admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-02 14:00:59 +00:00
parent ee07fff64a
commit 358d80cca7
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
21 changed files with 4354 additions and 1329 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
2010/4xxx/CVE-2010-4250.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4250",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files."
"value": "CVE-2010-4250 kernel: inotify memory leak"
}
]
},
@ -44,38 +21,114 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5",
"version": {
"version_data": [
{
"version_value": "0:2.6.33.7-rt29.55.el5rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.29.1.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37",
"refsource": "CONFIRM",
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37"
"url": "https://access.redhat.com/errata/RHSA-2011:0330",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0330"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a2ae4cc9a16e211c8a128ba10d22a85431f093ab",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a2ae4cc9a16e211c8a128ba10d22a85431f093ab"
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37",
"refsource": "MISC",
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.37"
},
{
"name": "[oss-security] 20101124 Re: CVE request: kernel: inotify memory leak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/11/24/11"
"url": "https://access.redhat.com/errata/RHSA-2011:0498",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0498"
},
{
"name": "https://github.com/torvalds/linux/commit/a2ae4cc9a16e211c8a128ba10d22a85431f093ab",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/a2ae4cc9a16e211c8a128ba10d22a85431f093ab"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2ae4cc9a16e211c8a128ba10d22a85431f093ab",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a2ae4cc9a16e211c8a128ba10d22a85431f093ab"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=656830",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=656830"
"url": "http://www.openwall.com/lists/oss-security/2010/11/24/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/11/24/11"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-4250",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-4250"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=656830",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=656830"
},
{
"url": "https://github.com/torvalds/linux/commit/a2ae4cc9a16e211c8a128ba10d22a85431f093ab",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/a2ae4cc9a16e211c8a128ba10d22a85431f093ab"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

212
2010/4xxx/CVE-2010-4531.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4531",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value."
"value": "CVE-2010-4531 pcsc-lite: Stack-based buffer overflow in Answer-to-Reset (ATR) decoder"
}
]
},
@ -44,98 +21,163 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.5.2-11.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2011-0123",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053095.html"
},
{
"name": "ADV-2011-0180",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0180"
},
{
"name": "FEDORA-2011-0164",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053079.html"
},
{
"name": "http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-atr-handler-buffer-overflow_2010-12-13.pdf",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607781",
"refsource": "MISC",
"url": "http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-atr-handler-buffer-overflow_2010-12-13.pdf"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607781"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607781",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607781"
"url": "http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-atr-handler-buffer-overflow_2010-12-13.pdf",
"refsource": "MISC",
"name": "http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-atr-handler-buffer-overflow_2010-12-13.pdf"
},
{
"name": "[oss-security] 20101222 CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ]",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2010/12/22/7"
"url": "http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004923.html",
"refsource": "MISC",
"name": "http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004923.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4531",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4531"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053079.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053079.html"
},
{
"name": "42912",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42912"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053095.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053095.html"
},
{
"name": "ADV-2011-0256",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0256"
"url": "http://secunia.com/advisories/42912",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42912"
},
{
"name": "ADV-2011-0101",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0101"
"url": "http://secunia.com/advisories/43112",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43112"
},
{
"name": "ADV-2010-3264",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3264"
"url": "http://www.debian.org/security/2011/dsa-2156",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2156"
},
{
"name": "[Pcsclite-cvs-commit] 20101103 r5370 - /trunk/PCSC/src/atrhandler.c",
"refsource": "MLIST",
"url": "http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004923.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:015",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:015"
},
{
"name": "43112",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43112"
"url": "http://www.openwall.com/lists/oss-security/2010/12/22/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2010/12/22/7"
},
{
"name": "45450",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45450"
"url": "http://www.openwall.com/lists/oss-security/2011/01/03/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2011/01/03/3"
},
{
"name": "[oss-security] 20110103 Re: CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ]",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/01/03/3"
"url": "http://www.securityfocus.com/bid/45450",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/45450"
},
{
"name": "DSA-2156",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2156"
"url": "http://www.vupen.com/english/advisories/2010/3264",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2010/3264"
},
{
"name": "MDVSA-2011:015",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:015"
"url": "http://www.vupen.com/english/advisories/2011/0101",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0101"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0180",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0180"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0256",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0256"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0525",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0525"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-4531",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-4531"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=664999",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=664999"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4531",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4531"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

