From 3f5e912df84569978483ab02f93f7be368fcb472 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 06:22:10 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2004/0xxx/CVE-2004-0157.json | 180 ++++++++--------- 2004/1xxx/CVE-2004-1059.json | 160 +++++++-------- 2004/1xxx/CVE-2004-1072.json | 310 ++++++++++++++--------------- 2004/1xxx/CVE-2004-1404.json | 160 +++++++-------- 2004/1xxx/CVE-2004-1913.json | 140 ++++++------- 2008/3xxx/CVE-2008-3248.json | 210 +++++++++---------- 2008/3xxx/CVE-2008-3408.json | 180 ++++++++--------- 2008/3xxx/CVE-2008-3554.json | 140 ++++++------- 2008/3xxx/CVE-2008-3744.json | 200 +++++++++---------- 2008/4xxx/CVE-2008-4021.json | 34 ++-- 2008/4xxx/CVE-2008-4171.json | 150 +++++++------- 2008/4xxx/CVE-2008-4238.json | 34 ++-- 2008/4xxx/CVE-2008-4603.json | 140 ++++++------- 2008/4xxx/CVE-2008-4749.json | 150 +++++++------- 2008/6xxx/CVE-2008-6045.json | 160 +++++++-------- 2008/6xxx/CVE-2008-6070.json | 170 ++++++++-------- 2008/6xxx/CVE-2008-6126.json | 160 +++++++-------- 2008/6xxx/CVE-2008-6149.json | 170 ++++++++-------- 2008/6xxx/CVE-2008-6856.json | 150 +++++++------- 2008/7xxx/CVE-2008-7027.json | 130 ++++++------ 2008/7xxx/CVE-2008-7228.json | 130 ++++++------ 2013/2xxx/CVE-2013-2474.json | 34 ++-- 2013/2xxx/CVE-2013-2528.json | 34 ++-- 2013/6xxx/CVE-2013-6065.json | 34 ++-- 2013/6xxx/CVE-2013-6190.json | 34 ++-- 2013/6xxx/CVE-2013-6498.json | 34 ++-- 2013/6xxx/CVE-2013-6534.json | 34 ++-- 2017/10xxx/CVE-2017-10440.json | 34 ++-- 2017/10xxx/CVE-2017-10514.json | 34 ++-- 2017/11xxx/CVE-2017-11028.json | 132 ++++++------ 2017/11xxx/CVE-2017-11064.json | 132 ++++++------ 2017/11xxx/CVE-2017-11239.json | 160 +++++++-------- 2017/14xxx/CVE-2017-14852.json | 34 ++-- 2017/15xxx/CVE-2017-15184.json | 34 ++-- 2017/15xxx/CVE-2017-15282.json | 34 ++-- 2017/15xxx/CVE-2017-15284.json | 140 ++++++------- 2017/15xxx/CVE-2017-15672.json | 160 +++++++-------- 2017/15xxx/CVE-2017-15682.json | 34 ++-- 2017/9xxx/CVE-2017-9085.json | 120 +++++------ 2017/9xxx/CVE-2017-9306.json | 120 +++++------ 2017/9xxx/CVE-2017-9332.json | 120 +++++------ 2018/0xxx/CVE-2018-0123.json | 140 ++++++------- 2018/0xxx/CVE-2018-0140.json | 150 +++++++------- 2018/0xxx/CVE-2018-0423.json | 178 ++++++++--------- 2018/0xxx/CVE-2018-0856.json | 142 ++++++------- 2018/1000xxx/CVE-2018-1000621.json | 136 ++++++------- 2018/12xxx/CVE-2018-12235.json | 34 ++-- 2018/12xxx/CVE-2018-12788.json | 130 ++++++------ 2018/16xxx/CVE-2018-16665.json | 120 +++++------ 2018/16xxx/CVE-2018-16913.json | 34 ++-- 2018/19xxx/CVE-2018-19191.json | 53 ++++- 2018/4xxx/CVE-2018-4329.json | 34 ++-- 2018/4xxx/CVE-2018-4579.json | 34 ++-- 2018/4xxx/CVE-2018-4793.json | 34 ++-- 54 files changed, 3009 insertions(+), 2960 deletions(-) diff --git a/2004/0xxx/CVE-2004-0157.json b/2004/0xxx/CVE-2004-0157.json index bd31cc023b3..696e8d6e116 100644 --- a/2004/0xxx/CVE-2004-0157.json +++ b/2004/0xxx/CVE-2004-0157.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-0157", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-0157", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-484", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2004/dsa-484" - }, - { - "name" : "http://shellcode.org/Advisories/XONIX.txt", - "refsource" : "MISC", - "url" : "http://shellcode.org/Advisories/XONIX.txt" - }, - { - "name" : "10149", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10149" - }, - { - "name" : "5358", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/5358" - }, - { - "name" : "1009789", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1009789" - }, - { - "name" : "11382", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/11382" - }, - { - "name" : "xonix-privilege-dropping(15873)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15873" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1009789", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1009789" + }, + { + "name": "http://shellcode.org/Advisories/XONIX.txt", + "refsource": "MISC", + "url": "http://shellcode.org/Advisories/XONIX.txt" + }, + { + "name": "10149", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10149" + }, + { + "name": "DSA-484", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2004/dsa-484" + }, + { + "name": "xonix-privilege-dropping(15873)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15873" + }, + { + "name": "5358", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/5358" + }, + { + "name": "11382", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/11382" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1059.json b/2004/1xxx/CVE-2004-1059.json index 986bf03b443..d744bf3435a 100644 --- a/2004/1xxx/CVE-2004-1059.json +++ b/2004/1xxx/CVE-2004-1059.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1059", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1059", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041223 Cross-Site Scripting - an industry-wide problem", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030222.html" - }, - { - "name" : "http://www.mikx.de/index.php?p=6", - "refsource" : "MISC", - "url" : "http://www.mikx.de/index.php?p=6" - }, - { - "name" : "http://www.mnogosearch.org/history.html", - "refsource" : "CONFIRM", - "url" : "http://www.mnogosearch.org/history.html" - }, - { - "name" : "11895", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11895" - }, - { - "name" : "mnogosearch-search-xss(18434)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18434" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch 3.2.26 and earlier allow remote attackers to inject arbitrary HTML and web script via the (1) next and (2) prev result search pages, and the (3) extended and (4) simple search forms." