refsource": "CONFIRM", + "url": "http://www.ffmpeg.org/security.html" + }, + { + "name": "GLSA-201603-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-06" + }, + { + "name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=21cd905cd44a4bbafe8631bbaa6021d328413ce5", + "refsource": "CONFIRM", + "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=21cd905cd44a4bbafe8631bbaa6021d328413ce5" + } + ] + } +} \ No newline at end of file diff --git a/2013/1xxx/CVE-2013-1301.json b/2013/1xxx/CVE-2013-1301.json index d378709676b..94df98b3c84 100644 --- a/2013/1xxx/CVE-2013-1301.json +++ b/2013/1xxx/CVE-2013-1301.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-1301", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, aka \"XML External Entities Resolution Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2013-1301", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS13-044", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-044" - }, - { - "name" : "TA13-134A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/ncas/alerts/TA13-134A" - }, - { - "name" : "oval:org.mitre.oval:def:16750", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16750" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, aka \"XML External Entities Resolution Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA13-134A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/ncas/alerts/TA13-134A" + }, + { + "name": "oval:org.mitre.oval:def:16750", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16750" + }, + { + "name": "MS13-044", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-044" + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3005.json b/2013/3xxx/CVE-2013-3005.json index a1cb5ca0211..e279bb3f11c 100644 --- a/2013/3xxx/CVE-2013-3005.json +++ b/2013/3xxx/CVE-2013-3005.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3005", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2013-3005", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://aix.software.ibm.com/aix/efixes/security/tftp_advisory.asc", - "refsource" : "CONFIRM", - "url" : "http://aix.software.ibm.com/aix/efixes/security/tftp_advisory.asc" - }, - { - "name" : "IV40221", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV40221" - }, - { - "name" : "IV42700", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV42700" - }, - { - "name" : "IV42932", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV42932" - }, - { - "name" : "IV42933", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV42933" - }, - { - "name" : "IV42934", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV42934" - }, - { - "name" : "IV42935", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=isg1IV42935" - }, - { - "name" : "oval:org.mitre.oval:def:19519", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19519" - }, - { - "name" : "aix-cve20133005-file-overwrite(85366)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/85366" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TFTP client in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, when RBAC is enabled, allows remote authenticated users to bypass intended file-ownership restrictions, and read or overwrite arbitrary files, via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://aix.software.ibm.com/aix/efixes/security/tftp_advisory.asc", + "refsource": "CONFIRM", + "url": "http://aix.software.ibm.com/aix/efixes/security/tftp_advisory.asc" + }, + { + "name": "aix-cve20133005-file-overwrite(85366)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85366" + }, + { + "name": "IV42935", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=isg1IV42935" + }, + { + "name": "IV42934", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=isg1IV42934" + }, + { + "name": "IV40221", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=isg1IV40221" + }, + { + "name": "IV42932", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=isg1IV42932" + }, + { + "name": "IV42933", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=isg1IV42933" + }, + { + "name": "oval:org.mitre.oval:def:19519", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19519" + }, + { + "name": "IV42700", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=isg1IV42700" + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3259.json b/2013/3xxx/CVE-2013-3259.json index 1899e3b5720..13281375b2c 100644 --- a/2013/3xxx/CVE-2013-3259.json +++ b/2013/3xxx/CVE-2013-3259.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3259", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to execute arbitrary code via a large biClrUsed value in a BMP file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2013-3259", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "60418", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/60418" - }, - { - "name" : "94037", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/94037" - }, - { - "name" : "52698", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/52698" - }, - { - "name" : "zoomplayer-cve20133259-bmp-bo(84835)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/84835" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in INMATRIX Zoom Player before 8.7 beta 11 allows remote attackers to execute arbitrary code via a large biClrUsed value in a BMP file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "60418", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/60418" + }, + { + "name": "52698", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/52698" + }, + { + "name": "zoomplayer-cve20133259-bmp-bo(84835)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84835" + }, + { + "name": "94037", + "refsource": "OSVDB", + "url": "http://osvdb.org/94037" + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3492.json b/2013/3xxx/CVE-2013-3492.json index a66c71b0dec..97732d06619 100644 --- a/2013/3xxx/CVE-2013-3492.json +++ b/2013/3xxx/CVE-2013-3492.