From 3c6637af28e8fa2986f5870dbea45837bc63733e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:52:01 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0947.json | 130 ++++++++--------- 1999/0xxx/CVE-1999-0986.json | 120 +++++++-------- 1999/1xxx/CVE-1999-1087.json | 160 ++++++++++---------- 1999/1xxx/CVE-1999-1150.json | 130 ++++++++--------- 1999/1xxx/CVE-1999-1348.json | 120 +++++++-------- 1999/1xxx/CVE-1999-1355.json | 170 ++++++++++----------- 2000/0xxx/CVE-2000-0225.json | 140 +++++++++--------- 2000/0xxx/CVE-2000-0241.json | 130 ++++++++--------- 2000/0xxx/CVE-2000-0245.json | 170 ++++++++++----------- 2000/0xxx/CVE-2000-0513.json | 150 +++++++++---------- 2000/0xxx/CVE-2000-0721.json | 130 ++++++++--------- 2000/0xxx/CVE-2000-0787.json | 160 ++++++++++---------- 2000/0xxx/CVE-2000-0887.json | 220 ++++++++++++++-------------- 2000/0xxx/CVE-2000-0923.json | 140 +++++++++--------- 2000/1xxx/CVE-2000-1048.json | 130 ++++++++--------- 2000/1xxx/CVE-2000-1241.json | 120 +++++++-------- 2005/2xxx/CVE-2005-2329.json | 140 +++++++++--------- 2005/2xxx/CVE-2005-2482.json | 160 ++++++++++---------- 2005/2xxx/CVE-2005-2661.json | 200 ++++++++++++------------- 2007/1xxx/CVE-2007-1175.json | 150 +++++++++---------- 2007/5xxx/CVE-2007-5178.json | 190 ++++++++++++------------ 2007/5xxx/CVE-2007-5670.json | 34 ++--- 2007/5xxx/CVE-2007-5865.json | 34 ++--- 2009/2xxx/CVE-2009-2352.json | 160 ++++++++++---------- 2009/2xxx/CVE-2009-2918.json | 150 +++++++++---------- 2015/3xxx/CVE-2015-3255.json | 190 ++++++++++++------------ 2015/3xxx/CVE-2015-3693.json | 190 ++++++++++++------------ 2015/3xxx/CVE-2015-3891.json | 34 ++--- 2015/4xxx/CVE-2015-4114.json | 34 ++--- 2015/4xxx/CVE-2015-4344.json | 150 +++++++++---------- 2015/4xxx/CVE-2015-4367.json | 160 ++++++++++---------- 2015/4xxx/CVE-2015-4653.json | 34 ++--- 2015/7xxx/CVE-2015-7022.json | 150 +++++++++---------- 2015/8xxx/CVE-2015-8102.json | 34 ++--- 2015/8xxx/CVE-2015-8128.json | 34 ++--- 2015/8xxx/CVE-2015-8229.json | 120 +++++++-------- 2015/8xxx/CVE-2015-8530.json | 140 +++++++++--------- 2016/1xxx/CVE-2016-1261.json | 276 +++++++++++++++++------------------ 2016/1xxx/CVE-2016-1645.json | 210 +++++++++++++------------- 2016/1xxx/CVE-2016-1664.json | 220 ++++++++++++++-------------- 2016/5xxx/CVE-2016-5020.json | 140 +++++++++--------- 2016/5xxx/CVE-2016-5034.json | 140 +++++++++--------- 2016/5xxx/CVE-2016-5336.json | 140 +++++++++--------- 2018/2xxx/CVE-2018-2090.json | 34 ++--- 2018/2xxx/CVE-2018-2160.json | 34 ++--- 2018/2xxx/CVE-2018-2319.json | 34 ++--- 2018/2xxx/CVE-2018-2325.json | 34 ++--- 2018/6xxx/CVE-2018-6098.json | 172 +++++++++++----------- 2018/6xxx/CVE-2018-6304.json | 132 ++++++++--------- 2018/6xxx/CVE-2018-6964.json | 142 +++++++++--------- 2019/0xxx/CVE-2019-0142.json | 34 ++--- 2019/0xxx/CVE-2019-0390.json | 34 ++--- 2019/0xxx/CVE-2019-0868.json | 34 ++--- 2019/0xxx/CVE-2019-0985.json | 34 ++--- 2019/1xxx/CVE-2019-1137.json | 34 ++--- 2019/1xxx/CVE-2019-1447.json | 34 ++--- 2019/1xxx/CVE-2019-1462.json | 34 ++--- 2019/1xxx/CVE-2019-1733.json | 34 ++--- 2019/1xxx/CVE-2019-1852.json | 34 ++--- 2019/4xxx/CVE-2019-4490.json | 34 ++--- 2019/4xxx/CVE-2019-4619.json | 34 ++--- 2019/5xxx/CVE-2019-5263.json | 34 ++--- 2019/5xxx/CVE-2019-5443.json | 34 ++--- 2019/5xxx/CVE-2019-5969.json | 34 ++--- 64 files changed, 3496 insertions(+), 3496 deletions(-) diff --git a/1999/0xxx/CVE-1999-0947.json b/1999/0xxx/CVE-1999-0947.json index 3f259ae0f4a..ed00f82926f 100644 --- a/1999/0xxx/CVE-1999-0947.json +++ b/1999/0xxx/CVE-1999-0947.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0947", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0947", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19991102 Some holes for Win/UNIX softwares", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=94157187815629&w=2" - }, - { - "name" : "762", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/762" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19991102 Some holes for Win/UNIX softwares", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=94157187815629&w=2" + }, + { + "name": "762", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/762" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0986.json b/1999/0xxx/CVE-1999-0986.json index 5efb7466a43..6caf9bf6c7d 100644 --- a/1999/0xxx/CVE-1999-0986.json +++ b/1999/0xxx/CVE-1999-0986.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0986", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0986", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "870", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/870" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "870", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/870" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1087.json b/1999/1xxx/CVE-1999-1087.json index a92714e0184..e439dbacdcc 100644 --- a/1999/1xxx/CVE-1999-1087.json +++ b/1999/1xxx/CVE-1999-1087.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1087", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Internet Explorer 4 treats a 32-bit number (\"dotless IP address\") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1087", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS98-016", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-016" - }, - { - "name" : "Q168617", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/support/kb/articles/q168/6/17.asp" - }, - { - "name" : "http://www.microsoft.com/Windows/Ie/security/dotless.asp", - "refsource" : "CONFIRM", - "url" : "http://www.microsoft.com/Windows/Ie/security/dotless.asp" - }, - { - "name" : "7828", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/7828" - }, - { - "name" : "ie-dotless(2209)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2209" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Internet Explorer 4 treats a 32-bit number (\"dotless IP address\") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.microsoft.com/Windows/Ie/security/dotless.asp", + "refsource": "CONFIRM", + "url": "http://www.microsoft.com/Windows/Ie/security/dotless.asp" + }, + { + "name": "7828", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/7828" + }, + { + "name": "MS98-016", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-016" + }, + { + "name": "Q168617", + "refsource": "MSKB", + "url": "http://support.microsoft.com/support/kb/articles/q168/6/17.asp" + }, + { + "name": "ie-dotless(2209)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2209" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1150.json b/1999/1xxx/CVE-1999-1150.json index 3cd59216d7b..67862a3e042 100644 --- a/1999/1xxx/CVE-1999-1150.json +++ b/1999/1xxx/CVE-1999-1150.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1150", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1150", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980630 Livingston Portmaster - ISN generation is loosy!", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/9723" - }, - { - "name" : "portmaster-fixed-isn(1882)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1882" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19980630 Livingston Portmaster - ISN generation is loosy!", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/9723" + }, + { + "name": "portmaster-fixed-isn(1882)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1882" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1348.json b/1999/1xxx/CVE-1999-1348.json index 3d89d291a65..6d817a05d23 100644 --- a/1999/1xxx/CVE-1999-1348.json +++ b/1999/1xxx/CVE-1999-1348.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1348", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1348", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990630 linuxconf doesn't seem to deal correctly with /etc/pam.d/reboot", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=93220073515880&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990630 linuxconf doesn't seem to deal correctly with /etc/pam.d/reboot", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=93220073515880&w=2" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1355.json b/1999/1xxx/CVE-1999-1355.json index 823be9f04b6..53d0a06d61b 100644 --- a/1999/1xxx/CVE-1999-1355.json +++ b/1999/1xxx/CVE-1999-1355.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1355", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1355", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990817 Compaq PFCUser account", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=93542118727732&w=2" - }, - { - "name" : "19990905 Case ID SSRT0620 - PFCUser account communication", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=93654336516711&w=2" - }, - { - "name" : "19990915 (I) UPDATE - PFCUser Account,", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=93759822430801&w=2" - }, - { - "name" : "19991105 UPDATE: SSRT0620 Compaq Foundation Agents v4.40B PFCUser issues", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=94183795025294&w=2" - }, - { - "name" : "http://www.compaq.com/products/servers/management/advisory.html", - "refsource" : "CONFIRM", - "url" : "http://www.compaq.com/products/servers/management/advisory.html" - }, - { - "name" : "management-pfcuser(3231)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3231" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BMC Patrol component, when installed with Compaq Insight Management Agent 4.23 and earlier, or Management Agents for Servers 4.40 and earlier, creates a PFCUser account with a default password and potentially dangerous privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.compaq.com/products/servers/management/advisory.html", + "refsource": "CONFIRM", + "url": "http://www.compaq.com/products/servers/management/advisory.html" + }, + { + "name": "19990817 Compaq PFCUser account", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=93542118727732&w=2" + }, + { + "name": "19990915 (I) UPDATE - PFCUser Account,", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=93759822430801&w=2" + }, + { + "name": "management-pfcuser(3231)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3231" + }, + { + "name": "19991105 UPDATE: SSRT0620 Compaq Foundation Agents v4.40B PFCUser issues", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=94183795025294&w=2" + }, + { + "name": "19990905 Case ID SSRT0620 - PFCUser account communication", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=93654336516711&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0225.json b/2000/0xxx/CVE-2000-0225.json index 53d344d5e1e..9ac045b3768 100644 --- a/2000/0xxx/CVE-2000-0225.json +++ b/2000/0xxx/CVE-2000-0225.