271
2010/4xxx/CVE-2010-4540.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4540",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the \"LIGHTING EFFECTS > LIGHT\" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Position field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information."
"value": "CVE-2010-4540 Gimp: Stack-based buffer overflow in Lighting plug-in"
}
]
},
@ -44,98 +21,174 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "2:2.2.13-2.0.7.el5_6.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:2.6.9-4.el6_1.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "DSA-2426",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2426"
},
{
"name": "GLSA-201209-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-23.xml"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=666793",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=666793"
},
{
"name": "ADV-2011-0016",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0016"
},
{
"name": "RHSA-2011:0839",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0839.html"
},
{
"name": "SUSE-SR:2011:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "RHSA-2011:0838",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0838.html"
},
{
"name": "[oss-security] 20110104 Re: CVE request for buffer overflows in gimp",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/01/04/7"
},
{
"name": "44750",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44750"
},
{
"name": "42771",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42771"
},
{
"name": "70282",
"refsource": "OSVDB",
"url": "http://osvdb.org/70282"
},
{
"name": "50737",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50737"
},
{
"name": "[oss-security] 20110103 CVE request for buffer overflows in gimp",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/01/03/2"
},
{
"name": "gimp-lightning-effects-bo(64582)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64582"
},
{
"name": "48236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48236"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "MDVSA-2011:103",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:103"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"
},
{
"url": "http://openwall.com/lists/oss-security/2011/01/03/2",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/01/03/2"
},
{
"url": "http://openwall.com/lists/oss-security/2011/01/04/7",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/01/04/7"
},
{
"url": "http://osvdb.org/70282",
"refsource": "MISC",
"name": "http://osvdb.org/70282"
},
{
"url": "http://secunia.com/advisories/42771",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42771"
},
{
"url": "http://secunia.com/advisories/44750",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44750"
},
{
"url": "http://secunia.com/advisories/48236",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48236"
},
{
"url": "http://secunia.com/advisories/50737",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50737"
},
{
"url": "http://security.gentoo.org/glsa/glsa-201209-23.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201209-23.xml"
},
{
"url": "http://www.debian.org/security/2012/dsa-2426",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2426"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:103",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:103"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2011-0838.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0838.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2011-0839.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0839.html"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0016",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0016"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0838",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0838"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0839",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0839"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-4540",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-4540"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=666793",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=666793"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64582",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64582"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

262
2010/4xxx/CVE-2010-4542.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4542",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. NOTE: some of these details are obtained from third party information."
"value": "CVE-2010-4542 Gimp: Stack-based buffer overflow in Gfig plug-in"
}
]
},
@ -44,93 +21,174 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "2:2.2.13-2.0.7.el5_6.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:2.6.9-4.el6_1.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "DSA-2426",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2426"
},
{
"name": "GLSA-201209-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201209-23.xml"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=666793",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=666793"
},
{
"name": "ADV-2011-0016",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0016"
},
{
"name": "RHSA-2011:0839",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0839.html"
},
{
"name": "SUSE-SR:2011:005",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "RHSA-2011:0838",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0838.html"
},
{
"name": "[oss-security] 20110104 Re: CVE request for buffer overflows in gimp",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/01/04/7"
},
{
"name": "44750",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44750"
},
{
"name": "42771",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42771"
},
{
"name": "50737",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50737"
},
{
"name": "[oss-security] 20110103 CVE request for buffer overflows in gimp",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/01/03/2"
},
{
"name": "48236",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48236"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"
"name": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
},
{
"name": "MDVSA-2011:103",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:103"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"
},
{
"name": "70283",
"refsource": "OSVDB",
"url": "http://osvdb.org/70283"
"url": "http://openwall.com/lists/oss-security/2011/01/03/2",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/01/03/2"
},
{
"url": "http://openwall.com/lists/oss-security/2011/01/04/7",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/01/04/7"
},
{
"url": "http://secunia.com/advisories/42771",
"refsource": "MISC",
"name": "http://secunia.com/advisories/42771"
},
{
"url": "http://secunia.com/advisories/44750",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44750"
},
{
"url": "http://secunia.com/advisories/48236",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48236"
},
{
"url": "http://secunia.com/advisories/50737",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50737"
},
{
"url": "http://security.gentoo.org/glsa/glsa-201209-23.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201209-23.xml"
},
{
"url": "http://www.debian.org/security/2012/dsa-2426",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2426"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:103",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:103"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2011-0838.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0838.html"
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2011-0839.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0839.html"
},
{
"url": "http://www.vupen.com/english/advisories/2011/0016",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0016"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0838",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0838"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0839",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0839"
},
{
"url": "http://osvdb.org/70283",
"refsource": "MISC",
"name": "http://osvdb.org/70283"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-4542",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-4542"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=666793",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=666793"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=703405",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=703405"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