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.mikx.de/index.php?p=6", + "refsource": "MISC", + "url": "http://www.mikx.de/index.php?p=6" + }, + { + "name": "mnogosearch-search-xss(18434)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18434" + }, + { + "name": "20041223 Cross-Site Scripting - an industry-wide problem", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030222.html" + }, + { + "name": "11895", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11895" + }, + { + "name": "http://www.mnogosearch.org/history.html", + "refsource": "CONFIRM", + "url": "http://www.mnogosearch.org/history.html" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1072.json b/2004/1xxx/CVE-2004-1072.json index a45f8117376..16ad578d8ab 100644 --- a/2004/1xxx/CVE-2004-1072.json +++ b/2004/1xxx/CVE-2004-1072.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1072", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1072", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt", - "refsource" : "MISC", - "url" : "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt" - }, - { - "name" : "DSA-1070", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1070" - }, - { - "name" : "DSA-1067", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1067" - }, - { - "name" : "DSA-1069", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1069" - }, - { - "name" : "DSA-1082", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1082" - }, - { - "name" : "FLSA:2336", - "refsource" : "FEDORA", - "url" : "https://bugzilla.fedora.us/show_bug.cgi?id=2336" - }, - { - "name" : "MDKSA-2005:022", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022" - }, - { - "name" : "RHSA-2004:537", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2004-537.html" - }, - { - "name" : "RHSA-2005:275", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-275.html" - }, - { - "name" : "RHSA-2004:504", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2004-504.html" - }, - { - "name" : "RHSA-2004:505", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2004-505.html" - }, - { - "name" : "20060402-01-U", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U" - }, - { - "name" : "11646", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11646" - }, - { - "name" : "oval:org.mitre.oval:def:11195", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11195" - }, - { - "name" : "20162", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20162" - }, - { - "name" : "20163", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20163" - }, - { - "name" : "20202", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20202" - }, - { - "name" : "20338", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/20338" - }, - { - "name" : "19607", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19607" - }, - { - "name" : "linux-elf-setuid-gain-privileges(18025)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20163", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20163" + }, + { + "name": "oval:org.mitre.oval:def:11195", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11195" + }, + { + "name": "DSA-1082", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1082" + }, + { + "name": "MDKSA-2005:022", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:022" + }, + { + "name": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt", + "refsource": "MISC", + "url": "http://www.isec.pl/vulnerabilities/isec-0017-binfmt_elf.txt" + }, + { + "name": "FLSA:2336", + "refsource": "FEDORA", + "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2336" + }, + { + "name": "RHSA-2005:275", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-275.html" + }, + { + "name": "19607", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19607" + }, + { + "name": "DSA-1070", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1070" + }, + { + "name": "RHSA-2004:537", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2004-537.html" + }, + { + "name": "20162", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20162" + }, + { + "name": "linux-elf-setuid-gain-privileges(18025)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18025" + }, + { + "name": "DSA-1067", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1067" + }, + { + "name": "11646", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11646" + }, + { + "name": "DSA-1069", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1069" + }, + { + "name": "20060402-01-U", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U" + }, + { + "name": "RHSA-2004:505", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2004-505.html" + }, + { + "name": "20202", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20202" + }, + { + "name": "RHSA-2004:504", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2004-504.html" + }, + { + "name": "20338", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/20338" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1404.json b/2004/1xxx/CVE-2004-1404.json index 03e372c0c5c..14d10a361f6 100644 --- a/2004/1xxx/CVE-2004-1404.json +++ b/2004/1xxx/CVE-2004-1404.