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0225", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Pocsag POC32 program does not properly prevent remote users from accessing its server port, even if the option has been disabled." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0225", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000303 Pocsag remote access to client can't be disabled.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=003601bf854b$6893a090$0100a8c0@FIREWALKER" - }, - { - "name" : "1032", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1032" - }, - { - "name" : "259", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/259" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Pocsag POC32 program does not properly prevent remote users from accessing its server port, even if the option has been disabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1032" + }, + { + "name": "20000303 Pocsag remote access to client can't be disabled.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=003601bf854b$6893a090$0100a8c0@FIREWALKER" + }, + { + "name": "259", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/259" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0241.json b/2000/0xxx/CVE-2000-0241.json index f80cdeaf27d..4c970a2aede 100644 --- a/2000/0xxx/CVE-2000-0241.json +++ b/2000/0xxx/CVE-2000-0241.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0241", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0241", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000321 vqserver /........../", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.1.20000321084646.0095c7f0@olga.swip.net" - }, - { - "name" : "1068", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1068" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1068", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1068" + }, + { + "name": "20000321 vqserver /........../", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=4.1.20000321084646.0095c7f0@olga.swip.net" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0245.json b/2000/0xxx/CVE-2000-0245.json index 7b0452a03ce..7d8e4604f96 100644 --- a/2000/0xxx/CVE-2000-0245.json +++ b/2000/0xxx/CVE-2000-0245.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000328 Objectserver vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=200003290852.aa27218@blaze.arl.mil" - }, - { - "name" : "20000303-01-PX", - "refsource" : "SGI", - "url" : "ftp://sgigate.sgi.com/security/20000303-01-PX" - }, - { - "name" : "K-030", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/k-030.shtml" - }, - { - "name" : "1079", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1079" - }, - { - "name" : "1267", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1267" - }, - { - "name" : "irix-objectserver-create-accounts(4206)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4206" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000328 Objectserver vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=200003290852.aa27218@blaze.arl.mil" + }, + { + "name": "irix-objectserver-create-accounts(4206)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4206" + }, + { + "name": "K-030", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/k-030.shtml" + }, + { + "name": "1079", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1079" + }, + { + "name": "20000303-01-PX", + "refsource": "SGI", + "url": "ftp://sgigate.sgi.com/security/20000303-01-PX" + }, + { + "name": "1267", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1267" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0513.json b/2000/0xxx/CVE-2000-0513.json index ed56f7523be..b8946377d8c 100644 --- a/2000/0xxx/CVE-2000-0513.json +++ b/2000/0xxx/CVE-2000-0513.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0513", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0513", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000620 CUPS DoS Bugs", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0188.html" - }, - { - "name" : "ftp://ftp.easysw.com/pub/cups/1.0.5/cups-DoS.patch", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.easysw.com/pub/cups/1.0.5/cups-DoS.patch" - }, - { - "name" : "1373", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1373" - }, - { - "name" : "debian-cups-posts(4846)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4846" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "debian-cups-posts(4846)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4846" + }, + { + "name": "ftp://ftp.easysw.com/pub/cups/1.0.5/cups-DoS.patch", + "refsource": "CONFIRM", + "url": "ftp://ftp.easysw.com/pub/cups/1.0.5/cups-DoS.patch" + }, + { + "name": "20000620 CUPS DoS Bugs", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0188.html" + }, + { + "name": "1373", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1373" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0721.json b/2000/0xxx/CVE-2000-0721.json index ceb6478d626..d5872d2d64e 100644 --- a/2000/0xxx/CVE-2000-0721.json +++ b/2000/0xxx/CVE-2000-0721.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0721", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0721", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000810 FlagShip v4.48.7449 premission vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0114.html" - }, - { - "name" : "1586", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1586" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1586", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1586" + }, + { + "name": "20000810 FlagShip v4.48.7449 premission vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0114.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0787.json b/2000/0xxx/CVE-2000-0787.json index 3bdeddae6a1..0cd991bdffb 100644 --- a/2000/0xxx/CVE-2000-0787.json +++ b/2000/0xxx/CVE-2000-0787.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0787", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0787", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000817 XChat URL handler vulnerabilty", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0215.html" - }, - { - "name" : "1601", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1601" - }, - { - "name" : "RHSA-2000:055", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-055.html" - }, - { - "name" : "20000824 MDKSA-2000:039 - xchat update", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0301.html" - }, - { - "name" : "20000825 Conectiva Linux Security Announcement - xchat", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0305.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000817 XChat URL handler vulnerabilty", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0215.html" + }, + { + "name": "1601", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1601" + }, + { + "name": "20000825 Conectiva Linux Security Announcement - xchat", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0305.html" + }, + { + "name": "RHSA-2000:055", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-055.html" + }, + { + "name": "20000824 MDKSA-2000:039 - xchat update", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0301.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0887.json b/2000/0xxx/CVE-2000-0887.json index 6d8f5d4a2f7..c19fd9ac3ec 100644 --- a/2000/0xxx/CVE-2000-0887.json +++ b/2000/0xxx/CVE-2000-0887.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0887", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the \"zxfr bug.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0887", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001107 BIND 8.2.2-P5 Possible DOS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/143843" - }, - { - "name" : "CA-2000-20", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-2000-20.html" - }, - { - "name" : "RHSA-2000:107", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-107.html" - }, - { - "name" : "20001112 bind: remote Denial of Service", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2000/20001112" - }, - { - "name" : "20001115 Trustix Security Advisory - bind and openssh (and modutils)", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0217.html" - }, - { - "name" : "SuSE-SA:2000:45", - "refsource" : "SUSE", - "url" : "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0657.html" - }, - { - "name" : "MDKSA-2000:067", - "refsource" : "MANDRAKE", - "url" : "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:067" - }, - { - "name" : "CLSA-2000:338", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000338" - }, - { - "name" : "CLSA-2000:339", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000339" - }, - { - "name" : "1923", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1923" - }, - { - "name" : "bind-zxfr-dos(5540)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5540" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the \"zxfr bug.