103
2010/4xxx/CVE-2010-4653.json
View File

@ -1,9 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-4653",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "CVE-2010-4653 xpdf: integer overflow in CharCodeToUnicode::addMapping"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -16,7 +40,8 @@
"version": {
"version_data": [
{
"version_value": "before 0.16.3"
"version_value": "before 0.16.3",
"version_affected": "="
}
]
}
@ -27,40 +52,22 @@
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-4653",
"url": "http://security.gentoo.org/glsa/glsa-201310-03.xml",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-4653"
"name": "http://security.gentoo.org/glsa/glsa-201310-03.xml"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653",
"url": "http://www.securityfocus.com/bid/45948",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653"
"name": "http://www.securityfocus.com/bid/45948"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2010-4653",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2010-4653"
},
{
"url": "https://access.redhat.com/security/cve/cve-2010-4653",
@ -68,14 +75,44 @@
"name": "https://access.redhat.com/security/cve/cve-2010-4653"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=672165",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201310-03.xml",
"url": "http://security.gentoo.org/glsa/glsa-201310-03.xml"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=672165"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/45948",
"url": "http://www.securityfocus.com/bid/45948"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-4653",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-4653"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

1004
2011/0xxx/CVE-2011-0013.json
View File

File diff suppressed because it is too large Load Diff

130
2011/0xxx/CVE-2011-0024.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0024",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file."
"value": "CVE-2011-0024 wireshark: heap-based buffer overflow in wireshark < 1.2 when reading malformed capture files"
}
]
},
@ -44,33 +21,104 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 4",
"version": {
"version_data": [
{
"version_value": "0:1.0.15-2.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:1.0.15-1.el5_6.4",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2011:0370",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0370.html"
"url": "http://secunia.com/advisories/43821",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43821"
},
{
"name": "ADV-2011-0719",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0719"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0370.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0370.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=671331",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=671331"
"url": "http://www.vupen.com/english/advisories/2011/0719",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0719"
},
{
"name": "43821",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43821"
"url": "https://access.redhat.com/errata/RHSA-2011:0370",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0370"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-0024",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-0024"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=671331",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=671331"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

171
2011/0xxx/CVE-2011-0025.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0025",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures for JAR files that (1) are \"partially signed\" or (2) signed by multiple entities, which allows remote attackers to trick users into executing code that appears to come from a trusted source."
"value": "CVE-2011-0025 IcedTea jarfile signature verification bypass"
}
]
},
@ -44,58 +21,118 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Verification of Cryptographic Signature",
"cweId": "CWE-347"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "46110",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46110"
},
{
"name": "USN-1055-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1055-1"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "icedtea-jar-security-bypass(65151)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65151"
},
{
"name": "DSA-2224",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2224"
},
{
"name": "43135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43135"
},
{
"name": "http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=3bd328e4b515",
"url": "http://blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/",
"refsource": "MISC",
"url": "http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset;node=3bd328e4b515"
"name": "http://blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/"
},
{
"name": "http://blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/",
"refsource": "CONFIRM",
"url": "http://blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/"
"url": "http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset%3Bnode=3bd328e4b515",
"refsource": "MISC",
"name": "http://icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset%3Bnode=3bd328e4b515"
},
{
"name": "MDVSA-2011:054",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
"url": "http://secunia.com/advisories/43135",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43135"
},
{
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"url": "http://www.debian.org/security/2011/dsa-2224",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2224"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:054"
},
{
"url": "http://www.securityfocus.com/bid/46110",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/46110"
},
{
"url": "http://www.ubuntu.com/usn/USN-1055-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1055-1"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-0025",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-0025"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=672262",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=672262"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65151",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65151"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