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1404", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1404", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20041216 STG Security Advisory: [SSA-20041215-18] Vulnerability of uploading files with multiple extensions in phpBB Attachment Mod", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=110321557806215&w=2" - }, - { - "name" : "http://www.opentools.de/board/viewtopic.php?t=3590", - "refsource" : "CONFIRM", - "url" : "http://www.opentools.de/board/viewtopic.php?t=3590" - }, - { - "name" : "11893", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/11893" - }, - { - "name" : "13421", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/13421/" - }, - { - "name" : "attachment-mod-file-upload(18438)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/18438" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "13421", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/13421/" + }, + { + "name": "20041216 STG Security Advisory: [SSA-20041215-18] Vulnerability of uploading files with multiple extensions in phpBB Attachment Mod", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=110321557806215&w=2" + }, + { + "name": "11893", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/11893" + }, + { + "name": "http://www.opentools.de/board/viewtopic.php?t=3590", + "refsource": "CONFIRM", + "url": "http://www.opentools.de/board/viewtopic.php?t=3590" + }, + { + "name": "attachment-mod-file-upload(18438)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18438" + } + ] + } +} \ No newline at end of file diff --git a/2004/1xxx/CVE-2004-1913.json b/2004/1xxx/CVE-2004-1913.json index 312f252b038..ac0440d9507 100644 --- a/2004/1xxx/CVE-2004-1913.json +++ b/2004/1xxx/CVE-2004-1913.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2004-1913", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to inject arbitrary web script or HTML via the eid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2004-1913", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20040408 [waraxe-2004-SA#015 - Multiple vulnerabilities in NukeCalendar v1.1.a]", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=108144168932458&w=2" - }, - { - "name" : "10082", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/10082" - }, - { - "name" : "nuke-calendar-modulesphp-xss(15798)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/15798" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in modules.php in NukeCalendar 1.1.a, as used in PHP-Nuke, allows remote attackers to inject arbitrary web script or HTML via the eid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "10082", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/10082" + }, + { + "name": "nuke-calendar-modulesphp-xss(15798)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15798" + }, + { + "name": "20040408 [waraxe-2004-SA#015 - Multiple vulnerabilities in NukeCalendar v1.1.a]", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=108144168932458&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3248.json b/2008/3xxx/CVE-2008-3248.json index f54f200ea09..bec9e7e2e2a 100644 --- a/2008/3xxx/CVE-2008-3248.json +++ b/2008/3xxx/CVE-2008-3248.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3248", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, does not initialize filesystem blocks during creation of a file, which allows local users to obtain sensitive information by creating and then reading files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3248", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081021 SECOBJADV-2008-04: Symantec Veritas Storage Foundation Memory Disclosure Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/497626/100/0/threaded" - }, - { - "name" : "http://www.security-objectives.com/advisories/SECOBJSADV-2008-04.txt", - "refsource" : "MISC", - "url" : "http://www.security-objectives.com/advisories/SECOBJSADV-2008-04.txt" - }, - { - "name" : "http://www.security-objectives.com/advisories/SECOBJADV-2008-04.txt", - "refsource" : "MISC", - "url" : "http://www.security-objectives.com/advisories/SECOBJADV-2008-04.txt" - }, - { - "name" : "http://seer.entsupport.symantec.com/docs/310872.htm", - "refsource" : "CONFIRM", - "url" : "http://seer.entsupport.symantec.com/docs/310872.htm" - }, - { - "name" : "http://www.symantec.com/avcenter/security/Content/2008.10.20.html", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/avcenter/security/Content/2008.10.20.html" - }, - { - "name" : "31678", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31678" - }, - { - "name" : "32332", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32332" - }, - { - "name" : "ADV-2008-2875", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2875" - }, - { - "name" : "1021074", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1021074" - }, - { - "name" : "symantec-vxfs-qiomkfile-info-disclosure(46008)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46008" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX, and before 5.0 MP3 on Solaris, Linux, and AIX, does not initialize filesystem blocks during creation of a file, which allows local users to obtain sensitive information by creating and then reading files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32332", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32332" + }, + { + "name": "1021074", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1021074" + }, + { + "name": "31678", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31678" + }, + { + "name": "http://seer.entsupport.symantec.com/docs/310872.htm", + "refsource": "CONFIRM", + "url": "http://seer.entsupport.symantec.com/docs/310872.htm" + }, + { + "name": "20081021 SECOBJADV-2008-04: Symantec Veritas Storage Foundation Memory Disclosure Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/497626/100/0/threaded" + }, + { + "name": "http://www.security-objectives.com/advisories/SECOBJADV-2008-04.txt", + "refsource": "MISC", + "url": "http://www.security-objectives.com/advisories/SECOBJADV-2008-04.txt" + }, + { + "name": "symantec-vxfs-qiomkfile-info-disclosure(46008)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46008" + }, + { + "name": "http://www.symantec.com/avcenter/security/Content/2008.10.20.html", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/avcenter/security/Content/2008.10.20.html" + }, + { + "name": "http://www.security-objectives.com/advisories/SECOBJSADV-2008-04.txt", + "refsource": "MISC", + "url": "http://www.security-objectives.com/advisories/SECOBJSADV-2008-04.txt" + }, + { + "name": "ADV-2008-2875", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2875" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3408.json b/2008/3xxx/CVE-2008-3408.json index 60776b0f289..cfa002e1874 100644 --- a/2008/3xxx/CVE-2008-3408.json +++ b/2008/3xxx/CVE-2008-3408.