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2000:107", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-107.html" + }, + { + "name": "MDKSA-2000:067", + "refsource": "MANDRAKE", + "url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:067" + }, + { + "name": "20001115 Trustix Security Advisory - bind and openssh (and modutils)", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0217.html" + }, + { + "name": "20001107 BIND 8.2.2-P5 Possible DOS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/143843" + }, + { + "name": "CLSA-2000:338", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000338" + }, + { + "name": "CA-2000-20", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-2000-20.html" + }, + { + "name": "CLSA-2000:339", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000339" + }, + { + "name": "bind-zxfr-dos(5540)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5540" + }, + { + "name": "1923", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1923" + }, + { + "name": "SuSE-SA:2000:45", + "refsource": "SUSE", + "url": "http://archives.neohapsis.com/archives/linux/suse/2000-q4/0657.html" + }, + { + "name": "20001112 bind: remote Denial of Service", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2000/20001112" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0923.json b/2000/0xxx/CVE-2000-0923.json index 1e2640b8ea2..1d615e0fcfd 100644 --- a/2000/0xxx/CVE-2000-0923.json +++ b/2000/0xxx/CVE-2000-0923.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0923", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0923", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001006 Fwd: APlio PRO web shell", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0107.html" - }, - { - "name" : "uclinux-apliophone-bin-execute(5333)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5333" - }, - { - "name" : "1784", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1784" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via shell metacharacters in the password parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "uclinux-apliophone-bin-execute(5333)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5333" + }, + { + "name": "1784", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1784" + }, + { + "name": "20001006 Fwd: APlio PRO web shell", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0107.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1048.json b/2000/1xxx/CVE-2000-1048.json index b0221a5430e..cd033c592bb 100644 --- a/2000/1xxx/CVE-2000-1048.json +++ b/2000/1xxx/CVE-2000-1048.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1048", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack via an HTTP GET request that uses encoded characters in the URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1048", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001016 Wingate 4.1 Beta A vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0245.html" - }, - { - "name" : "wingate-view-files(5373)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5373" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack via an HTTP GET request that uses encoded characters in the URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "wingate-view-files(5373)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5373" + }, + { + "name": "20001016 Wingate 4.1 Beta A vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0245.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1241.json b/2000/1xxx/CVE-2000-1241.json index 3da1db0d4d2..907386b9456 100644 --- a/2000/1xxx/CVE-2000-1241.json +++ b/2000/1xxx/CVE-2000-1241.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1241", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a \"grave security fault.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1241", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/forum/forum.php?forum_id=25971", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/forum/forum.php?forum_id=25971" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a \"grave security fault.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sourceforge.net/forum/forum.php?forum_id=25971", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/forum/forum.php?forum_id=25971" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2329.json b/2005/2xxx/CVE-2005-2329.json index 9e56587173f..124439311fa 100644 --- a/2005/2xxx/CVE-2005-2329.json +++ b/2005/2xxx/CVE-2005-2329.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2329", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S 3.5.0, when using SSH public key authentication, does not properly restrict access to ports, which allows remote authenticated users to access the consoles of other users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2329", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050718 MRV In-Reach console server: Port Access Control Bypass Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/405546" - }, - { - "name" : "14300", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14300" - }, - { - "name" : "1014517", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014517" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MRV Communications In-Reach LX-8000S, LX-4000S, and LX-1000S 3.5.0, when using SSH public key authentication, does not properly restrict access to ports, which allows remote authenticated users to access the consoles of other users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14300", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14300" + }, + { + "name": "20050718 MRV In-Reach console server: Port Access Control Bypass Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/405546" + }, + { + "name": "1014517", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014517" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2482.json b/2005/2xxx/CVE-2005-2482.json index da18c3ced98..0c97ed8b0c7 100644 --- a/2005/2xxx/CVE-2005-2482.json +++ b/2005/2xxx/CVE-2005-2482.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2482", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option (defanged mode), allows attackers to modify temporary environment variables before the \"_Defanged\" environment option is checked when processing the Exploit command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2482", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://metasploit.com/archive/framework/msg00469.html", - "refsource" : "CONFIRM", - "url" : "http://metasploit.com/archive/framework/msg00469.html" - }, - { - "name" : "14455", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14455" - }, - { - "name" : "18495", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/18495" - }, - { - "name" : "16318", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16318" - }, - { - "name" : "metasploit-defanged-bypass-security(21705)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21705" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option (defanged mode), allows attackers to modify temporary environment variables before the \"_Defanged\" environment option is checked when processing the Exploit command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "18495", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/18495" + }, + { + "name": "http://metasploit.com/archive/framework/msg00469.html", + "refsource": "CONFIRM", + "url": "http://metasploit.com/archive/framework/msg00469.html" + }, + { + "name": "14455", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14455" + }, + { + "name": "16318", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16318" + }, + { + "name": "metasploit-defanged-bypass-security(21705)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21705" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2661.json b/2005/2xxx/CVE-2005-2661.json index 2c7a1bf17ce..3e036583cf7 100644 --- a/2005/2xxx/CVE-2005-2661.json +++ b/2005/2xxx/CVE-2005-2661.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2661", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2005-2661", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-852", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-852" - }, - { - "name" : "GLSA-200603-04", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200603-04.xml" - }, - { - "name" : "15048", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15048" - }, - { - "name" : "ADV-2005-2014", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2014" - }, - { - "name" : "ADV-2005-2015", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2015" - }, - { - "name" : "17100", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17100/" - }, - { - "name" : "17120", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17120" - }, - { - "name" : "19113", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19113" - }, - { - "name" : "547", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/547" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17120", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17120" + }, + { + "name": "GLSA-200603-04", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-04.xml" + }, + { + "name": "15048", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15048" + }, + { + "name": "ADV-2005-2014", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2014" + }, + { + "name": "547", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/547" + }, + { + "name": "DSA-852", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-852" + }, + { + "name": "17100", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17100/" + }, + { + "name": "ADV-2005-2015", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2015" + }, + { + "name": "19113", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19113" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1175.json b/2007/1xxx/CVE-2007-1175.json index e8c08bf5047..5f6a042489d 100644 --- a/2007/1xxx/CVE-2007-1175.json +++ b/2007/1xxx/CVE-2007-1175.