245
2011/0xxx/CVE-2011-0713.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0713",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file."
"value": "CVE-2011-0713 Wireshark: heap-based buffer overflow when reading malformed Nokia DCT3 phone signalling traces"
}
]
},
@ -44,138 +21,198 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.2.15-1.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "43759",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43759"
"url": "http://www.vupen.com/english/advisories/2011/0719",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0719"
},
{
"name": "FEDORA-2011-2648",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html"
},
{
"name": "FEDORA-2011-2620",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html"
},
{
"name": "46416",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46416"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html"
},
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html"
"url": "http://secunia.com/advisories/43759",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43759"
},
{
"name": "[oss-security] 20110216 wireshark dct3trace buffer overflow",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/02/16/13"
"url": "http://secunia.com/advisories/43795",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43795"
},
{
"name": "ADV-2011-0747",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0747"
"url": "http://www.debian.org/security/2011/dsa-2201",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2201"
},
{
"name": "wireshark-nokiadct3-bo(65780)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65780"
"url": "http://www.kb.cert.org/vuls/id/215900",
"refsource": "MISC",
"name": "http://www.kb.cert.org/vuls/id/215900"
},
{
"name": "ADV-2011-0626",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0626"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:044",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:044"
},
{
"name": "43795",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43795"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0369.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0369.html"
},
{
"name": "VU#215900",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/215900"
"url": "http://www.securitytracker.com/id?1025148",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1025148"
},
{
"name": "ADV-2011-0719",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0719"
"url": "http://www.vupen.com/english/advisories/2011/0622",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0622"
},
{
"name": "oval:org.mitre.oval:def:14766",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14766"
"url": "http://www.vupen.com/english/advisories/2011/0626",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0626"
},
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html"
"url": "http://www.vupen.com/english/advisories/2011/0747",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0747"
},
{
"name": "FEDORA-2011-2632",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html"
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2011-04.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-04.html"
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html"
},
{
"name": "wireshark-visualc-bo(65460)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65460"
"url": "http://www.wireshark.org/security/wnpa-sec-2011-03.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/security/wnpa-sec-2011-03.html"
},
{
"name": "ADV-2011-0622",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0622"
"url": "http://www.wireshark.org/security/wnpa-sec-2011-04.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/security/wnpa-sec-2011-04.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=678198",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=678198"
"url": "https://access.redhat.com/errata/RHSA-2011:0369",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0369"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2011-03.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2011-03.html"
"url": "http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953",
"refsource": "MISC",
"name": "http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953"
},
{
"name": "RHSA-2011:0369",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0369.html"
"url": "http://openwall.com/lists/oss-security/2011/02/16/13",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/02/16/13"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=rev&revision=35953"
"url": "http://www.securityfocus.com/bid/46416",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/46416"
},
{
"name": "MDVSA-2011:044",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:044"
"url": "https://access.redhat.com/security/cve/CVE-2011-0713",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-0713"
},
{
"name": "1025148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025148"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=678198",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=678198"
},
{
"name": "DSA-2201",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2201"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65460",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65460"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65780",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65780"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14766",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14766"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

141
2011/0xxx/CVE-2011-0717.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-0717",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Session fixation vulnerability in Red Hat Network (RHN) Satellite Server 5.4 allows remote attackers to hijack web sessions via unspecified vectors related to Spacewalk."
"value": "CVE-2011-0717 Satellite, Spacewalk: Session fixation flaw"
}
]
},
@ -44,48 +21,112 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Session Fixation",
"cweId": "CWE-384"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Network Satellite Server v 5.4",
"version": {
"version_data": [
{
"version_value": "0:1.2.13-26.2.el5sat",
"version_affected": "!"
},
{
"version_value": "0:1.2.39-35.1.el5sat",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "46528",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46528"
"url": "http://secunia.com/advisories/43487",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43487"
},
{
"name": "ADV-2011-0491",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0491"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0300.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0300.html"
},
{
"name": "RHSA-2011:0300",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0300.html"
"url": "http://www.securityfocus.com/bid/46528",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/46528"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=672159",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=672159"
"url": "http://www.securitytracker.com/id?1025116",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1025116"
},
{
"name": "1025116",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025116"
"url": "http://www.vupen.com/english/advisories/2011/0491",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0491"
},
{
"name": "rhnss-session-hijacking(65658)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65658"
"url": "https://access.redhat.com/errata/RHSA-2011:0300",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0300"
},
{
"name": "43487",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43487"
"url": "https://access.redhat.com/security/cve/CVE-2011-0717",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-0717"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=672159",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=672159"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65658",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65658"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
]
}