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3408", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a crafted m3u file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3408", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "15895", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/15895" - }, - { - "name" : "6157", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6157" - }, - { - "name" : "30418", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30418" - }, - { - "name" : "ADV-2008-2264", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2264/references" - }, - { - "name" : "31294", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31294" - }, - { - "name" : "4088", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4088" - }, - { - "name" : "coolplayer-m3u-bo(44103)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44103" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a crafted m3u file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31294", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31294" + }, + { + "name": "15895", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/15895" + }, + { + "name": "30418", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30418" + }, + { + "name": "4088", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4088" + }, + { + "name": "6157", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6157" + }, + { + "name": "coolplayer-m3u-bo(44103)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44103" + }, + { + "name": "ADV-2008-2264", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2264/references" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3554.json b/2008/3xxx/CVE-2008-3554.json index a0f83eb9f3b..6836dc9f10d 100644 --- a/2008/3xxx/CVE-2008-3554.json +++ b/2008/3xxx/CVE-2008-3554.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3554", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in Discuz! 6.0.1 allows remote attackers to execute arbitrary SQL commands via the searchid parameter in a search action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3554", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6214", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6214" - }, - { - "name" : "30583", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30583" - }, - { - "name" : "discuz-index-sql-injection(44251)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in Discuz! 6.0.1 allows remote attackers to execute arbitrary SQL commands via the searchid parameter in a search action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "30583", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30583" + }, + { + "name": "discuz-index-sql-injection(44251)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44251" + }, + { + "name": "6214", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6214" + } + ] + } +} \ No newline at end of file diff --git a/2008/3xxx/CVE-2008-3744.json b/2008/3xxx/CVE-2008-3744.json index c1af5e55193..6197e46028d 100644 --- a/2008/3xxx/CVE-2008-3744.json +++ b/2008/3xxx/CVE-2008-3744.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-3744", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-3744", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/295053", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/295053" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=459108", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=459108" - }, - { - "name" : "FEDORA-2008-7467", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00259.html" - }, - { - "name" : "FEDORA-2008-7626", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00508.html" - }, - { - "name" : "30689", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/30689" - }, - { - "name" : "31462", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31462" - }, - { - "name" : "ADV-2008-2392", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2392" - }, - { - "name" : "31825", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/31825" - }, - { - "name" : "drupal-user-access-csrf(44448)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44448" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Drupal 5.x before 5.10 and 6.x before 6.4 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) delete user access rules." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=459108", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=459108" + }, + { + "name": "30689", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/30689" + }, + { + "name": "31825", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31825" + }, + { + "name": "drupal-user-access-csrf(44448)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44448" + }, + { + "name": "ADV-2008-2392", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2392" + }, + { + "name": "FEDORA-2008-7626", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00508.html" + }, + { + "name": "http://drupal.org/node/295053", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/295053" + }, + { + "name": "FEDORA-2008-7467", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00259.html" + }, + { + "name": "31462", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/31462" + } + ] + } +} \ No newline at end of file diff --git a/2008/4xxx/CVE-2008-4021.json b/2008/4xxx/CVE-2008-4021.json index ae3badd64bd..fe739ffbd84 100644 --- a/2008/4xxx/CVE-2008-4021.json +++ b/2008/4xxx/CVE-2008-4021.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-4021", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2008-4021", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2008. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2008/4xxx/CVE-2008-4171.json b/2008/4xxx/CVE-2008-4171.json index 7130884dc6c..1bf5860060c 100644 --- a/2008/4xxx/CVE-2008-4171.json +++ b/2008/4xxx/CVE-2008-4171.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-4171", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands via the name parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-4171", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://forums.invisionpower.com/index.php?showtopic=276512", - "refsource" : "CONFIRM", - "url" : "http://forums.invisionpower.com/index.php?showtopic=276512" - }, - { - "name" : "31288", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31288" - }, - { - "name" : "ADV-2008-2487", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2487" - }, - { - "name" : "1020817", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1020817" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in xmlout.php in Invision Power Board (IP.Board or IPB) 2.2.x and 2.3.x allows remote attackers to execute arbitrary SQL commands via the name parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://forums.invisionpower.com/index.php?showtopic=276512", + "refsource": "CONFIRM", + "url": "http://forums.invisionpower.com/index.php?showtopic=276512" + }, + { + "name": "ADV-2008-2487", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2487" + }, + { + "name": "31288", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31288" + }, + { + "name": "1020817", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1020817" + } + ] + } +} \ No newline at end of file diff --git a/2008/4xxx/CVE-2008-4238.json b/2008/4xxx/CVE-2008-4238.json index fbbcda3aa4c..0674c395293 100644 --- a/2008/4xxx/CVE-2008-4238.json +++ b/2008/4xxx/CVE-2008-4238.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-4238", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-4238", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2008/4xxx/CVE-2008-4603.json b/2008/4xxx/CVE-2008-4603.json index 357616f6dd0..f47a835f4a2 100644 --- a/2008/4xxx/CVE-2008-4603.json +++ b/2008/4xxx/CVE-2008-4603.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-4603", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-4603", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6769", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6769" - }, - { - "name" : "31793", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31793" - }, - { - "name" : "4433", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4433" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in search.php in iGaming CMS 2.0 Alpha 1 allows remote attackers to execute arbitrary SQL commands via the keywords parameter in a search_games action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4433", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4433" + }, + { + "name": "31793", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31793" + }, + { + "name": "6769", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6769" + } + ] + } +} \ No newline at end of file diff --git a/2008/4xxx/CVE-2008-4749.json b/2008/4xxx/CVE-2008-4749.json index 355dec84f6f..87ca1038d99 100644 --- a/2008/4xxx/CVE-2008-4749.json +++ b/2008/4xxx/CVE-2008-4749.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-4749", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via (1) the LogFile property and ClearLogFile method, and (2) the SaveToFile method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-4749", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6828", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6828" - }, - { - "name" : "31907", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31907" - }, - { - "name" : "4509", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4509" - }, - { - "name" : "db-activex-vimpx-file-overwrite(46096)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46096" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple insecure method vulnerabilities in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allow remote attackers to overwrite arbitrary files via (1) the LogFile property and ClearLogFile method, and (2) the SaveToFile method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "db-activex-vimpx-file-overwrite(46096)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46096" + }, + { + "name": "4509", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4509" + }, + { + "name": "6828", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6828" + }, + { + "name": "31907", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31907" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6045.json b/2008/6xxx/CVE-2008-6045.json index a1aa17a1789..f17a34dec35 100644 --- a/2008/6xxx/CVE-2008-6045.json +++ b/2008/6xxx/CVE-2008-6045.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6045", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6045", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080922 Re: [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/496588/100/0/threaded" - }, - { - "name" : "20080922 [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/496583/100/0/threaded" - }, - { - "name" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls54", - "refsource" : "MISC", - "url" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls54" - }, - { - "name" : "31313", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31313" - }, - { - "name" : "xtcommerce-shoppingcart-session-hijacking(45341)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45341" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Session fixation vulnerability in shopping_cart.php in xt:Commerce 3.0.4 and earlier allows remote attackers to hijack web sessions by setting the