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1175", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP before 20070209 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1175", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=249", - "refsource" : "CONFIRM", - "url" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=249" - }, - { - "name" : "22563", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22563" - }, - { - "name" : "ADV-2007-0604", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0604" - }, - { - "name" : "33275", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33275" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in an admin feature in WebAPP before 20070209 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0604", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0604" + }, + { + "name": "33275", + "refsource": "OSVDB", + "url": "http://osvdb.org/33275" + }, + { + "name": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=249", + "refsource": "CONFIRM", + "url": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=249" + }, + { + "name": "22563", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22563" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5178.json b/2007/5xxx/CVE-2007-5178.json index 2ca1187d812..e3d370693e8 100644 --- a/2007/5xxx/CVE-2007-5178.json +++ b/2007/5xxx/CVE-2007-5178.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5178", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in the mx_root_path parameter. NOTE: some sources incorrectly state that phpbb_root_path is the affected parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5178", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4470", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4470" - }, - { - "name" : "20071001 Bogus: mxBB Module mx_glance 2.3.3 Remote File Include Vulnerability", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-October/001807.html" - }, - { - "name" : "20071001 Bogus: mxBB Module mx_glance 2.3.3 Remote File Include Vulnerability", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-October/001808.html" - }, - { - "name" : "25866", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25866" - }, - { - "name" : "ADV-2007-3326", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3326" - }, - { - "name" : "37400", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37400" - }, - { - "name" : "27011", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27011" - }, - { - "name" : "mxbb-mxglancesdesc-file-include(36867)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36867" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "contrib/mx_glance_sdesc.php in the mx_glance 2.3.3 module for mxBB places a critical security check within a comment because of a missing comment delimiter, which allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via a URL in the mx_root_path parameter. NOTE: some sources incorrectly state that phpbb_root_path is the affected parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-3326", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3326" + }, + { + "name": "mxbb-mxglancesdesc-file-include(36867)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36867" + }, + { + "name": "4470", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4470" + }, + { + "name": "25866", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25866" + }, + { + "name": "20071001 Bogus: mxBB Module mx_glance 2.3.3 Remote File Include Vulnerability", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-October/001808.html" + }, + { + "name": "27011", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27011" + }, + { + "name": "37400", + "refsource": "OSVDB", + "url": "http://osvdb.org/37400" + }, + { + "name": "20071001 Bogus: mxBB Module mx_glance 2.3.3 Remote File Include Vulnerability", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-October/001807.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5670.json b/2007/5xxx/CVE-2007-5670.json index 8ad948dfa6d..70b31fb958a 100644 --- a/2007/5xxx/CVE-2007-5670.json +++ b/2007/5xxx/CVE-2007-5670.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5670", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5956. Reason: This candidate is a duplicate of CVE-2007-5956. Notes: All CVE users should reference CVE-2007-5956 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-5670", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-5956. Reason: This candidate is a duplicate of CVE-2007-5956. Notes: All CVE users should reference CVE-2007-5956 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5865.json b/2007/5xxx/CVE-2007-5865.json index ed77baab1ac..256da012ab9 100644 --- a/2007/5xxx/CVE-2007-5865.json +++ b/2007/5xxx/CVE-2007-5865.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5865", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5865", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2352.json b/2009/2xxx/CVE-2009-2352.json index de2b52e418d..71dcc51d858 100644 --- a/2009/2xxx/CVE-2009-2352.json +++ b/2009/2xxx/CVE-2009-2352.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2352", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header, a related issue to CVE-2009-1312. NOTE: it was later reported that 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta are also affected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2352", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090702 Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/504718/100/0/threaded" - }, - { - "name" : "20090703 Re: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/504723/100/0/threaded" - }, - { - "name" : "http://websecurity.com.ua/3275/", - "refsource" : "MISC", - "url" : "http://websecurity.com.ua/3275/" - }, - { - "name" : "http://websecurity.com.ua/3386/", - "refsource" : "MISC", - "url" : "http://websecurity.com.ua/3386/" - }, - { - "name" : "35572", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35572" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Google Chrome 1.0.154.48 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header, a related issue to CVE-2009-1312. NOTE: it was later reported that 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta are also affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://websecurity.com.ua/3386/", + "refsource": "MISC", + "url": "http://websecurity.com.ua/3386/" + }, + { + "name": "35572", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35572" + }, + { + "name": "http://websecurity.com.ua/3275/", + "refsource": "MISC", + "url": "http://websecurity.com.ua/3275/" + }, + { + "name": "20090703 Re: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/504723/100/0/threaded" + }, + { + "name": "20090702 Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/504718/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2918.json b/2009/2xxx/CVE-2009-2918.json index 471a8e8d584..347a948c314 100644 --- a/2009/2xxx/CVE-2009-2918.json +++ b/2009/2xxx/CVE-2009-2918.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2918", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted request to the 0x80000034 IOCTL, probably involving an input or output buffer size of 0." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2918", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090817 TheGreenBow VPN Client tgbvpn.sys DoS and Potential Local", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/505816/100/0/threaded" - }, - { - "name" : "https://www.evilfingers.com/advisory/Advisory/TheGreenBow_VPN_Client_tgbvpn.sys_DoS.php", - "refsource" : "MISC", - "url" : "https://www.evilfingers.com/advisory/Advisory/TheGreenBow_VPN_Client_tgbvpn.sys_DoS.php" - }, - { - "name" : "36332", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36332" - }, - { - "name" : "ADV-2009-2294", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2294" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The tgbvpn.sys driver in TheGreenBow IPSec VPN Client 4.61.003 allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted request to the 0x80000034 IOCTL, probably involving an input or output buffer size of 0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.evilfingers.com/advisory/Advisory/TheGreenBow_VPN_Client_tgbvpn.sys_DoS.php", + "refsource": "MISC", + "url": "https://www.evilfingers.com/advisory/Advisory/TheGreenBow_VPN_Client_tgbvpn.sys_DoS.php" + }, + { + "name": "36332", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36332" + }, + { + "name": "20090817 TheGreenBow VPN Client tgbvpn.sys DoS and Potential Local", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/505816/100/0/threaded" + }, + { + "name": "ADV-2009-2294", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2294" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3255.json b/2015/3xxx/CVE-2015-3255.json index e9df8e14fc6..c6d44fd48ff 100644 --- a/2015/3xxx/CVE-2015-3255.json +++ b/2015/3xxx/CVE-2015-3255.