diff --git a/1999/0xxx/CVE-1999-0008.json b/1999/0xxx/CVE-1999-0008.json index f6fae01b423..4f5003f56d5 100644 --- a/1999/0xxx/CVE-1999-0008.json +++ b/1999/0xxx/CVE-1999-0008.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0008", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in NIS+, in Sun's rpc.nisd program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "00170", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/170" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in NIS+, in Sun's rpc.nisd program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "00170", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/170" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0837.json b/1999/0xxx/CVE-1999-0837.json index 9044ebbdca4..60521902656 100644 --- a/1999/0xxx/CVE-1999-0837.json +++ b/1999/0xxx/CVE-1999-0837.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0837", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Denial of service in BIND by improperly closing TCP sessions via so_linger." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0837", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "CSSA-1999-034.1", - "refsource" : "CALDERA", - "url" : "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt" - }, - { - "name" : "00194", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194" - }, - { - "name" : "788", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/788" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Denial of service in BIND by improperly closing TCP sessions via so_linger." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "CSSA-1999-034.1", + "refsource": "CALDERA", + "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-1999-034.1.txt" + }, + { + "name": "788", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/788" + }, + { + "name": "00194", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/194" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1041.json b/1999/1xxx/CVE-1999-1041.json index c5abc16dc8f..4ea204f3c34 100644 --- a/1999/1xxx/CVE-1999-1041.json +++ b/1999/1xxx/CVE-1999-1041.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1041", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1041", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980827 SCO mscreen vul.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/10420" - }, - { - "name" : "19980926 Root exploit for SCO OpenServer.", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=90686250717719&w=2" - }, - { - "name" : "SB-98.05a", - "refsource" : "SCO", - "url" : "ftp://ftp.sco.com/SSE/security_bulletins/SB-98.05a" - }, - { - "name" : "VB-98.10", - "refsource" : "CERT", - "url" : "http://www.cert.org/vendor_bulletins/VB-98.10.sco.mscreen" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in mscreen on SCO OpenServer 5.0 and SCO UNIX 3.2v4 allows a local user to gain root access via (1) a long TERM environmental variable and (2) a long entry in the .mscreenrc file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19980926 Root exploit for SCO OpenServer.", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=90686250717719&w=2" + }, + { + "name": "SB-98.05a", + "refsource": "SCO", + "url": "ftp://ftp.sco.com/SSE/security_bulletins/SB-98.05a" + }, + { + "name": "VB-98.10", + "refsource": "CERT", + "url": "http://www.cert.org/vendor_bulletins/VB-98.10.sco.mscreen" + }, + { + "name": "19980827 SCO mscreen vul.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/10420" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1056.json b/1999/1xxx/CVE-1999-1056.json index 6751dc74c55..3de3a5ff2f6 100644 --- a/1999/1xxx/CVE-1999-1056.json +++ b/1999/1xxx/CVE-1999-1056.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1056", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1395. Reason: This candidate is a duplicate of CVE-1999-1395. Notes: All CVE users should reference CVE-1999-1395 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-1999-1056", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-1999-1395. Reason: This candidate is a duplicate of CVE-1999-1395. Notes: All CVE users should reference CVE-1999-1395 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1143.json b/1999/1xxx/CVE-1999-1143.json index e8e2642ed7f..fafbc66c8f6 100644 --- a/1999/1xxx/CVE-1999-1143.json +++ b/1999/1xxx/CVE-1999-1143.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1143", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1143", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "H-065", - "refsource" : "CIAC", - "url" : "http://ciac.llnl.gov/ciac/bulletins/h-65.shtml" - }, - { - "name" : "19970504-01-PX", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19970504-01-PX" - }, - { - "name" : "sgi-rld(2109)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2109" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sgi-rld(2109)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2109" + }, + { + "name": "19970504-01-PX", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19970504-01-PX" + }, + { + "name": "H-065", + "refsource": "CIAC", + "url": "http://ciac.llnl.gov/ciac/bulletins/h-65.shtml" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1442.json b/1999/1xxx/CVE-1999-1442.json index e0f424f09b7..04bfb263bc0 100644 --- a/1999/1xxx/CVE-1999-1442.json +++ b/1999/1xxx/CVE-1999-1442.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1442", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html", - "refsource" : "MISC", - "url" : "http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html" - }, - { - "name" : "http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html", - "refsource" : "MISC", - "url" : "http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html" - }, - { - "name" : "105", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html", + "refsource": "MISC", + "url": "http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html" + }, + { + "name": "http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html", + "refsource": "MISC", + "url": "http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html" + }, + { + "name": "105", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0116.json b/2000/0xxx/CVE-2000-0116.json index 1bcba85714e..3b9df048245 100644 --- a/2000/0xxx/CVE-2000-0116.json +++ b/2000/0xxx/CVE-2000-0116.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0116", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the \"Strip Script Tags\" restriction by including an extra < in front of the SCRIPT tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0116", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "954", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/954" - }, - { - "name" : "1212", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1212" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the \"Strip Script Tags\" restriction by including an extra < in front of the SCRIPT tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "954", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/954" + }, + { + "name": "1212", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1212" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0196.json b/2000/0xxx/CVE-2000-0196.json index 6eab4c8cbf0..136d2b79c0e 100644 --- a/2000/0xxx/CVE-2000-0196.json +++ b/2000/0xxx/CVE-2000-0196.