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3492", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-3492", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3521.json b/2013/3xxx/CVE-2013-3521.json index 234fb99e57f..806ab03e076 100644 --- a/2013/3xxx/CVE-2013-3521.json +++ b/2013/3xxx/CVE-2013-3521.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3521", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-3521", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/3xxx/CVE-2013-3974.json b/2013/3xxx/CVE-2013-3974.json index d6ab18ed36e..6695d7683eb 100644 --- a/2013/3xxx/CVE-2013-3974.json +++ b/2013/3xxx/CVE-2013-3974.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-3974", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-3974", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4260.json b/2013/4xxx/CVE-2013-4260.json index ef1c7a60afc..24adce42a9e 100644 --- a/2013/4xxx/CVE-2013-4260.json +++ b/2013/4xxx/CVE-2013-4260.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4260", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-4260", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=998227", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=998227" - }, - { - "name" : "https://groups.google.com/forum/#!topic/ansible-project/UVDYW0HGcNg", - "refsource" : "CONFIRM", - "url" : "https://groups.google.com/forum/#!topic/ansible-project/UVDYW0HGcNg" - }, - { - "name" : "http://www.ansible.com/security", - "refsource" : "CONFIRM", - "url" : "http://www.ansible.com/security" - }, - { - "name" : "ansible-cve20134260-symlink(86898)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/86898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "lib/ansible/playbook/__init__.py in Ansible 1.2.x before 1.2.3, when playbook does not run due to an error, allows local users to overwrite arbitrary files via a symlink attack on a retry file with a predictable name in /var/tmp/ansible/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://groups.google.com/forum/#!topic/ansible-project/UVDYW0HGcNg", + "refsource": "CONFIRM", + "url": "https://groups.google.com/forum/#!topic/ansible-project/UVDYW0HGcNg" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=998227", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=998227" + }, + { + "name": "ansible-cve20134260-symlink(86898)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86898" + }, + { + "name": "http://www.ansible.com/security", + "refsource": "CONFIRM", + "url": "http://www.ansible.com/security" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4449.json b/2013/4xxx/CVE-2013-4449.json index 5c01263b510..958909ffb07 100644 --- a/2013/4xxx/CVE-2013-4449.json +++ b/2013/4xxx/CVE-2013-4449.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4449", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2013-4449", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20131018 Re: CVE request: slapd segfaults on certain queries with rwm overlay enabled", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2013/10/19/3" - }, - { - "name" : "http://www.openldap.org/its/index.cgi/Incoming?id=7723", - "refsource" : "CONFIRM", - "url" : "http://www.openldap.org/its/index.cgi/Incoming?id=7723" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1019490", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1019490" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" - }, - { - "name" : "20140401 Cisco Unified Communications Manager Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-4449" - }, - { - "name" : "DSA-3209", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3209" - }, - { - "name" : "MDVSA-2014:026", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2014:026" - }, - { - "name" : "RHSA-2014:0126", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0126.html" - }, - { - "name" : "RHSA-2014:0206", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0206.html" - }, - { - "name" : "63190", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/63190" - }, - { - "name" : "1029711", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029711" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" + }, + { + "name": "http://www.openldap.org/its/index.cgi/Incoming?id=7723", + "refsource": "CONFIRM", + "url": "http://www.openldap.org/its/index.cgi/Incoming?id=7723" + }, + { + "name": "MDVSA-2014:026", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:026" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1019490", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019490" + }, + { + "name": "DSA-3209", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3209" + }, + { + "name": "RHSA-2014:0126", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0126.html" + }, + { + "name": "[oss-security] 20131018 Re: CVE request: slapd segfaults on certain queries with rwm overlay enabled", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2013/10/19/3" + }, + { + "name": "RHSA-2014:0206", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0206.html" + }, + { + "name": "63190", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/63190" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705" + }, + { + "name": "1029711", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029711" + }, + { + "name": "20140401 Cisco Unified Communications Manager Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-4449" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10735" + } + ] + } +} \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4821.json b/2013/4xxx/CVE-2013-4821.json index 6f2618edd26..d8ed618936b 100644 --- a/2013/4xxx/CVE-2013-4821.json +++ b/2013/4xxx/CVE-2013-4821.