191
2011/1xxx/CVE-2011-1006.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1006",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the parse_cgroup_spec function in tools/tools-common.c in the Control Group Configuration Library (aka libcgroup or libcg) before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear whether this issue crosses privilege boundaries."
"value": "CVE-2011-1006 libcgroup: Heap-based buffer overflow by converting list of controllers for given task into an array of strings"
}
]
},
@ -44,93 +21,153 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:0.36.1-6.el6_0.1",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "43758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43758"
"url": "http://libcg.git.sourceforge.net/git/gitweb.cgi?p=libcg/libcg%3Ba=commit%3Bh=5ae8aea1ecd60c439121d3329d8eaabf13d292c1",
"refsource": "MISC",
"name": "http://libcg.git.sourceforge.net/git/gitweb.cgi?p=libcg/libcg%3Ba=commit%3Bh=5ae8aea1ecd60c439121d3329d8eaabf13d292c1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=678107",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=678107"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056683.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056683.html"
},
{
"name": "44093",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44093"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056734.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056734.html"
},
{
"name": "46729",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46729"
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00027.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00027.html"
},
{
"name": "http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download"
"url": "http://secunia.com/advisories/43611",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43611"
},
{
"name": "http://libcg.git.sourceforge.net/git/gitweb.cgi?p=libcg/libcg;a=commit;h=5ae8aea1ecd60c439121d3329d8eaabf13d292c1",
"refsource": "CONFIRM",
"url": "http://libcg.git.sourceforge.net/git/gitweb.cgi?p=libcg/libcg;a=commit;h=5ae8aea1ecd60c439121d3329d8eaabf13d292c1"
"url": "http://secunia.com/advisories/43758",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43758"
},
{
"name": "43891",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43891"
"url": "http://secunia.com/advisories/43891",
"refsource": "MISC",
"name": "http://secunia.com/advisories/43891"
},
{
"name": "DSA-2193",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2011/dsa-2193"
"url": "http://secunia.com/advisories/44093",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44093"
},
{
"name": "openSUSE-SU-2011:0316",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2011-04/msg00027.html"
"url": "http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download",
"refsource": "MISC",
"name": "http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download"
},
{
"name": "FEDORA-2011-2631",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056683.html"
"url": "http://www.debian.org/security/2011/dsa-2193",
"refsource": "MISC",
"name": "http://www.debian.org/security/2011/dsa-2193"
},
{
"name": "ADV-2011-0679",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0679"
"url": "http://www.redhat.com/support/errata/RHSA-2011-0320.html",
"refsource": "MISC",
"name": "http://www.redhat.com/support/errata/RHSA-2011-0320.html"
},
{
"name": "ADV-2011-0774",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0774"
"url": "http://www.securityfocus.com/bid/46729",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/46729"
},
{
"name": "RHSA-2011:0320",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0320.html"
"url": "http://www.securitytracker.com/id?1025158",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1025158"
},
{
"name": "43611",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43611"
"url": "http://www.vupen.com/english/advisories/2011/0679",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0679"
},
{
"name": "FEDORA-2011-2638",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056734.html"
"url": "http://www.vupen.com/english/advisories/2011/0774",
"refsource": "MISC",
"name": "http://www.vupen.com/english/advisories/2011/0774"
},
{
"name": "1025158",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025158"
"url": "https://access.redhat.com/errata/RHSA-2011:0320",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0320"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-1006",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1006"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=678107",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=678107"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