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0196", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0196", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "RHSA-2000:006", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-006.html" - }, - { - "name" : "1018", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1018" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2000:006", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-006.html" + }, + { + "name": "1018", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1018" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0387.json b/2000/0xxx/CVE-2000-0387.json index 4ccdb75d290..4a077ecf65c 100644 --- a/2000/0xxx/CVE-2000-0387.json +++ b/2000/0xxx/CVE-2000-0387.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0387", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0387", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "FreeBSD-SA-00:16", - "refsource" : "FREEBSD", - "url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:16.golddig.asc" - }, - { - "name" : "1184", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1184" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FreeBSD-SA-00:16", + "refsource": "FREEBSD", + "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:16.golddig.asc" + }, + { + "name": "1184", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1184" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0608.json b/2000/0xxx/CVE-2000-0608.json index 3ce7d693f4d..9717644f230 100644 --- a/2000/0xxx/CVE-2000-0608.json +++ b/2000/0xxx/CVE-2000-0608.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0608", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0608", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000620 NetWin dMailWeb Denial of Service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-15&msg=4.1.20000621113334.00996820@qlink.queensu.ca" - }, - { - "name" : "1376", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1376" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1376", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1376" + }, + { + "name": "20000620 NetWin dMailWeb Denial of Service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-15&msg=4.1.20000621113334.00996820@qlink.queensu.ca" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0766.json b/2000/0xxx/CVE-2000-0766.json index 9d2b1df47e7..78ddc2f4bbe 100644 --- a/2000/0xxx/CVE-2000-0766.json +++ b/2000/0xxx/CVE-2000-0766.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0766", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or possibly gain privileges via a long HTTP GET request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0766", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000819 D.o.S Vulnerability in vqServer", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008270354.UAA10952@user4.hushmail.com" - }, - { - "name" : "1610", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1610" - }, - { - "name" : "vqserver-get-dos(5152)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5152" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or possibly gain privileges via a long HTTP GET request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1610", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1610" + }, + { + "name": "vqserver-get-dos(5152)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5152" + }, + { + "name": "20000819 D.o.S Vulnerability in vqServer", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=200008270354.UAA10952@user4.hushmail.com" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0772.json b/2000/0xxx/CVE-2000-0772.json index 7390d84881e..31605e306c5 100644 --- a/2000/0xxx/CVE-2000-0772.json +++ b/2000/0xxx/CVE-2000-0772.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0772", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account \"sa\" with no password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0772", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000810 Tumbleweed Worldsecure (MMS) BLANK 'sa' account password vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0098.html" - }, - { - "name" : "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm", - "refsource" : "CONFIRM", - "url" : "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm" - }, - { - "name" : "1562", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1562" - }, - { - "name" : "tumbleweed-mms-blank-password(5072)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5072" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk Worldsecure) creates a default account \"sa\" with no password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm", + "refsource": "CONFIRM", + "url": "http://thompson.tumbleweed.com/NewKB/bulletin/UPFiles/sa-official.htm" + }, + { + "name": "tumbleweed-mms-blank-password(5072)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5072" + }, + { + "name": "1562", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1562" + }, + { + "name": "20000810 Tumbleweed Worldsecure (MMS) BLANK 'sa' account password vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0098.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0783.json b/2000/0xxx/CVE-2000-0783.json index d50d5981f5f..98c698aafc9 100644 --- a/2000/0xxx/CVE-2000-0783.json +++ b/2000/0xxx/CVE-2000-0783.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0783", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed URL to the authentication service on port 4100." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0783", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000815 Watchguard Firebox Authentication DoS", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0162.html" - }, - { - "name" : "1573", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1573" - }, - { - "name" : "firebox-url-dos(5098)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5098" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed URL to the authentication service on port 4100." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000815 Watchguard Firebox Authentication DoS", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0162.html" + }, + { + "name": "firebox-url-dos(5098)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5098" + }, + { + "name": "1573", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1573" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1059.json b/2000/1xxx/CVE-2000-1059.json index 1114f56647e..2d948d9f4e9 100644 --- a/2000/1xxx/CVE-2000-1059.json +++ b/2000/1xxx/CVE-2000-1059.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1059", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an \"xhost + localhost\" command, which allows local users to sniff X Windows events and gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1059", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000929 Mandrake 7.1 bypasses Xauthority X session security.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/136495" - }, - { - "name" : "MDKSA-2000:052", - "refsource" : "MANDRAKE", - "url" : "http://www.linux-mandrake.com/en/security/MDKSA-2000-052.php3" - }, - { - "name" : "1735", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1735" - }, - { - "name" : "xinitrc-bypass-xauthority(5305)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5305" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an \"xhost + localhost\" command, which allows local users to sniff X Windows events and gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000929 Mandrake 7.1 bypasses Xauthority X session security.