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3255", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[polkit-devel] 20150702 polkit-0.113 released", - "refsource" : "MLIST", - "url" : "http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html" - }, - { - "name" : "https://bugs.freedesktop.org/show_bug.cgi?id=83590", - "refsource" : "CONFIRM", - "url" : "https://bugs.freedesktop.org/show_bug.cgi?id=83590" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1245673", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1245673" - }, - { - "name" : "GLSA-201611-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201611-07" - }, - { - "name" : "openSUSE-SU-2015:1734", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:1927", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html" - }, - { - "name" : "USN-3717-2", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3717-2/" - }, - { - "name" : "1035023", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035023" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The polkit_backend_action_pool_init function in polkitbackend/polkitbackendactionpool.c in PolicyKit (aka polkit) before 0.113 might allow local users to gain privileges via duplicate action IDs in action descriptions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201611-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201611-07" + }, + { + "name": "USN-3717-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3717-2/" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1245673", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1245673" + }, + { + "name": "openSUSE-SU-2015:1927", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00042.html" + }, + { + "name": "[polkit-devel] 20150702 polkit-0.113 released", + "refsource": "MLIST", + "url": "http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html" + }, + { + "name": "openSUSE-SU-2015:1734", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00010.html" + }, + { + "name": "1035023", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035023" + }, + { + "name": "https://bugs.freedesktop.org/show_bug.cgi?id=83590", + "refsource": "CONFIRM", + "url": "https://bugs.freedesktop.org/show_bug.cgi?id=83590" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3693.json b/2015/3xxx/CVE-2015-3693.json index 6fad4b7340f..f5c6b4a24d0 100644 --- a/2015/3xxx/CVE-2015-3693.json +++ b/2015/3xxx/CVE-2015-3693.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3693", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3693", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html", - "refsource" : "MISC", - "url" : "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html" - }, - { - "name" : "http://support.apple.com/kb/HT204934", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204934" - }, - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "APPLE-SA-2015-06-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-06-30-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00003.html" - }, - { - "name" : "75495", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75495" - }, - { - "name" : "1032755", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032755" - }, - { - "name" : "1032444", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032444" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-06-30-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00003.html" + }, + { + "name": "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html", + "refsource": "MISC", + "url": "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html" + }, + { + "name": "APPLE-SA-2015-06-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" + }, + { + "name": "1032755", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032755" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + }, + { + "name": "75495", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75495" + }, + { + "name": "1032444", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032444" + }, + { + "name": "http://support.apple.com/kb/HT204934", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204934" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3891.json b/2015/3xxx/CVE-2015-3891.json index 7cc9e3e5fdf..f9287347bb6 100644 --- a/2015/3xxx/CVE-2015-3891.json +++ b/2015/3xxx/CVE-2015-3891.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3891", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3891", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4114.json b/2015/4xxx/CVE-2015-4114.json index c3597ecae43..10e144a1181 100644 --- a/2015/4xxx/CVE-2015-4114.json +++ b/2015/4xxx/CVE-2015-4114.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4114", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4114", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4344.json b/2015/4xxx/CVE-2015-4344.json index 6ea79e844d2..aedab88a831 100644 --- a/2015/4xxx/CVE-2015-4344.json +++ b/2015/4xxx/CVE-2015-4344.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4344", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Services Basic Authentication module 7.x-1.x through 7.x-1.3 for Drupal allows remote attackers to bypass intended resource restrictions via vectors related to page caching." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4344", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6" - }, - { - "name" : "https://www.drupal.org/node/2428851", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2428851" - }, - { - "name" : "https://www.drupal.org/node/2444861", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2444861" - }, - { - "name" : "72677", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72677" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Services Basic Authentication module 7.x-1.x through 7.x-1.3 for Drupal allows remote attackers to bypass intended resource restrictions via vectors related to page caching." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/25/6" + }, + { + "name": "https://www.drupal.org/node/2444861", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2444861" + }, + { + "name": "https://www.drupal.org/node/2428851", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2428851" + }, + { + "name": "72677", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72677" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4367.json b/2015/4xxx/CVE-2015-4367.json index ee3c806de2d..3a5dcd25e22 100644 --- a/2015/4xxx/CVE-2015-4367.json +++ b/2015/4xxx/CVE-2015-4367.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4367", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the \"administer blocks\" permission to inject arbitrary web script or HTML via vectors related to block content." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4367", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6" - }, - { - "name" : "https://www.drupal.org/node/2446019", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2446019" - }, - { - "name" : "https://www.drupal.org/node/2437931", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2437931" - }, - { - "name" : "https://www.drupal.org/node/2437933", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2437933" - }, - { - "name" : "72951", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72951" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the \"administer blocks\" permission to inject arbitrary web script or HTML via vectors related to block content." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "72951", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72951" + }, + { + "name": "https://www.drupal.org/node/2437931", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2437931" + }, + { + "name": "https://www.drupal.org/node/2446019", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2446019" + }, + { + "name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/25/6" + }, + { + "name": "https://www.drupal.org/node/2437933", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2437933" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4653.json b/2015/4xxx/CVE-2015-4653.json index 2bf0777f738..c4198dc1a30 100644 --- a/2015/4xxx/CVE-2015-4653.json +++ b/2015/4xxx/CVE-2015-4653.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4653", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4653", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7022.json b/2015/7xxx/CVE-2015-7022.json index bf484c68b13..61e9e68a29c 100644 --- a/2015/7xxx/CVE-2015-7022.json +++ b/2015/7xxx/CVE-2015-7022.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7022", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Telephony subsystem in Apple iOS before 9.1 allows attackers to obtain sensitive call-status information via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7022", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205370", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205370" - }, - { - "name" : "APPLE-SA-2015-10-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" - }, - { - "name" : "77268", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77268" - }, - { - "name" : "1033929", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033929" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Telephony subsystem in Apple iOS before 9.1 allows attackers to obtain sensitive call-status information via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-10-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205370", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205370" + }, + { + "name": "1033929", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033929" + }, + { + "name": "77268", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77268" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8102.json b/2015/8xxx/CVE-2015-8102.json index 4b9116c9dc4..42e75449677 100644 --- a/2015/8xxx/CVE-2015-8102.json +++ b/2015/8xxx/CVE-2015-8102.