215
2011/1xxx/CVE-2011-1495.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1495",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions."
"value": "CVE-2011-1494 CVE-2011-1495 kernel: drivers/scsi/mpt2sas: prevent heap overflows"
}
]
},
@ -44,73 +21,181 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-238.12.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-131.0.15.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.0 EUS - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-71.31.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:2.6.33.9-rt31.75.el6rt",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[linux-kernel] 20110405 [PATCH] drivers/scsi/mpt2sas: prevent heap overflows and unchecked reads",
"refsource": "MLIST",
"url": "http://lkml.org/lkml/2011/4/5/327"
"url": "http://secunia.com/advisories/46397",
"refsource": "MISC",
"name": "http://secunia.com/advisories/46397"
},
{
"name": "[oss-security] 20110405 CVE request: kernel: two issues in mpt2sas",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/05/32"
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
},
{
"name": "20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/520102/100/0/threaded"
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
},
{
"name": "46397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46397"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=694021",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=694021"
"url": "https://access.redhat.com/errata/RHSA-2011:1253",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1253"
},
{
"name": "[oss-security] 20110406 Re: CVE request: kernel: two issues in mpt2sas",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2011/04/06/2"
"url": "http://downloads.avaya.com/css/P8/documents/100145416",
"refsource": "MISC",
"name": "http://downloads.avaya.com/css/P8/documents/100145416"
},
{
"name": "https://patchwork.kernel.org/patch/688021/",
"refsource": "CONFIRM",
"url": "https://patchwork.kernel.org/patch/688021/"
"url": "http://lkml.org/lkml/2011/4/5/327",
"refsource": "MISC",
"name": "http://lkml.org/lkml/2011/4/5/327"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2011-0012.html"
"url": "http://openwall.com/lists/oss-security/2011/04/05/32",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/04/05/32"
},
{
"name": "RHSA-2011:0833",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2011-0833.html"
"url": "http://openwall.com/lists/oss-security/2011/04/06/2",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2011/04/06/2"
},
{
"name": "http://downloads.avaya.com/css/P8/documents/100145416",
"refsource": "CONFIRM",
"url": "http://downloads.avaya.com/css/P8/documents/100145416"
"url": "http://rhn.redhat.com/errata/RHSA-2011-0833.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2011-0833.html"
},
{
"name": "47185",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/47185"
"url": "http://www.securityfocus.com/bid/47185",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/47185"
},
{
"name": "SUSE-SU-2015:0812",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
"url": "https://access.redhat.com/errata/RHSA-2011:0542",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0542"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0833",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0833"
},
{
"url": "https://access.redhat.com/errata/RHSA-2011:0883",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0883"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-1495",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1495"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=694021",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=694021"
},
{
"url": "https://patchwork.kernel.org/patch/688021/",
"refsource": "MISC",
"name": "https://patchwork.kernel.org/patch/688021/"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

196
2011/1xxx/CVE-2011-1750.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-1750",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in the virtio-blk driver (hw/virtio-blk.c) in qemu-kvm 0.14.0 allow local guest users to cause a denial of service (guest crash) and possibly gain privileges via a (1) write request to the virtio_blk_handle_write function or (2) read request to the virtio_blk_handle_read function that is not properly aligned."
"value": "CVE-2011-1750 virtio-blk: heap buffer overflow caused by unaligned requests"
}
]
},
@ -44,93 +21,158 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.160.el6",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "DSA-2230",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2011/dsa-2230"
"url": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commitdiff%3Bh=52c050236eaa4f0b5e1d160cd66dc18106445c4d",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commitdiff%3Bh=52c050236eaa4f0b5e1d160cd66dc18106445c4d"
},
{
"name": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commitdiff;h=52c050236eaa4f0b5e1d160cd66dc18106445c4d",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commitdiff;h=52c050236eaa4f0b5e1d160cd66dc18106445c4d"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html"
},
{
"name": "RHSA-2011:0534",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2011-0534.html"
"url": "http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03015.html",
"refsource": "MISC",
"name": "http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03015.html"
},
{
"name": "[Qemu-devel] 20110330 virtio-blk.c handling of i/o which is not a 512 multiple",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03015.html"
"url": "http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03019.html",
"refsource": "MISC",
"name": "http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03019.html"
},
{
"name": "44393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44393"
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html"
},
{
"name": "44658",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44658"
"url": "http://rhn.redhat.com/errata/RHSA-2011-0534.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2011-0534.html"
},
{
"name": "SUSE-SU-2011:0533",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/8572547"
"url": "http://secunia.com/advisories/44132",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44132"
},
{
"name": "kvm-virtioblk-priv-escalation(67062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67062"
"url": "http://secunia.com/advisories/44393",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44393"
},
{
"name": "44660",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44660"
"url": "http://secunia.com/advisories/44658",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44658"
},
{
"name": "[Qemu-devel] 20110330 Re: virtio-blk.c handling of i/o which is not a 512 multiple",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/qemu-devel/2011-03/msg03019.html"
"url": "http://secunia.com/advisories/44660",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44660"
},
{
"name": "73756",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/73756"
"url": "http://secunia.com/advisories/44900",
"refsource": "MISC",
"name": "http://secunia.com/advisories/44900"
},
{
"name": "USN-1145-1",
"refsource": "UBUNTU",
"url": "https://www.ubuntu.com/usn/USN-1145-1/"
"url": "http://www.osvdb.org/73756",
"refsource": "MISC",
"name": "http://www.osvdb.org/73756"
},
{
"name": "44900",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44900"
"url": "https://access.redhat.com/errata/RHSA-2011:0534",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:0534"
},
{
"name": "openSUSE-SU-2011:0510",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2011-05/msg00043.html"
"url": "https://access.redhat.com/security/cve/CVE-2011-1750",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-1750"
},
{
"name": "44132",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44132"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=698906",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=698906"
},
{
"name": "FEDORA-2012-8604",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081972.html"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67062",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67062"
},
{
"url": "https://hermes.opensuse.org/messages/8572547",
"refsource": "MISC",
"name": "https://hermes.opensuse.org/messages/8572547"
},
{
"url": "https://www.debian.org/security/2011/dsa-2230",
"refsource": "MISC",
"name": "https://www.debian.org/security/2011/dsa-2230"
},
{
"url": "https://www.ubuntu.com/usn/USN-1145-1/",
"refsource": "MISC",
"name": "https://www.ubuntu.com/usn/USN-1145-1/"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}