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/136495" + }, + { + "name": "MDKSA-2000:052", + "refsource": "MANDRAKE", + "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-052.php3" + }, + { + "name": "xinitrc-bypass-xauthority(5305)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5305" + }, + { + "name": "1735", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1735" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1092.json b/2000/1xxx/CVE-2000-1092.json index 0042b448e4f..d3d5827a259 100644 --- a/2000/1xxx/CVE-2000-1092.json +++ b/2000/1xxx/CVE-2000-1092.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1092", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in the EZshopper data directory by inserting a \"/\" in front of the target filename in the \"file\" parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1092", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001213 NSFOCUS SA2000-09 : AHG EZshopper Loadpage.cgi File List", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=97676270729984&w=2" - }, - { - "name" : "2109", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2109" - }, - { - "name" : "ezshopper-cgi-file-disclosure(5740)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5740" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in the EZshopper data directory by inserting a \"/\" in front of the target filename in the \"file\" parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ezshopper-cgi-file-disclosure(5740)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5740" + }, + { + "name": "20001213 NSFOCUS SA2000-09 : AHG EZshopper Loadpage.cgi File List", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=97676270729984&w=2" + }, + { + "name": "2109", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2109" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2191.json b/2005/2xxx/CVE-2005-2191.json index 34185a84039..6fee2bd2398 100644 --- a/2005/2xxx/CVE-2005-2191.json +++ b/2005/2xxx/CVE-2005-2191.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to comersus_backoffice_listAssignedPricesToCustomer.asp or (2) message parameter to comersus_backoffice_message.asp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050707 [Bday release] Comersus shopping cart has multiple Sql injection", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112077057001064&w=2" - }, - { - "name" : "http://downloads.securityfocus.com/vulnerabilities/exploits/backoffice_mult_exp.pl", - "refsource" : "MISC", - "url" : "http://downloads.securityfocus.com/vulnerabilities/exploits/backoffice_mult_exp.pl" - }, - { - "name" : "15251", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15251" - }, - { - "name" : "1014419", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014419" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Comersus shopping cart allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to comersus_backoffice_listAssignedPricesToCustomer.asp or (2) message parameter to comersus_backoffice_message.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15251", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15251" + }, + { + "name": "20050707 [Bday release] Comersus shopping cart has multiple Sql injection", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112077057001064&w=2" + }, + { + "name": "1014419", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014419" + }, + { + "name": "http://downloads.securityfocus.com/vulnerabilities/exploits/backoffice_mult_exp.pl", + "refsource": "MISC", + "url": "http://downloads.securityfocus.com/vulnerabilities/exploits/backoffice_mult_exp.pl" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2339.json b/2005/2xxx/CVE-2005-2339.json index f0564274253..32bf2f59f22 100644 --- a/2005/2xxx/CVE-2005-2339.json +++ b/2005/2xxx/CVE-2005-2339.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2339", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Unicode version of msearch (unicode-msearch) 1.51(U1)-beta1, 1.51(U1), and 1.52(U1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2005-2339", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://jvn.jp/jp/JVN%2379925E6F/index.html", - "refsource" : "MISC", - "url" : "http://jvn.jp/jp/JVN%2379925E6F/index.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Unicode version of msearch (unicode-msearch) 1.51(U1)-beta1, 1.51(U1), and 1.52(U1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://jvn.jp/jp/JVN%2379925E6F/index.html", + "refsource": "MISC", + "url": "http://jvn.jp/jp/JVN%2379925E6F/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2971.json b/2005/2xxx/CVE-2005-2971.json index 94790b49d36..e0f5057534b 100644 --- a/2005/2xxx/CVE-2005-2971.json +++ b/2005/2xxx/CVE-2005-2971.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2971", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2005-2971", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://scary.beasts.org/security/CESA-2005-005.txt", - "refsource" : "MISC", - "url" : "http://scary.beasts.org/security/CESA-2005-005.txt" - }, - { - "name" : "http://www.kde.org/info/security/advisory-20051011-1.txt", - "refsource" : "CONFIRM", - "url" : "http://www.kde.org/info/security/advisory-20051011-1.txt" - }, - { - "name" : "DSA-872", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-872" - }, - { - "name" : "FEDORA-2005-984", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00042.html" - }, - { - "name" : "GLSA-200510-12", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200510-12.xml" - }, - { - "name" : "SSA:2005-310-02", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.388487" - }, - { - "name" : "SUSE-SR:2005:025", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2005_25_sr.html" - }, - { - "name" : "USN-202-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/202-1/" - }, - { - "name" : "15060", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15060" - }, - { - "name" : "1015035", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015035" - }, - { - "name" : "17145", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17145/" - }, - { - "name" : "17190", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17190" - }, - { - "name" : "17212", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17212" - }, - { - "name" : "17486", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17486" - }, - { - "name" : "17171", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17171" - }, - { - "name" : "17332", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17332" - }, - { - "name" : "17480", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17480" - }, - { - "name" : "koffice-kword-rtf-importer-bo(22562)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22562" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the KWord RTF importer for KOffice 1.2.0 through 1.4.1 allows remote attackers to execute arbitrary code via a crafted