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8102", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8102", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8128.json b/2015/8xxx/CVE-2015-8128.json index 3e114a73184..545ee2e5529 100644 --- a/2015/8xxx/CVE-2015-8128.json +++ b/2015/8xxx/CVE-2015-8128.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8128", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8128", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8229.json b/2015/8xxx/CVE-2015-8229.json index 2019c8f36cd..e7fcf9ec013 100644 --- a/2015/8xxx/CVE-2015-8229.json +++ b/2015/8xxx/CVE-2015-8229.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8229", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered device." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8229", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461219.htm", - "refsource" : "CONFIRM", - "url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461219.htm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling packets from a registered device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461219.htm", + "refsource": "CONFIRM", + "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461219.htm" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8530.json b/2015/8xxx/CVE-2015-8530.json index f6a03e57fd8..06a794ba488 100644 --- a/2015/8xxx/CVE-2015-8530.json +++ b/2015/8xxx/CVE-2015-8530.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2015-8530", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics 19 and 20 before 20.0.0.2-IF0008, 21 before 21.0.0.2-IF0010, 22 before 22.0.0.2-IF0011, 23 before 23.0.0.3-IF0001, and 24 before 24.0.0.0-IF0003 allows remote authenticated users to execute arbitrary code via a long argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-8530", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21982035", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21982035" - }, - { - "name" : "90524", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90524" - }, - { - "name" : "1035867", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035867" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics 19 and 20 before 20.0.0.2-IF0008, 21 before 21.0.0.2-IF0010, 22 before 22.0.0.2-IF0011, 23 before 23.0.0.3-IF0001, and 24 before 24.0.0.0-IF0003 allows remote authenticated users to execute arbitrary code via a long argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21982035", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982035" + }, + { + "name": "90524", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90524" + }, + { + "name": "1035867", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035867" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1261.json b/2016/1xxx/CVE-2016-1261.json index 57fc80f2882..5baad4d55e7 100644 --- a/2016/1xxx/CVE-2016-1261.json +++ b/2016/1xxx/CVE-2016-1261.json @@ -1,140 +1,140 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "sirt@juniper.net", - "DATE_PUBLIC" : "2016-04-13T09:00", - "ID" : "CVE-2016-1261", - "STATE" : "PUBLIC", - "TITLE" : "Junos: vulnerabilities in J-Web (CVE-2016-1261)" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Junos OS", - "version" : { - "version_data" : [ - { - "platform" : "", - "version_value" : "12.1X44 prior to 12.1X44-D55" - }, - { - "platform" : "", - "version_value" : "12.1X46 prior to 12.1X46-D45" - }, - { - "platform" : "", - "version_value" : "12.1X47 prior to 12.1X47-D30" - }, - { - "platform" : "", - "version_value" : "12.3 prior to 12.3R11" - }, - { - "platform" : "", - "version_value" : "12.3X48 prior to 12.3X48-D30" - }, - { - "platform" : "", - "version_value" : "13.2X51 prior to 13.2X51-D40" - }, - { - "platform" : "", - "version_value" : "13.3 prior to 13.3R8" - }, - { - "platform" : "", - "version_value" : "14.1 prior to 14.1R6" - }, - { - "platform" : "", - "version_value" : "14.1X53 prior to 14.1X53-D30" - }, - { - "platform" : "", - "version_value" : "14.2 prior to 14.2R5" - }, - { - "platform" : "", - "version_value" : "15.1 prior to 15.1R3" - }, - { - "platform" : "", - "version_value" : "15.1X49 prior to 15.1X49-D20" - } - ] - } - } - ] - }, - "vendor_name" : "Juniper Networks" - } - ] - } - }, - "configuration" : [ - { - "lang" : "eng", - "value" : "This only affects devices with J-Web enabled." - } - ], - "credit" : [], - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS)." - } - ] - }, - "exploit" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", - "impact" : { - "cvss" : { - "attackComplexity" : "HIGH", - "attackVector" : "NETWORK", - "availabilityImpact" : "HIGH", - "baseScore" : 7.1, - "baseSeverity" : "HIGH", - "confidentialityImpact" : "HIGH", - "integrityImpact" : "HIGH", - "privilegesRequired" : "LOW", - "scope" : "UNCHANGED", - "userInteraction" : "REQUIRED", - "vectorString" : "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "failure to validate input" - } + "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2016-04-13T09:00", + "ID": "CVE-2016-1261", + "STATE": "PUBLIC", + "TITLE": "Junos: vulnerabilities in J-Web (CVE-2016-1261)" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "platform": "", + "version_value": "12.1X44 prior to 12.1X44-D55" + }, + { + "platform": "", + "version_value": "12.1X46 prior to 12.1X46-D45" + }, + { + "platform": "", + "version_value": "12.1X47 prior to 12.1X47-D30" + }, + { + "platform": "", + "version_value": "12.3 prior to 12.3R11" + }, + { + "platform": "", + "version_value": "12.3X48 prior to 12.3X48-D30" + }, + { + "platform": "", + "version_value": "13.2X51 prior to 13.2X51-D40" + }, + { + "platform": "", + "version_value": "13.3 prior to 13.3R8" + }, + { + "platform": "", + "version_value": "14.1 prior to 14.1R6" + }, + { + "platform": "", + "version_value": "14.1X53 prior to 14.1X53-D30" + }, + { + "platform": "", + "version_value": "14.2 prior to 14.2R5" + }, + { + "platform": "", + "version_value": "15.1 prior to 15.1R3" + }, + { + "platform": "", + "version_value": "15.1X49 prior to 15.1X49-D20" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.juniper.net/JSA10723", - "refsource" : "CONFIRM", - "url" : "https://kb.juniper.net/JSA10723" - } - ] - }, - "solution" : "The following software releases have been updated to resolve this specific issue: Junos OS 12.1X44-D55, 12.1X46-D45, 12.1X47-D30, 12.3R11, 12.3X48-D30, 13.2X51-D40, 13.3R8, 14.1R6, 14.1X53-D30, 14.2R5, 15.1R3, 15.1X49-D20, and all subsequent releases.", - "work_around" : [ - { - "lang" : "eng", - "value" : "Disable J-Web, or limit access to only trusted hosts which may not be compromised by cross-site attacks. For example, deploy jump hosts with no Internet access that use anti-scripting techniques to mitigate potential threats. Alternately, use a dedicated client and dedicated Web browser that is not used to access other sites." - } - ] -} + } + }, + "configuration": [ + { + "lang": "eng", + "value": "This only affects devices with J-Web enabled." + } + ], + "credit": [], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS)." + } + ] + }, + "exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "failure to validate input" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA10723", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA10723" + } + ] + }, + "solution": "The following software releases have been updated to resolve this specific issue: Junos OS 12.1X44-D55, 12.1X46-D45, 12.1X47-D30, 12.3R11, 12.3X48-D30, 13.2X51-D40, 13.3R8, 14.1R6, 14.1X53-D30, 14.2R5, 15.1R3, 15.1X49-D20, and all subsequent releases.", + "work_around": [ + { + "lang": "eng", + "value": "Disable J-Web, or limit access to only trusted hosts which may not be compromised by cross-site attacks. For example, deploy jump hosts with no Internet access that use anti-scripting techniques to mitigate potential threats. Alternately, use a dedicated client and dedicated Web browser that is not used to access other sites." + } + ] +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1645.json b/2016/1xxx/CVE-2016-1645.json index dccbd6c677c..68103dc04ac 100644 --- a/2016/1xxx/CVE-2016-1645.json +++ b/2016/1xxx/CVE-2016-1645.