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-4821", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2013-4821", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBMU02900", - "refsource" : "HP", - "url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862" - }, - { - "name" : "SSRT101254", - "refsource" : "HP", - "url" : "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862" - }, - { - "name" : "VU#895524", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/895524" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in HP System Management Homepage (SMH) before 7.2.1 allows remote authenticated users to cause a denial of service via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#895524", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/895524" + }, + { + "name": "SSRT101254", + "refsource": "HP", + "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862" + }, + { + "name": "HPSBMU02900", + "refsource": "HP", + "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862" + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12046.json b/2017/12xxx/CVE-2017-12046.json index 578fffb699b..a4b43ac5439 100644 --- a/2017/12xxx/CVE-2017-12046.json +++ b/2017/12xxx/CVE-2017-12046.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-12046", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-12046", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12223.json b/2017/12xxx/CVE-2017-12223.json index 5957e75f96c..77b046e5159 100644 --- a/2017/12xxx/CVE-2017-12223.json +++ b/2017/12xxx/CVE-2017-12223.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2017-12223", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco IR800 Integrated Services Router", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco IR800 Integrated Services Router" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device and compromise the integrity of the system. The vulnerability is due to insufficient sanitization of user input. An attacker who can access an affected router via the console could exploit this vulnerability by entering ROMMON mode and modifying ROMMON variables. A successful exploit could allow the attacker to execute arbitrary code and install a malicious version of Hypervisor firmware on an affected device. Cisco Bug IDs: CSCvb44027." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-20" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2017-12223", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco IR800 Integrated Services Router", + "version": { + "version_data": [ + { + "version_value": "Cisco IR800 Integrated Services Router" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-isr", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-isr" - }, - { - "name" : "100689", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100689" - }, - { - "name" : "1039275", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039275" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device and compromise the integrity of the system. The vulnerability is due to insufficient sanitization of user input. An attacker who can access an affected router via the console could exploit this vulnerability by entering ROMMON mode and modifying ROMMON variables. A successful exploit could allow the attacker to execute arbitrary code and install a malicious version of Hypervisor firmware on an affected device. Cisco Bug IDs: CSCvb44027." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-isr", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-isr" + }, + { + "name": "1039275", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039275" + }, + { + "name": "100689", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100689" + } + ] + } +} \ No newline at end of file diff --git a/2017/12xxx/CVE-2017-12533.json b/2017/12xxx/CVE-2017-12533.json index 696b4237989..1057f37412c 100644 --- a/2017/12xxx/CVE-2017-12533.json +++ b/2017/12xxx/CVE-2017-12533.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security-alert@hpe.com", - "DATE_PUBLIC" : "2017-08-11T00:00:00", - "ID" : "CVE-2017-12533", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Intelligent Management Center (iMC) PLAT", - "version" : { - "version_data" : [ - { - "version_value" : "PLAT 7.3 (E0504)" - } - ] - } - } - ] - }, - "vendor_name" : "Hewlett Packard Enterprise" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "security-alert@hpe.com", + "DATE_PUBLIC": "2017-08-11T00:00:00", + "ID": "CVE-2017-12533", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Intelligent Management Center (iMC) PLAT", + "version": { + "version_data": [ + { + "version_value": "PLAT 7.3 (E0504)" + } + ] + } + } + ] + }, + "vendor_name": "Hewlett Packard Enterprise" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" - }, - { - "name" : "100367", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100367" - }, - { - "name" : "1039152", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039152" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1039152", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039152" + }, + { + "name": "100367", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100367" + }, + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03768en_us" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13268.json b/2017/13xxx/CVE-2017-13268.json index 9852fe7ffd5..4a4f3e2ee1d 100644 --- a/2017/13xxx/CVE-2017-13268.json +++ b/2017/13xxx/CVE-2017-13268.json @@ -1,84 +1,84 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2018-03-05T00:00:00", - "ID" : "CVE-2017-13268", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "5.1.1" - }, - { - "version_value" : "6.0" - }, - { - "version_value" : "6.0.1" - }, - { - "version_value" : "7.0" - }, - { - "version_value" : "7.1.1" - }, - { - "version_value" : "7.1.2" - }, - { - "version_value" : "8.0" - }, - { - "version_value" : "8.1" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67058064." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2018-03-05T00:00:00", + "ID": "CVE-2017-13268", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "5.1.1" + }, + { + "version_value": "6.0" + }, + { + "version_value": "6.0.1" + }, + { + "version_value": "7.0" + }, + { + "version_value": "7.1.1" + }, + { + "version_value": "7.1.2" + }, + { + "version_value": "8.0" + }, + { + "version_value": "8.1" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/pixel/2018-03-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/pixel/2018-03-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-67058064." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/pixel/2018-03-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/pixel/2018-03-01" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13586.json b/2017/13xxx/CVE-2017-13586.json index 66089bdb2ef..e866e91a932 100644 --- a/2017/13xxx/CVE-2017-13586.json +++ b/2017/13xxx/CVE-2017-13586.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13586", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-13586", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13633.json b/2017/13xxx/CVE-2017-13633.json index 9af08f47dd1..90e3752e350 100644 --- a/2017/13xxx/CVE-2017-13633.json +++ b/2017/13xxx/CVE-2017-13633.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-13633", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-13633", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13805.json b/2017/13xxx/CVE-2017-13805.json index 67f9077f84c..6524ac39295 100644 --- a/2017/13xxx/CVE-2017-13805.json +++ b/2017/13xxx/CVE-2017-13805.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2017-13805", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the \"Siri\" component. It allows physically proximate attackers to obtain sensitive information via a Siri request for private-content notifications that should not have been available in the lock-screen state." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2017-13805", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT208222", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208222" - }, - { - "name" : "1039703", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039703" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the \"Siri\" component. It allows physically proximate attackers to obtain sensitive information via a Siri request for private-content notifications that should not have been available in the lock-screen state." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT208222", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208222" + }, + { + "name": "1039703", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039703" + } + ] + } +} \ No newline at end of file diff --git a/2017/13xxx/CVE-2017-13889.json b/2017/13xxx/CVE-2017-13889.json index ea763dd8507..c9b52eb9815 100644 --- a/2017/13xxx/CVE-2017-13889.json +++ b/2017/13xxx/CVE-2017-13889.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2017-13889", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. This was addressed with improved credential validation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2017-13889", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT208465", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT208465" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. This was addressed with improved credential validation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT208465", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT208465" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16330.json b/2017/16xxx/CVE-2017-16330.json index 0b87500741f..e215ce59a44 100644 --- a/2017/16xxx/CVE-2017-16330.json +++ b/2017/16xxx/CVE-2017-16330.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16330", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-16330", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16517.json b/2017/16xxx/CVE-2017-16517.json index 45bd1b94e8a..a489b16aa5f 100644 --- a/2017/16xxx/CVE-2017-16517.json +++ b/2017/16xxx/CVE-2017-16517.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16517", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-16517", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16952.json b/2017/16xxx/CVE-2017-16952.json index 7eec77ccca2..d1a69eea8aa 100644 --- a/2017/16xxx/CVE-2017-16952.json +++ b/2017/16xxx/CVE-2017-16952.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16952", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-16952", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43185", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43185/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43185", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43185/" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16955.json b/2017/16xxx/CVE-2017-16955.json index 23839a91249..f8663888d7d 100644 --- a/2017/16xxx/CVE-2017-16955.json +++ b/2017/16xxx/CVE-2017-16955.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16955", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the \"keyword\" parameter to /wp-admin/options-general.php?page=inlinks/inlinks.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-16955", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://packetstormsecurity.com/files/145059/WordPress-In-Link-1.0-SQL-Injection.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/145059/WordPress-In-Link-1.0-SQL-Injection.html" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/8962", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/8962" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the \"keyword\" parameter to /wp-admin/options-general.php?page=inlinks/inlinks.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wpvulndb.com/vulnerabilities/8962", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/8962" + }, + { + "name": "https://packetstormsecurity.com/files/145059/WordPress-In-Link-1.0-SQL-Injection.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/145059/WordPress-In-Link-1.0-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/16xxx/CVE-2017-16981.json b/2017/16xxx/CVE-2017-16981.json index 4555dac7ec3..d456c7d95b1 100644 --- a/2017/16xxx/CVE-2017-16981.json +++ b/2017/16xxx/CVE-2017-16981.