147
2011/2xxx/CVE-2011-2482.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2482",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet."
"value": "CVE-2011-2482 kernel: sctp dos"
}
]
},
@ -44,43 +21,119 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-274.3.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.6 EUS - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-238.31.1.el5",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=714867",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=714867"
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21",
"refsource": "MISC",
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21"
},
{
"name": "RHSA-2011:1212",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d"
},
{
"name": "[oss-security] 20110830 kernel: CVE-2011-2482/2519",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/08/30/1"
"url": "http://rhn.redhat.com/errata/RHSA-2011-1212.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2011-1212.html"
},
{
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21",
"refsource": "CONFIRM",
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.21"
"url": "http://www.openwall.com/lists/oss-security/2011/08/30/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2011/08/30/1"
},
{
"name": "https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d"
"url": "https://access.redhat.com/errata/RHSA-2011:1212",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1212"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d"
"url": "https://access.redhat.com/errata/RHSA-2011:1813",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1813"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-2482",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-2482"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=714867",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=714867"
},
{
"url": "https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/ea2bc483ff5caada7c4aa0d5fbf87d3a6590273d"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

1614
2011/2xxx/CVE-2011-2487.json
View File

File diff suppressed because it is too large Load Diff

219
2011/4xxx/CVE-2011-4127.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-4127",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Linux kernel before 3.2.2 does not properly restrict SG_IO ioctl calls, which allows local users to bypass intended restrictions on disk read and write operations by sending a SCSI command to (1) a partition block device or (2) an LVM volume."
"value": "CVE-2011-4127 kernel: possible privilege escalation via SG_IO ioctl"
}
]
},
@ -44,63 +21,187 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-274.18.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.6 EUS - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-238.35.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-220.2.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:3.0.18-rt34.53.el6rt",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "0:6.2-20111215.0.el6_2",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20111222 CVE-2011-4127 kernel: possible privilege escalation via SG_IO ioctl",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2011/12/22/5"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
},
{
"name": "SUSE-SU-2012:0554",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0bfc96cb77224736dfa35c3c555d37b3646ef35e",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=0bfc96cb77224736dfa35c3c555d37b3646ef35e"
},
{
"name": "48898",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48898"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec8013beddd717d1740cfefb1a9b900deef85462",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ec8013beddd717d1740cfefb1a9b900deef85462"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ec8013beddd717d1740cfefb1a9b900deef85462",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ec8013beddd717d1740cfefb1a9b900deef85462"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0bfc96cb77224736dfa35c3c555d37b3646ef35e",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0bfc96cb77224736dfa35c3c555d37b3646ef35e"
"url": "http://secunia.com/advisories/48898",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48898"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=752375",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752375"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2"
},
{
"name": "https://github.com/torvalds/linux/commit/0bfc96cb77224736dfa35c3c555d37b3646ef35e",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/0bfc96cb77224736dfa35c3c555d37b3646ef35e"
"url": "http://www.openwall.com/lists/oss-security/2011/12/22/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2011/12/22/5"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.2"
"url": "https://access.redhat.com/errata/RHSA-2011:1849",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1849"
},
{
"name": "https://github.com/torvalds/linux/commit/ec8013beddd717d1740cfefb1a9b900deef85462",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ec8013beddd717d1740cfefb1a9b900deef85462"
"url": "https://access.redhat.com/errata/RHSA-2011:1850",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2011:1850"
},
{
"name": "SUSE-SU-2015:0812",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
"url": "https://access.redhat.com/errata/RHSA-2012:0107",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0107"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0333",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0333"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0358",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0358"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2011-4127",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2011-4127"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752375",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=752375"
},
{
"url": "https://github.com/torvalds/linux/commit/0bfc96cb77224736dfa35c3c555d37b3646ef35e",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/0bfc96cb77224736dfa35c3c555d37b3646ef35e"
},
{
"url": "https://github.com/torvalds/linux/commit/ec8013beddd717d1740cfefb1a9b900deef85462",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/ec8013beddd717d1740cfefb1a9b900deef85462"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}