RTF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17480", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17480" + }, + { + "name": "1015035", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015035" + }, + { + "name": "SSA:2005-310-02", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.388487" + }, + { + "name": "http://scary.beasts.org/security/CESA-2005-005.txt", + "refsource": "MISC", + "url": "http://scary.beasts.org/security/CESA-2005-005.txt" + }, + { + "name": "SUSE-SR:2005:025", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2005_25_sr.html" + }, + { + "name": "17171", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17171" + }, + { + "name": "GLSA-200510-12", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-12.xml" + }, + { + "name": "17212", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17212" + }, + { + "name": "17332", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17332" + }, + { + "name": "DSA-872", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-872" + }, + { + "name": "FEDORA-2005-984", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00042.html" + }, + { + "name": "17486", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17486" + }, + { + "name": "17190", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17190" + }, + { + "name": "USN-202-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/202-1/" + }, + { + "name": "http://www.kde.org/info/security/advisory-20051011-1.txt", + "refsource": "CONFIRM", + "url": "http://www.kde.org/info/security/advisory-20051011-1.txt" + }, + { + "name": "17145", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17145/" + }, + { + "name": "15060", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15060" + }, + { + "name": "koffice-kword-rtf-importer-bo(22562)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22562" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3338.json b/2005/3xxx/CVE-2005-3338.json index 31dc6592ec3..a96ae443cfc 100644 --- a/2005/3xxx/CVE-2005-3338.json +++ b/2005/3xxx/CVE-2005-3338.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3338", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3338", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.mantisbt.org/changelog_page.php", - "refsource" : "CONFIRM", - "url" : "http://bugs.mantisbt.org/changelog_page.php" - }, - { - "name" : "DSA-905", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-905" - }, - { - "name" : "GLSA-200510-24", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200510-24.xml" - }, - { - "name" : "15227", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15227" - }, - { - "name" : "17362", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17362" - }, - { - "name" : "16506", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16506" - }, - { - "name" : "17654", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17654" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Mantis before 0.19.3, when using reminders, causes Mantis to display the real email addresses of users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.mantisbt.org/changelog_page.php", + "refsource": "CONFIRM", + "url": "http://bugs.mantisbt.org/changelog_page.php" + }, + { + "name": "DSA-905", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-905" + }, + { + "name": "16506", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16506" + }, + { + "name": "17654", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17654" + }, + { + "name": "GLSA-200510-24", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-24.xml" + }, + { + "name": "17362", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17362" + }, + { + "name": "15227", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15227" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3708.json b/2005/3xxx/CVE-2005-3708.json index 32652742d6d..1aa5a0bddaf 100644 --- a/2005/3xxx/CVE-2005-3708.json +++ b/2005/3xxx/CVE-2005-3708.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3708", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3708", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2006-01-10", - "refsource" : "APPLE", - "url" : "http://docs.info.apple.com/article.html?artnum=303101" - }, - { - "name" : "16202", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16202" - }, - { - "name" : "ADV-2006-0128", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0128" - }, - { - "name" : "22336", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/22336" - }, - { - "name" : "1015464", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015464" - }, - { - "name" : "18370", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18370" - }, - { - "name" : "quicktime-tga-overflow(24057)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24057" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in Apple Quicktime before 7.0.4 allows remote attackers to execute arbitrary code via crafted TGA image files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18370", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18370" + }, + { + "name": "APPLE-SA-2006-01-10", + "refsource": "APPLE", + "url": "http://docs.info.apple.com/article.html?artnum=303101" + }, + { + "name": "quicktime-tga-overflow(24057)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24057" + }, + { + "name": "1015464", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015464" + }, + { + "name": "22336", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/22336" + }, + { + "name": "ADV-2006-0128", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0128" + }, + { + "name": "16202", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16202" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5018.json b/2007/5xxx/CVE-2007-5018.json index ece3deaee5e..eba6f56364f 100644 --- a/2007/5xxx/CVE-2007-5018.json +++ b/2007/5xxx/CVE-2007-5018.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5018", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5018", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4429", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4429" - }, - { - "name" : "25733", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25733" - }, - { - "name" : "ADV-2007-3224", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3224" - }, - { - "name" : "39670", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39670" - }, - { - "name" : "1018714", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018714" - }, - { - "name" : "26878", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26878" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1018714", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018714" + }, + { + "name": "25733", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25733" + }, + { + "name": "4429", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4429" + }, + { + "name": "39670", + "refsource": "OSVDB", + "url": "http://osvdb.org/39670" + }, + { + "name": "26878", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26878" + }, + { + "name": "ADV-2007-3224", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3224" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5249.json b/2007/5xxx/CVE-2007-5249.json index 0b944bdc780..dd6661783ec 100644 --- a/2007/5xxx/CVE-2007-5249.json +++ b/2007/5xxx/CVE-2007-5249.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5249", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in the logging function in the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to cause a denial of service (daemon crash) via a long (1) PB_Y packet to the YPG server on UDP port 1716 or (2) PB_U packet to UCON on UDP port 1716, different vectors than CVE-2007-4442. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5249", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071001 Unexploitable buffer-overflow in America's Army 2.8.2 through PB", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481227/100/0/threaded" - }, - { - "name" : "http://aluigi.altervista.org/adv/aaboompb-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/aaboompb-adv.txt" - }, - { - "name" : "http://aluigi.org/poc/aaboompb.zip", - "refsource" : "MISC", - "url" : "http://aluigi.org/poc/aaboompb.zip" - }, - { - "name" : "27015", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27015" - }, - { - "name" : "3193", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3193" - }, - { - "name" : "americasarmy-logging-dos(36897)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36897" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in the logging function in the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to cause a denial of service (daemon crash) via a long (1) PB_Y packet to the YPG server on UDP port 1716 or (2) PB_U packet to UCON on UDP port 1716, different vectors than CVE-2007-4442. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071001 Unexploitable buffer-overflow in America's Army 2.8.2 through PB", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481227/100/0/threaded" + }, + { + "name": "americasarmy-logging-dos(36897)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36897" + }, + { + "name": "http://aluigi.org/poc/aaboompb.zip", + "refsource": "MISC", + "url": "http://aluigi.org/poc/aaboompb.zip" + }, + { + "name": "27015", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27015" + }, + { + "name": "http://aluigi.altervista.org/adv/aaboompb-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/aaboompb-adv.txt" + }, + { + "name": "3193", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3193" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2097.json b/2009/2xxx/CVE-2009-2097.json index a7f82bcd570..808b0197b36 100644 --- a/2009/2xxx/CVE-2009-2097.json +++ b/2009/2xxx/CVE-2009-2097.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2097", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in system/application/controllers/catalog.php in Zoki Soft Zoki Catalog (aka Smart Catalog) allows remote attackers to execute arbitrary SQL commands via the search_text parameter. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2097", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090615 [DSF-02-2009] - Zoki Catalog SQL Injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/504311/100/0/threaded" - }, - { - "name" : "http://www.davidsopas.com/2009/06/15/zoki-catalog-sql-injection/", - "refsource" : "MISC", - "url" : "http://www.davidsopas.com/2009/06/15/zoki-catalog-sql-injection/" - }, - { - "name" : "35476", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35476" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in system/application/controllers/catalog.php in Zoki Soft Zoki Catalog (aka Smart Catalog) allows remote attackers to execute arbitrary SQL commands via the search_text parameter. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.davidsopas.com/2009/06/15/zoki-catalog-sql-injection/", + "refsource": "MISC", + "url": "http://www.davidsopas.com/2009/06/15/zoki-catalog-sql-injection/" + }, + { + "name": "20090615 [DSF-02-2009] - Zoki Catalog SQL Injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/504311/100/0/threaded" + }, + { + "name": "35476", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35476" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2694.json b/2009/2xxx/CVE-2009-2694.json index 8f07abfeaba..f6fec86c8d7 100644 --- a/2009/2xxx/CVE-2009-2694.json +++ b/2009/2xxx/CVE-2009-2694.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2694", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2694", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9615", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9615" - }, - { - "name" : "http://www.coresecurity.com/content/libpurple-arbitrary-write", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/content/libpurple-arbitrary-write" - }, - { - "name" : "http://developer.pidgin.im/viewmtn/revision/info/6f7343166c673bf0496ecb1afec9b633c1d54a0e", - "refsource" : "CONFIRM", - "url" : "http://developer.pidgin.im/viewmtn/revision/info/6f7343166c673bf0496ecb1afec9b633c1d54a0e" - }, - { - "name" : "http://developer.pidgin.im/wiki/ChangeLog", - "refsource" : "CONFIRM", - "url" : "http://developer.pidgin.im/wiki/ChangeLog" - }, - { - "name" : "http://www.pidgin.im/news/security/?id=34", - "refsource" : "CONFIRM", - "url" : "http://www.pidgin.im/news/security/?id=34" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=514957", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=514957" - }, - { - "name" : "DSA-1870", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1870" - }, - { - "name" : "RHSA-2009:1218", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2009-1218.html" - }, - { - "name" : "266908", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266908-1" - }, - { - "name" : "oval:org.mitre.oval:def:10319", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10319" - }, - { - "name" : "oval:org.mitre.oval:def:6320", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6320" - }, - { - "name" : "36384", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36384" - }, - { - "name" : "36392", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36392" - }, - { - "name" : "36401", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36401" - }, - { - "name" : "36402", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36402" - }, - { - "name" : "36708", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36708" - }, - { - "name" : "37071", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37071" - }, - { - "name" : "ADV-2009-2303", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2303" - }, - { - "name" : "ADV-2009-2663", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2663" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=514957", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=514957" + }, + { + "name": "ADV-2009-2303", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2303" + }, + { + "name": "36392", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36392" + }, + { + "name": "http://www.pidgin.im/news/security/?id=34", + "refsource": "CONFIRM", + "url": "http://www.pidgin.im/news/security/?id=34" + }, + { + "name": "oval:org.mitre.oval:def:6320", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6320" + }, + { + "name": "http://www.coresecurity.com/content/libpurple-arbitrary-write", + "refsource": "MISC", + "url": "http://www.coresecurity.com/content/libpurple-arbitrary-write" + }, + { + "name": "36402", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36402" + }, + { + "name": "266908", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266908-1" + }, + { + "name": "http://developer.pidgin.im/viewmtn/revision/info/6f7343166c673bf0496ecb1afec9b633c1d54a0e", + "refsource": "CONFIRM", + "url": "http://developer.pidgin.im/viewmtn/revision/info/6f7343166c673bf0496ecb1afec9b633c1d54a0e" + }, + { + "name": "36384", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36384" + }, + { + "name": "DSA-1870", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1870" + }, + { + "name": "37071", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37071" + }, + { + "name": "36708", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36708" + }, + { + "name": "ADV-2009-2663", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2663" + }, + { + "name": "oval:org.mitre.oval:def:10319", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10319" + }, + { + "name": "36401", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36401" + }, + { + "name": "9615", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9615" + }, + { + "name": "http://developer.pidgin.im/wiki/ChangeLog", + "refsource": "CONFIRM", + "url": "http://developer.pidgin.im/wiki/ChangeLog" + }, + { + "name": "RHSA-2009:1218", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2009-1218.html" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2748.json b/2009/2xxx/CVE-2009-2748.json index ce31238b13d..2ce0233a987 100644 --- a/2009/2xxx/CVE-2009-2748.json +++ b/2009/2xxx/CVE-2009-2748.