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-16981", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-16981", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17391.json b/2017/17xxx/CVE-2017-17391.json index c5f34a8b33f..8ebd7a9d389 100644 --- a/2017/17xxx/CVE-2017-17391.json +++ b/2017/17xxx/CVE-2017-17391.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17391", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17391", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17401.json b/2017/17xxx/CVE-2017-17401.json index 14b805493e5..c3580314e33 100644 --- a/2017/17xxx/CVE-2017-17401.json +++ b/2017/17xxx/CVE-2017-17401.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17401", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17401", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17487.json b/2017/17xxx/CVE-2017-17487.json index d9ef1eeae35..24c90dd98f8 100644 --- a/2017/17xxx/CVE-2017-17487.json +++ b/2017/17xxx/CVE-2017-17487.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17487", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17487", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17670.json b/2017/17xxx/CVE-2017-17670.json index ad73b9089a2..a76af88eba5 100644 --- a/2017/17xxx/CVE-2017-17670.json +++ b/2017/17xxx/CVE-2017-17670.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17670", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17670", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://openwall.com/lists/oss-security/2017/12/15/1", - "refsource" : "MISC", - "url" : "http://openwall.com/lists/oss-security/2017/12/15/1" - }, - { - "name" : "DSA-4203", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4203" - }, - { - "name" : "102214", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102214" - }, - { - "name" : "1040938", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040938" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102214", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102214" + }, + { + "name": "1040938", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040938" + }, + { + "name": "DSA-4203", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4203" + }, + { + "name": "http://openwall.com/lists/oss-security/2017/12/15/1", + "refsource": "MISC", + "url": "http://openwall.com/lists/oss-security/2017/12/15/1" + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17842.json b/2017/17xxx/CVE-2017-17842.json index f0c588a0d1e..7d7e3f2a201 100644 --- a/2017/17xxx/CVE-2017-17842.json +++ b/2017/17xxx/CVE-2017-17842.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17842", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17842", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/17xxx/CVE-2017-17965.json b/2017/17xxx/CVE-2017-17965.json index e05c93b963e..3f5019f5400 100644 --- a/2017/17xxx/CVE-2017-17965.json +++ b/2017/17xxx/CVE-2017-17965.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-17965", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-17965", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18048.json b/2018/18xxx/CVE-2018-18048.json index 8bedbc2cbd1..a08031fedce 100644 --- a/2018/18xxx/CVE-2018-18048.json +++ b/2018/18xxx/CVE-2018-18048.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18048", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18048", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18077.json b/2018/18xxx/CVE-2018-18077.json index 6e0d58e586b..8c69aaf45a2 100644 --- a/2018/18xxx/CVE-2018-18077.json +++ b/2018/18xxx/CVE-2018-18077.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18077", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18077", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18157.json b/2018/18xxx/CVE-2018-18157.json index 0e282bdfcac..cb03eb74106 100644 --- a/2018/18xxx/CVE-2018-18157.json +++ b/2018/18xxx/CVE-2018-18157.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18157", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18157", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18191.json b/2018/18xxx/CVE-2018-18191.json index 4006bdff6a2..7a907684b9b 100644 --- a/2018/18xxx/CVE-2018-18191.json +++ b/2018/18xxx/CVE-2018-18191.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member&m=edit&uid=1 in dayrui FineCms 5.4 allows remote attackers to change the administrator's password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.iwantacve.cn/index.php/archives/49/", - "refsource" : "MISC", - "url" : "http://www.iwantacve.cn/index.php/archives/49/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member&m=edit&uid=1 in dayrui FineCms 5.4 allows remote attackers to change the administrator's password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.iwantacve.cn/index.php/archives/49/", + "refsource": "MISC", + "url": "http://www.iwantacve.cn/index.php/archives/49/" + } + ] + } +} \ No newline at end of file diff --git a/2018/18xxx/CVE-2018-18242.json b/2018/18xxx/CVE-2018-18242.json index 8ed8da2cfc8..acc32a605db 100644 --- a/2018/18xxx/CVE-2018-18242.json +++ b/2018/18xxx/CVE-2018-18242.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-18242", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrated by username=admin&pass=123456&code=9823&act=login&submit=%E7%99%BB+%E9%99%86." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-18242", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/yanchongchong/swallow/issues/4", - "refsource" : "MISC", - "url" : "https://github.com/yanchongchong/swallow/issues/4" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "youke365 v1.1.5 has SQL injection via admin/login.html, as demonstrated by username=admin&pass=123456&code=9823&act=login&submit=%E7%99%BB+%E9%99%86." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/yanchongchong/swallow/issues/4", + "refsource": "MISC", + "url": "https://github.com/yanchongchong/swallow/issues/4" + } + ] + } +} \ No newline at end of file diff --git a/2018/19xxx/CVE-2018-19605.json b/2018/19xxx/CVE-2018-19605.json index fe3554ad1c0..6440959954d 100644 --- a/2018/19xxx/CVE-2018-19605.json +++ b/2018/19xxx/CVE-2018-19605.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-19605", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-19605", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1084.json b/2018/1xxx/CVE-2018-1084.json index bc6e4668532..ee81622435e 100644 --- a/2018/1xxx/CVE-2018-1084.json +++ b/2018/1xxx/CVE-2018-1084.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "lpardo@redhat.com", - "ID" : "CVE-2018-1084", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "corosync", - "version" : { - "version_data" : [ - { - "version_value" : "corosync 2.4.4" - } - ] - } - } - ] - }, - "vendor_name" : "" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "version" : "3.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-190" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2018-1084", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "corosync", + "version": { + "version_data": [ + { + "version_value": "corosync 2.4.4" + } + ] + } + } + ] + }, + "vendor_name": "" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1084", - "refsource" : "MISC", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1084" - }, - { - "name" : "DSA-4174", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4174" - }, - { - "name" : "RHSA-2018:1169", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1169" - }, - { - "name" : "103758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103758" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "7.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-190" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103758" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1084", + "refsource": "MISC", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1084" + }, + { + "name": "DSA-4174", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4174" + }, + { + "name": "RHSA-2018:1169", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1169" + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1228.json b/2018/1xxx/CVE-2018-1228.json index 18376403c04..fd0865de8c9 100644 --- a/2018/1xxx/CVE-2018-1228.json +++ b/2018/1xxx/CVE-2018-1228.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-1228", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-1228", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1432.json b/2018/1xxx/CVE-2018-1432.json index cd31a623642..85335eb2b03 100644 --- a/2018/1xxx/CVE-2018-1432.json +++ b/2018/1xxx/CVE-2018-1432.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2018-06-01T00:00:00", - "ID" : "CVE-2018-1432", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "InfoSphere Information Server", - "version" : { - "version_data" : [ - { - "version_value" : "9.1" - }, - { - "version_value" : "11.3" - }, - { - "version_value" : "11.5" - }, - { - "version_value" : "11.7" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. The attacker could use this weakness to devise a Clickjacking attack to conduct phishing, frame sniffing, social engineering or Cross-Site Request Forgery attacks. IBM X-Force ID: 139360." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "A" : "N", - "AC" : "L", - "AV" : "N", - "C" : "L", - "I" : "L", - "PR" : "N", - "S" : "C", - "SCORE" : "6.100", - "UI" : "R" - }, - "TM" : { - "E" : "H", - "RC" : "C", - "RL" : "O" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2018-06-01T00:00:00", + "ID": "CVE-2018-1432", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "InfoSphere Information Server", + "version": { + "version_data": [ + { + "version_value": "9.1" + }, + { + "version_value": "11.3" + }, + { + "version_value": "11.5" + }, + { + "version_value": "11.7" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22014911", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22014911" - }, - { - "name" : "1041039", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041039" - }, - { - "name" : "ibm-infosphere-cve20181432-xfs(139360)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/139360" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. The attacker could use this weakness to devise a Clickjacking attack to conduct phishing, frame sniffing, social engineering or Cross-Site Request Forgery attacks. IBM X-Force ID: 139360." + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "A": "N", + "AC": "L", + "AV": "N", + "C": "L", + "I": "L", + "PR": "N", + "S": "C", + "SCORE": "6.100", + "UI": "R" + }, + "TM": { + "E": "H", + "RC": "C", + "RL": "O" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22014911", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22014911" + }, + { + "name": "ibm-infosphere-cve20181432-xfs(139360)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139360" + }, + { + "name": "1041039", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041039" + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1810.json b/2018/1xxx/CVE-2018-1810.json index b78f7e07e74..c0093fbb60f 100644 --- a/2018/1xxx/CVE-2018-1810.json +++ b/2018/1xxx/CVE-2018-1810.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-1810", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-1810", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/1xxx/CVE-2018-1893.json b/2018/1xxx/CVE-2018-1893.json index d3deda19084..0a6f2ea8a35 100644 --- a/2018/1xxx/CVE-2018-1893.json +++ b/2018/1xxx/CVE-2018-1893.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-1893", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-1893", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5011.json b/2018/5xxx/CVE-2018-5011.json index 649750d784c..be2673a080b 100644 --- a/2018/5xxx/CVE-2018-5011.json +++ b/2018/5xxx/CVE-2018-5011.