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1645", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1645", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-197/", - "refsource" : "CONFIRM", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-197/" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=587227", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=587227" - }, - { - "name" : "https://pdfium.googlesource.com/pdfium/+/c145aeb2bf13ac408fc3e8233acca43d4251bbdc", - "refsource" : "CONFIRM", - "url" : "https://pdfium.googlesource.com/pdfium/+/c145aeb2bf13ac408fc3e8233acca43d4251bbdc" - }, - { - "name" : "DSA-3513", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3513" - }, - { - "name" : "openSUSE-SU-2016:0817", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.html" - }, - { - "name" : "openSUSE-SU-2016:0818", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.html" - }, - { - "name" : "openSUSE-SU-2016:0828", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.html" - }, - { - "name" : "84224", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84224" - }, - { - "name" : "1035259", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035259" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035259", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035259" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-197/", + "refsource": "CONFIRM", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-197/" + }, + { + "name": "DSA-3513", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3513" + }, + { + "name": "openSUSE-SU-2016:0818", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00067.html" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=587227", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=587227" + }, + { + "name": "84224", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84224" + }, + { + "name": "https://pdfium.googlesource.com/pdfium/+/c145aeb2bf13ac408fc3e8233acca43d4251bbdc", + "refsource": "CONFIRM", + "url": "https://pdfium.googlesource.com/pdfium/+/c145aeb2bf13ac408fc3e8233acca43d4251bbdc" + }, + { + "name": "openSUSE-SU-2016:0828", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00073.html" + }, + { + "name": "openSUSE-SU-2016:0817", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00066.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1664.json b/2016/1xxx/CVE-2016-1664.json index deedacd607f..5e352776751 100644 --- a/2016/1xxx/CVE-2016-1664.json +++ b/2016/1xxx/CVE-2016-1664.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1664", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1664", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html" - }, - { - "name" : "https://codereview.chromium.org/1848813005/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1848813005/" - }, - { - "name" : "https://crbug.com/597322", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/597322" - }, - { - "name" : "DSA-3564", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3564" - }, - { - "name" : "GLSA-201605-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-02" - }, - { - "name" : "RHSA-2016:0707", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0707.html" - }, - { - "name" : "openSUSE-SU-2016:1655", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html" - }, - { - "name" : "openSUSE-SU-2016:1207", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html" - }, - { - "name" : "openSUSE-SU-2016:1208", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html" - }, - { - "name" : "openSUSE-SU-2016:1209", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html" - }, - { - "name" : "89106", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/89106" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The HistoryController::UpdateForCommit function in content/renderer/history_controller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:1208", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html" + }, + { + "name": "https://crbug.com/597322", + "refsource": "CONFIRM", + "url": "https://crbug.com/597322" + }, + { + "name": "DSA-3564", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3564" + }, + { + "name": "openSUSE-SU-2016:1655", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html" + }, + { + "name": "https://codereview.chromium.org/1848813005/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1848813005/" + }, + { + "name": "openSUSE-SU-2016:1209", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html" + }, + { + "name": "89106", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/89106" + }, + { + "name": "openSUSE-SU-2016:1207", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html" + }, + { + "name": "RHSA-2016:0707", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html" + }, + { + "name": "GLSA-201605-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-02" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5020.json b/2016/5xxx/CVE-2016-5020.json index caa7e34c723..1c76f9534b6 100644 --- a/2016/5xxx/CVE-2016-5020.json +++ b/2016/5xxx/CVE-2016-5020.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5020", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5020", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html", - "refsource" : "CONFIRM", - "url" : "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html" - }, - { - "name" : "91532", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91532" - }, - { - "name" : "1036131", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036131" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "F5 BIG-IP before 12.0.0 HF3 allows remote authenticated users to modify the account configuration of users with the Resource Administration role and gain privilege via a crafted external Extended Application Verification (EAV) monitor script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036131", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036131" + }, + { + "name": "91532", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91532" + }, + { + "name": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html", + "refsource": "CONFIRM", + "url": "https://support.f5.com/kb/en-us/solutions/public/k/00/sol00265182.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5034.json b/2016/5xxx/CVE-2016-5034.json index 3bc581560e0..e60b46fc1c0 100644 --- a/2016/5xxx/CVE-2016-5034.json +++ b/2016/5xxx/CVE-2016-5034.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dwarf_elf_access.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file, related to relocation records." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/24/1" - }, - { - "name" : "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/25/1" - }, - { - "name" : "https://www.prevanders.net/dwarfbug.html", - "refsource" : "CONFIRM", - "url" : "https://www.prevanders.net/dwarfbug.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dwarf_elf_access.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted file, related to relocation records." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.prevanders.net/dwarfbug.html", + "refsource": "CONFIRM", + "url": "https://www.prevanders.net/dwarfbug.html" + }, + { + "name": "[oss-security] 20160524 CVE request: Multiple vunerabilities in libdwarf & dwarfdump", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/24/1" + }, + { + "name": "[oss-security] 20160524 Re: CVE request: Multiple vunerabilities in libdwarf & dwarfdump", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/25/1" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5336.json b/2016/5xxx/CVE-2016-5336.json index f98ac69477f..77ffbb13e57 100644 --- a/2016/5xxx/CVE-2016-5336.json +++ b/2016/5xxx/CVE-2016-5336.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5336", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5336", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2016-0013.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2016-0013.html" - }, - { - "name" : "92607", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92607" - }, - { - "name" : "1036685", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036685" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vmware.com/security/advisories/VMSA-2016-0013.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2016-0013.html" + }, + { + "name": "1036685", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036685" + }, + { + "name": "92607", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92607" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2090.json b/2018/2xxx/CVE-2018-2090.json index c695ec3de07..b071294671c 100644 --- a/2018/2xxx/CVE-2018-2090.json +++ b/2018/2xxx/CVE-2018-2090.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2090", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2090", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2160.json b/2018/2xxx/CVE-2018-2160.json index 3d6f84b7fab..87e869dd8b5 100644 --- a/2018/2xxx/CVE-2018-2160.json +++ b/2018/2xxx/CVE-2018-2160.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2160", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2160", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2319.json b/2018/2xxx/CVE-2018-2319.json index a09c1d5e42e..d15e97a07e3 100644 --- a/2018/2xxx/CVE-2018-2319.json +++ b/2018/2xxx/CVE-2018-2319.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2319", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2319", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2325.json b/2018/2xxx/CVE-2018-2325.json index 257679a46ee..de4d013f807 100644 --- a/2018/2xxx/CVE-2018-2325.json +++ b/2018/2xxx/CVE-2018-2325.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2325", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2325", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6098.json b/2018/6xxx/CVE-2018-6098.json index 34d3caf96b6..703e912293a 100644 --- a/2018/6xxx/CVE-2018-6098.json +++ b/2018/6xxx/CVE-2018-6098.json @@ -1,88 +1,88 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "chrome-cve-admin@google.com", - "ID" : "CVE-2018-6098", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "66.0.3359.117" - } - ] - } - } - ] - }, - "vendor_name" : "Google" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Insufficient policy enforcement" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2018-6098", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "66.0.3359.117" + } + ] + } + } + ] + }, + "vendor_name": "Google" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://crbug.com/798892", - "refsource" : "MISC", - "url" : "https://crbug.com/798892" - }, - { - "name" : "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html" - }, - { - "name" : "DSA-4182", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4182" - }, - { - "name" : "GLSA-201804-22", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201804-22" - }, - { - "name" : "RHSA-2018:1195", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:1195" - }, - { - "name" : "103917", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103917" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient policy enforcement" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html" + }, + { + "name": "GLSA-201804-22", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201804-22" + }, + { + "name": "https://crbug.com/798892", + "refsource": "MISC", + "url": "https://crbug.com/798892" + }, + { + "name": "DSA-4182", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4182" + }, + { + "name": "103917", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103917" + }, + { + "name": "RHSA-2018:1195", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:1195" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6304.json b/2018/6xxx/CVE-2018-6304.json index 3ace6729a10..ace7802b0c0 100644 --- a/2018/6xxx/CVE-2018-6304.json +++ b/2018/6xxx/CVE-2018-6304.