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2748", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.29 and 7.1 before 7.0.0.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2748", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "PK92057", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg1PK92057" - }, - { - "name" : "PK99481", - "refsource" : "AIXAPAR", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg1PK99481" - }, - { - "name" : "was-adminconsole-xss(54229)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54229" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.29 and 7.1 before 7.0.0.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "was-adminconsole-xss(54229)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54229" + }, + { + "name": "PK92057", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=swg1PK92057" + }, + { + "name": "PK99481", + "refsource": "AIXAPAR", + "url": "http://www.ibm.com/support/docview.wss?uid=swg1PK99481" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2870.json b/2009/2xxx/CVE-2009-2870.json index db41625df75..488479b1b42 100644 --- a/2009/2xxx/CVE-2009-2870.json +++ b/2009/2xxx/CVE-2009-2870.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2870", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2009-2870", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=18891", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=18891" - }, - { - "name" : "20090923 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811b.shtml" - }, - { - "name" : "1022930", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022930" - }, - { - "name" : "ADV-2009-2759", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2759" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20090923 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811b.shtml" + }, + { + "name": "1022930", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022930" + }, + { + "name": "ADV-2009-2759", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2759" + }, + { + "name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18891", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18891" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3325.json b/2009/3xxx/CVE-2009-3325.json index 109b22e297e..fa049d0b726 100644 --- a/2009/3xxx/CVE-2009-3325.json +++ b/2009/3xxx/CVE-2009-3325.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3325", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3325", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9721", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9721" - }, - { - "name" : "36464", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36464" - }, - { - "name" : "ADV-2009-2705", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2705" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2009-2705", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2705" + }, + { + "name": "36464", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36464" + }, + { + "name": "9721", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9721" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0217.json b/2015/0xxx/CVE-2015-0217.json index eeb052679b4..f54b68570cf 100644 --- a/2015/0xxx/CVE-2015-0217.json +++ b/2015/0xxx/CVE-2015-0217.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0217", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an improper regular expression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-0217", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150119 Moodle security issues are now public", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2015/01/19/1" - }, - { - "name" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48546", - "refsource" : "CONFIRM", - "url" : "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48546" - }, - { - "name" : "https://moodle.org/mod/forum/discuss.php?d=278617", - "refsource" : "CONFIRM", - "url" : "https://moodle.org/mod/forum/discuss.php?d=278617" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to cause a denial of service (CPU consumption or partial outage) via a crafted string that is matched against an improper regular expression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48546", + "refsource": "CONFIRM", + "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-48546" + }, + { + "name": "https://moodle.org/mod/forum/discuss.php?d=278617", + "refsource": "CONFIRM", + "url": "https://moodle.org/mod/forum/discuss.php?d=278617" + }, + { + "name": "[oss-security] 20150119 Moodle security issues are now public", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2015/01/19/1" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0367.json b/2015/0xxx/CVE-2015-0367.json index f0596029d5f..1d0b6228076 100644 --- a/2015/0xxx/CVE-2015-0367.json +++ b/2015/0xxx/CVE-2015-0367.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0367", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via vectors related to SSO Engine." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-0367", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "72179", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72179" - }, - { - "name" : "62473", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62473" - }, - { - "name" : "oracle-cpujan2015-cve20150367(100077)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100077" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via vectors related to SSO Engine." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "62473", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62473" + }, + { + "name": "oracle-cpujan2015-cve20150367(100077)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100077" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "72179", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72179" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0400.json b/2015/0xxx/CVE-2015-0400.json index e2d83c9be42..9576d745ceb 100644 --- a/2015/0xxx/CVE-2015-0400.json +++ b/2015/0xxx/CVE-2015-0400.json @@ -1,142 +1,142 