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "ID" : "CVE-2018-5011", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions", - "version" : { - "version_data" : [ - { - "version_value" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Use-after-free" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2018-5011", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions", + "version": { + "version_data": [ + { + "version_value": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html" - }, - { - "name" : "104701", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104701" - }, - { - "name" : "1041250", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041250" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use-after-free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb18-21.html" + }, + { + "name": "1041250", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041250" + }, + { + "name": "104701", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104701" + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5113.json b/2018/5xxx/CVE-2018-5113.json index 8d832611aa6..c7c7ca936ea 100644 --- a/2018/5xxx/CVE-2018-5113.json +++ b/2018/5xxx/CVE-2018-5113.json @@ -1,83 +1,83 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@mozilla.org", - "ID" : "CVE-2018-5113", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Firefox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "58" - } - ] - } - } - ] - }, - "vendor_name" : "Mozilla" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The \"browser.identity.launchWebAuthFlow\" function of WebExtensions is only allowed to load content over \"https:\" but this requirement was not properly enforced. This can potentially allow privileged pages to be loaded by the extension. This vulnerability affects Firefox < 58." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "WebExtensions can load non-HTTPS pages with browser.identity.launchWebAuthFlow" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2018-5113", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "58" + } + ] + } + } + ] + }, + "vendor_name": "Mozilla" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1425267", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1425267" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2018-02/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2018-02/" - }, - { - "name" : "USN-3544-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3544-1/" - }, - { - "name" : "102786", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102786" - }, - { - "name" : "1040270", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040270" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The \"browser.identity.launchWebAuthFlow\" function of WebExtensions is only allowed to load content over \"https:\" but this requirement was not properly enforced. This can potentially allow privileged pages to be loaded by the extension. This vulnerability affects Firefox < 58." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "WebExtensions can load non-HTTPS pages with browser.identity.launchWebAuthFlow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040270", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040270" + }, + { + "name": "USN-3544-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3544-1/" + }, + { + "name": "102786", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102786" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1425267", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1425267" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2018-02/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2018-02/" + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5707.json b/2018/5xxx/CVE-2018-5707.json index 2f7b99bfed0..23ab75d1ce4 100644 --- a/2018/5xxx/CVE-2018-5707.json +++ b/2018/5xxx/CVE-2018-5707.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-5707", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-5707", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/5xxx/CVE-2018-5925.json b/2018/5xxx/CVE-2018-5925.json index 73617319dec..b1638e4f963 100644 --- a/2018/5xxx/CVE-2018-5925.json +++ b/2018/5xxx/CVE-2018-5925.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "hp-security-alert@hp.com", - "DATE_PUBLIC" : "2018-08-01T00:00:00", - "ID" : "CVE-2018-5925", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "HP inkjet printers", - "version" : { - "version_data" : [ - { - "version_value" : "Various (see reference)" - } - ] - } - } - ] - }, - "vendor_name" : "HP Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote code execution" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "DATE_PUBLIC": "2018-08-01T00:00:00", + "ID": "CVE-2018-5925", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "HP inkjet printers", + "version": { + "version_data": [ + { + "version_value": "Various (see reference)" + } + ] + } + } + ] + }, + "vendor_name": "HP Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/", - "refsource" : "MISC", - "url" : "https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/" - }, - { - "name" : "HPSBHF03589", - "refsource" : "HP", - "url" : "https://support.hp.com/us-en/document/c06097712" - }, - { - "name" : "105010", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105010" - }, - { - "name" : "1041415", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041415" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote code execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "105010", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105010" + }, + { + "name": "1041415", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041415" + }, + { + "name": "https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/", + "refsource": "MISC", + "url": "https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/" + }, + { + "name": "HPSBHF03589", + "refsource": "HP", + "url": "https://support.hp.com/us-en/document/c06097712" + } + ] + } +} \ No newline at end of file