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vulnerability@kaspersky.com", - "DATE_PUBLIC" : "2018-03-13T00:00:00", - "ID" : "CVE-2018-6304", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Gemalto's Sentinel LDK RTE", - "version" : { - "version_data" : [ - { - "version_value" : "before 7.65" - } - ] - } - } - ] - }, - "vendor_name" : "Gemalto" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Stack overflow in custom XML-parser leads to remote denial of service" - } + "CVE_data_meta": { + "ASSIGNER": "vulnerability@kaspersky.com", + "DATE_PUBLIC": "2018-03-13T00:00:00", + "ID": "CVE-2018-6304", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Gemalto's Sentinel LDK RTE", + "version": { + "version_data": [ + { + "version_value": "before 7.65" + } + ] + } + } + ] + }, + "vendor_name": "Gemalto" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sentinel.gemalto.com/technical-support/security-updates-sm/", - "refsource" : "MISC", - "url" : "https://sentinel.gemalto.com/technical-support/security-updates-sm/" - }, - { - "name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-566773.pdf", - "refsource" : "CONFIRM", - "url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-566773.pdf" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Stack overflow in custom XML-parser leads to remote denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-566773.pdf", + "refsource": "CONFIRM", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566773.pdf" + }, + { + "name": "https://sentinel.gemalto.com/technical-support/security-updates-sm/", + "refsource": "MISC", + "url": "https://sentinel.gemalto.com/technical-support/security-updates-sm/" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6964.json b/2018/6xxx/CVE-2018-6964.json index 60602047a9a..4afde2ff03c 100644 --- a/2018/6xxx/CVE-2018-6964.json +++ b/2018/6xxx/CVE-2018-6964.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@vmware.com", - "DATE_PUBLIC" : "2018-05-29T00:00:00", - "ID" : "CVE-2018-6964", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Horizon Client for Linux", - "version" : { - "version_data" : [ - { - "version_value" : "4.x before 4.8.0 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "VMware" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains a local privilege escalation vulnerability due to insecure usage of SUID binary. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on a Linux machine where Horizon Client is installed." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Local privilege escalation vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "security@vmware.com", + "DATE_PUBLIC": "2018-05-29T00:00:00", + "ID": "CVE-2018-6964", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Horizon Client for Linux", + "version": { + "version_data": [ + { + "version_value": "4.x before 4.8.0 and prior" + } + ] + } + } + ] + }, + "vendor_name": "VMware" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.vmware.com/security/advisories/VMSA-2018-0014.html", - "refsource" : "CONFIRM", - "url" : "https://www.vmware.com/security/advisories/VMSA-2018-0014.html" - }, - { - "name" : "104315", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104315" - }, - { - "name" : "1040989", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040989" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains a local privilege escalation vulnerability due to insecure usage of SUID binary. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on a Linux machine where Horizon Client is installed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Local privilege escalation vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040989", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040989" + }, + { + "name": "https://www.vmware.com/security/advisories/VMSA-2018-0014.html", + "refsource": "CONFIRM", + "url": "https://www.vmware.com/security/advisories/VMSA-2018-0014.html" + }, + { + "name": "104315", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104315" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0142.json b/2019/0xxx/CVE-2019-0142.json index 1c2d94a3d3d..fdc793e1d11 100644 --- a/2019/0xxx/CVE-2019-0142.json +++ b/2019/0xxx/CVE-2019-0142.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0142", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0142", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0390.json b/2019/0xxx/CVE-2019-0390.json index 4d872f16f7e..2782e118a71 100644 --- a/2019/0xxx/CVE-2019-0390.json +++ b/2019/0xxx/CVE-2019-0390.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0390", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0390", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0868.json b/2019/0xxx/CVE-2019-0868.json index 974d72748cf..e154697d8a1 100644 --- a/2019/0xxx/CVE-2019-0868.json +++ b/2019/0xxx/CVE-2019-0868.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0868", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0868", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0985.json b/2019/0xxx/CVE-2019-0985.json index 8b1672e2e58..e6b3bd93bb1 100644 --- a/2019/0xxx/CVE-2019-0985.json +++ b/2019/0xxx/CVE-2019-0985.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0985", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0985", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1137.json b/2019/1xxx/CVE-2019-1137.json index 6b70874e17c..80270390af6 100644 --- a/2019/1xxx/CVE-2019-1137.json +++ b/2019/1xxx/CVE-2019-1137.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1137", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1137", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1447.json b/2019/1xxx/CVE-2019-1447.json index 15cdb9ef59a..5785ff6ce71 100644 --- a/2019/1xxx/CVE-2019-1447.json +++ b/2019/1xxx/CVE-2019-1447.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1447", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1447", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1462.json b/2019/1xxx/CVE-2019-1462.json index 8f9edc1df6e..e56dd049e8f 100644 --- a/2019/1xxx/CVE-2019-1462.json +++ b/2019/1xxx/CVE-2019-1462.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1462", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1462", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1733.json b/2019/1xxx/CVE-2019-1733.json index 839f97ef309..0f4101e24c0 100644 --- a/2019/1xxx/CVE-2019-1733.json +++ b/2019/1xxx/CVE-2019-1733.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1733", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1733", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1852.json b/2019/1xxx/CVE-2019-1852.json index 6062583930b..e7960f09173 100644 --- a/2019/1xxx/CVE-2019-1852.json +++ b/2019/1xxx/CVE-2019-1852.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1852", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1852", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4490.json b/2019/4xxx/CVE-2019-4490.json index fa1a70c55f6..f78fe3836c9 100644 --- a/2019/4xxx/CVE-2019-4490.json +++ b/2019/4xxx/CVE-2019-4490.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4490", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4490", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4619.json b/2019/4xxx/CVE-2019-4619.json index f32242ff98b..57040d41b62 100644 --- a/2019/4xxx/CVE-2019-4619.json +++ b/2019/4xxx/CVE-2019-4619.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4619", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4619", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5263.json b/2019/5xxx/CVE-2019-5263.json index 0f44b2f2c79..5efb49bf034 100644 --- a/2019/5xxx/CVE-2019-5263.json +++ b/2019/5xxx/CVE-2019-5263.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5263", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5263", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5443.json b/2019/5xxx/CVE-2019-5443.json index 1b76e8cb37f..510796490c7 100644 --- a/2019/5xxx/CVE-2019-5443.json +++ b/2019/5xxx/CVE-2019-5443.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5443", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5443", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5969.json b/2019/5xxx/CVE-2019-5969.json index a118b65c7a0..e32d7d0e51c 100644 --- a/2019/5xxx/CVE-2019-5969.json +++ b/2019/5xxx/CVE-2019-5969.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5969", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5969", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file