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0400", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-0400", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "https://www-304.ibm.com/support/docview.wss?uid=swg21695474", - "refsource" : "CONFIRM", - "url" : "https://www-304.ibm.com/support/docview.wss?uid=swg21695474" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2015-0003.html" - }, - { - "name" : "GLSA-201603-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-14" - }, - { - "name" : "GLSA-201507-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201507-14" - }, - { - "name" : "HPSBUX03273", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142496355704097&w=2" - }, - { - "name" : "SSRT101951", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142496355704097&w=2" - }, - { - "name" : "HPSBUX03281", - "refsource" : "HP", - "url" : "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581" - }, - { - "name" : "SSRT101968", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142607790919348&w=2" - }, - { - "name" : "SUSE-SU-2015:0336", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" - }, - { - "name" : "openSUSE-SU-2015:0190", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" - }, - { - "name" : "SUSE-SU-2015:0503", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" - }, - { - "name" : "USN-2486-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2486-1" - }, - { - "name" : "USN-2487-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2487-1" - }, - { - "name" : "72159", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72159" - }, - { - "name" : "1031580", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031580" - }, - { - "name" : "oracle-cpujan2015-cve20150400(100149)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100149" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:0503", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html" + }, + { + "name": "72159", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72159" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2015-0003.html" + }, + { + "name": "oracle-cpujan2015-cve20150400(100149)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100149" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "USN-2487-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2487-1" + }, + { + "name": "GLSA-201603-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-14" + }, + { + "name": "SUSE-SU-2015:0336", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html" + }, + { + "name": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474", + "refsource": "CONFIRM", + "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21695474" + }, + { + "name": "USN-2486-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2486-1" + }, + { + "name": "GLSA-201507-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201507-14" + }, + { + "name": "SSRT101951", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2" + }, + { + "name": "HPSBUX03281", + "refsource": "HP", + "url": "http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581" + }, + { + "name": "SSRT101968", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142607790919348&w=2" + }, + { + "name": "openSUSE-SU-2015:0190", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html" + }, + { + "name": "HPSBUX03273", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142496355704097&w=2" + }, + { + "name": "1031580", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031580" + } + ] + } +} \ No newline at end of file diff --git a/2015/1000xxx/CVE-2015-1000013.json b/2015/1000xxx/CVE-2015-1000013.json index 485440a2f1c..8b3da731a1a 100644 --- a/2015/1000xxx/CVE-2015-1000013.json +++ b/2015/1000xxx/CVE-2015-1000013.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1000013", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Remote file upload vulnerability in wordpress plugin csv2wpec-coupon v1.1" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-1000013", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vapidlabs.com/advisory.php?v=153", - "refsource" : "MISC", - "url" : "http://www.vapidlabs.com/advisory.php?v=153" - }, - { - "name" : "94497", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Remote file upload vulnerability in wordpress plugin csv2wpec-coupon v1.1" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vapidlabs.com/advisory.php?v=153", + "refsource": "MISC", + "url": "http://www.vapidlabs.com/advisory.php?v=153" + }, + { + "name": "94497", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94497" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3125.json b/2015/3xxx/CVE-2015-3125.json index ebb6e67139c..d5946c6f3ce 100644 --- a/2015/3xxx/CVE-2015-3125.json +++ b/2015/3xxx/CVE-2015-3125.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3125", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, and CVE-2015-5116." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3125", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html" - }, - { - "name" : "GLSA-201507-13", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201507-13" - }, - { - "name" : "RHSA-2015:1214", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1214.html" - }, - { - "name" : "SUSE-SU-2015:1211", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html" - }, - { - "name" : "SUSE-SU-2015:1214", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html" - }, - { - "name" : "75594", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75594" - }, - { - "name" : "1032810", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032810" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, and CVE-2015-5116." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032810", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032810" + }, + { + "name": "75594", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75594" + }, + { + "name": "SUSE-SU-2015:1211", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html" + }, + { + "name": "RHSA-2015:1214", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1214.html" + }, + { + "name": "SUSE-SU-2015:1214", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html" + }, + { + "name": "GLSA-201507-13", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201507-13" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-16.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3997.json b/2015/3xxx/CVE-2015-3997.json index a468006d8a1..50b5c95121f 100644 --- a/2015/3xxx/CVE-2015-3997.json +++ b/2015/3xxx/CVE-2015-3997.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3997", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3997", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4258.json b/2015/4xxx/CVE-2015-4258.json index 0e113b89ff4..f199ce087a9 100644 --- a/2015/4xxx/CVE-2015-4258.json +++ b/2015/4xxx/CVE-2015-4258.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4258", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence MSE 8000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90444." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4258", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150709 Cisco TelePresence MSE 8000 Series Cross-Site Request Forgery Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39802" - }, - { - "name" : "1032838", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032838" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence MSE 8000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90444." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032838", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032838" + }, + { + "name": "20150709 Cisco TelePresence MSE 8000 Series Cross-Site Request Forgery Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39802" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4512.json b/2015/4xxx/CVE-2015-4512.json index 89aac204043..ceb1c28a38c 100644 --- a/2015/4xxx/CVE-2015-4512.json +++ b/2015/4xxx/CVE-2015-4512.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4512", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-4512", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-107.