195
2012/2xxx/CVE-2012-2386.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2386",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow."
"value": "CVE-2012-2386 php: Integer overflow leading to heap-buffer overflow in the Phar extension"
}
]
},
@ -44,58 +21,134 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:5.3.3-13.el5_8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:5.3.3-14.el6_3",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.php.net/?p=php-src.git;a=commit;h=158d8a6b088662ce9d31e0c777c6ebe90efdc854",
"refsource": "CONFIRM",
"url": "http://git.php.net/?p=php-src.git;a=commit;h=158d8a6b088662ce9d31e0c777c6ebe90efdc854"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=823594",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=823594"
},
{
"name": "SUSE-SU-2012:0840",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html"
},
{
"name": "https://bugs.php.net/bug.php?id=61065",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=61065"
},
{
"name": "http://www.php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"name": "APPLE-SA-2012-09-19-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
},
{
"name": "http://support.apple.com/kb/HT5501",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5501"
},
{
"name": "[oss-security] 20120522 Re: CVE request: PHP Phar - arbitrary code execution",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/05/22/10"
},
{
"name": "http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html",
"url": "http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html",
"refsource": "MISC",
"url": "http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html"
"name": "http://0x1byte.blogspot.com/2011/04/php-phar-extension-heap-overflow.html"
},
{
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=158d8a6b088662ce9d31e0c777c6ebe90efdc854",
"refsource": "MISC",
"name": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=158d8a6b088662ce9d31e0c777c6ebe90efdc854"
},
{
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00003.html"
},
{
"url": "http://openwall.com/lists/oss-security/2012/05/22/10",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2012/05/22/10"
},
{
"url": "http://support.apple.com/kb/HT5501",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT5501"
},
{
"url": "http://www.php.net/ChangeLog-5.php",
"refsource": "MISC",
"name": "http://www.php.net/ChangeLog-5.php"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1046",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1046"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1047",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1047"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-2386",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2386"
},
{
"url": "https://bugs.php.net/bug.php?id=61065",
"refsource": "MISC",
"name": "https://bugs.php.net/bug.php?id=61065"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=823594",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=823594"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

172
2012/2xxx/CVE-2012-2395.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2395",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incomplete blacklist vulnerability in action_power.py in Cobbler 2.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) username or (2) password fields to the power_system method in the xmlrpc API."
"value": "CVE-2012-2395 cobbler: command injection flaw in the power management XML-RPC API"
}
]
},
@ -44,58 +21,123 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Network Satellite Server v 5.4",
"version": {
"version_data": [
{
"version_value": "0:2.0.7-14.6.el6sat",
"version_affected": "!"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2012:0814",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00000.html"
},
{
"name": "[oss-security] 20120523 CVE request: cobbler command injection",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/4"
},
{
"name": "53666",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53666"
},
{
"name": "https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf",
"refsource": "CONFIRM",
"url": "https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf"
},
{
"name": "[oss-security] 20120523 Re: CVE request: cobbler command injection",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/18"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/978999",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00016.html",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/978999"
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00016.html"
},
{
"name": "https://github.com/cobbler/cobbler/issues/141",
"refsource": "CONFIRM",
"url": "https://github.com/cobbler/cobbler/issues/141"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00000.html"
},
{
"name": "openSUSE-SU-2012:0655",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00016.html"
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/18",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/05/23/18"
},
{
"name": "82458",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/82458"
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/05/23/4"
},
{
"url": "http://www.osvdb.org/82458",
"refsource": "MISC",
"name": "http://www.osvdb.org/82458"
},
{
"url": "http://www.securityfocus.com/bid/53666",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53666"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1060",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1060"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-2395",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2395"
},
{
"url": "https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/978999",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/978999"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824460",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=824460"
},
{
"url": "https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf",
"refsource": "MISC",
"name": "https://github.com/cobbler/cobbler/commit/6d9167e5da44eca56bdf42b5776097a6779aaadf"
},
{
"url": "https://github.com/cobbler/cobbler/issues/141",
"refsource": "MISC",
"name": "https://github.com/cobbler/cobbler/issues/141"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}

18
2023/0xxx/CVE-2023-0646.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0646",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0647.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0647",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0648.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0648",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}