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-107.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1170390", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1170390" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "openSUSE-SU-2015:1658", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html" - }, - { - "name" : "openSUSE-SU-2015:1681", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html" - }, - { - "name" : "USN-2743-4", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2743-4" - }, - { - "name" : "USN-2743-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2743-1" - }, - { - "name" : "USN-2743-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2743-2" - }, - { - "name" : "USN-2743-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2743-3" - }, - { - "name" : "76815", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76815" - }, - { - "name" : "1033640", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033640" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the Cairo library with 32-bit color-depth surface creation followed by 16-bit color-depth surface display, which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) by using a CANVAS element to trigger 2D rendering." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:1681", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00005.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-107.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-107.html" + }, + { + "name": "USN-2743-4", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2743-4" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "USN-2743-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2743-3" + }, + { + "name": "76815", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76815" + }, + { + "name": "USN-2743-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2743-2" + }, + { + "name": "1033640", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033640" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1170390", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1170390" + }, + { + "name": "openSUSE-SU-2015:1658", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00000.html" + }, + { + "name": "USN-2743-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2743-1" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4515.json b/2015/4xxx/CVE-2015-4515.json index 1818c7e4e90..2b17f0afbc5 100644 --- a/2015/4xxx/CVE-2015-4515.json +++ b/2015/4xxx/CVE-2015-4515.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4515", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authentication, allows remote attackers to obtain sensitive hostname information by constructing a crafted web site that sends an NTLM request and reads the Workstation field of an NTLM type 3 message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-4515", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-117.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-117.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1046421", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1046421" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "openSUSE-SU-2015:1942", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" - }, - { - "name" : "USN-2785-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2785-1" - }, - { - "name" : "1034069", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034069" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authentication, allows remote attackers to obtain sensitive hostname information by constructing a crafted web site that sends an NTLM request and reads the Workstation field of an NTLM type 3 message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034069", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034069" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-117.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-117.html" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "USN-2785-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2785-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "openSUSE-SU-2015:1942", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1046421", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1046421" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8551.json b/2015/8xxx/CVE-2015-8551.json index 1d755b0abb1..59562cfdcfd 100644 --- a/2015/8xxx/CVE-2015-8551.json +++ b/2015/8xxx/CVE-2015-8551.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8551", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka \"Linux pciback missing sanity checks.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8551", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-157.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-157.html" - }, - { - "name" : "DSA-3434", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3434" - }, - { - "name" : "GLSA-201604-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-03" - }, - { - "name" : "SUSE-SU-2016:1707", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html" - }, - { - "name" : "SUSE-SU-2016:1764", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" - }, - { - "name" : "SUSE-SU-2016:1937", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html" - }, - { - "name" : "SUSE-SU-2016:2105", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" - }, - { - "name" : "openSUSE-SU-2016:2184", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" - }, - { - "name" : "SUSE-SU-2016:0911", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html" - }, - { - "name" : "SUSE-SU-2016:1102", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html" - }, - { - "name" : "79546", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79546" - }, - { - "name" : "1034480", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034480" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka \"Linux pciback missing sanity checks.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://xenbits.xen.org/xsa/advisory-157.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-157.html" + }, + { + "name": "1034480", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034480" + }, + { + "name": "openSUSE-SU-2016:2184", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" + }, + { + "name": "SUSE-SU-2016:1764", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" + }, + { + "name": "SUSE-SU-2016:1102", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html" + }, + { + "name": "SUSE-SU-2016:1707", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00059.html" + }, + { + "name": "GLSA-201604-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-03" + }, + { + "name": "SUSE-SU-2016:2105", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" + }, + { + "name": "DSA-3434", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3434" + }, + { + "name": "79546", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79546" + }, + { + "name": "SUSE-SU-2016:1937", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html" + }, + { + "name": "SUSE-SU-2016:0911", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8806.json b/2015/8xxx/CVE-2015-8806.json index dc870ef4e08..545c9629a64 100644 --- a/2015/8xxx/CVE-2015-8806.json +++ b/2015/8xxx/CVE-2015-8806.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8806", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the \"