XTCsid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080922 Re: [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/496588/100/0/threaded" + }, + { + "name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls54", + "refsource": "MISC", + "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls54" + }, + { + "name": "xtcommerce-shoppingcart-session-hijacking(45341)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45341" + }, + { + "name": "20080922 [MajorSecurity Advisory #54]xt:Commerce - Cross Site Scripting and Session Fixation Issues", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/496583/100/0/threaded" + }, + { + "name": "31313", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31313" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6070.json b/2008/6xxx/CVE-2008-6070.json index b8d9f3ce132..e1c7a076782 100644 --- a/2008/6xxx/CVE-2008-6070.json +++ b/2008/6xxx/CVE-2008-6070.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6070", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6070", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/palm.c", - "refsource" : "CONFIRM", - "url" : "http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/palm.c" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=604837", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=604837" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=604837&group_id=73485", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=604837&group_id=73485" - }, - { - "name" : "29583", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/29583" - }, - { - "name" : "30549", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30549" - }, - { - "name" : "graphicsmagick-readpalmimage-bo(42904)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/42904" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=604837", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=604837" + }, + { + "name": "30549", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30549" + }, + { + "name": "29583", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/29583" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=604837&group_id=73485", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=604837&group_id=73485" + }, + { + "name": "graphicsmagick-readpalmimage-bo(42904)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42904" + }, + { + "name": "http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/palm.c", + "refsource": "CONFIRM", + "url": "http://cvs.graphicsmagick.org/cgi-bin/cvsweb.cgi/GraphicsMagick/coders/palm.c" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6126.json b/2008/6xxx/CVE-2008-6126.json index 1c7510c973b..315490a2113 100644 --- a/2008/6xxx/CVE-2008-6126.json +++ b/2008/6xxx/CVE-2008-6126.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6126", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter to download.php and the (2) page parameter to index.php, a different vector than CVE-2008-3589." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6126", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls55", - "refsource" : "MISC", - "url" : "http://www.majorsecurity.de/index_2.php?major_rls=major_rls55" - }, - { - "name" : "http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog", - "refsource" : "CONFIRM", - "url" : "http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog" - }, - { - "name" : "31495", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31495" - }, - { - "name" : "32021", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32021" - }, - { - "name" : "mozilocms-index-directory-traversal(45524)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45524" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) file parameter to download.php and the (2) page parameter to index.php, a different vector than CVE-2008-3589." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32021", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32021" + }, + { + "name": "31495", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31495" + }, + { + "name": "http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog", + "refsource": "CONFIRM", + "url": "http://cms.mozilo.de/index.php?cat=10_moziloCMS&page=60_Changelog" + }, + { + "name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls55", + "refsource": "MISC", + "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls55" + }, + { + "name": "mozilocms-index-directory-traversal(45524)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45524" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6149.json b/2008/6xxx/CVE-2008-6149.json index e6d207b737f..acf2aba55a4 100644 --- a/2008/6xxx/CVE-2008-6149.json +++ b/2008/6xxx/CVE-2008-6149.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6149", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6149", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081226 Joomla Component mdigg 2.2.8 Blind SQL Injection Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/499618/100/0/threaded" - }, - { - "name" : "7574", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/7574" - }, - { - "name" : "33009", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33009" - }, - { - "name" : "51005", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/51005" - }, - { - "name" : "33306", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/33306" - }, - { - "name" : "mdigg-index-sql-injection(47612)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/47612" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "7574", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/7574" + }, + { + "name": "mdigg-index-sql-injection(47612)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47612" + }, + { + "name": "33009", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33009" + }, + { + "name": "20081226 Joomla Component mdigg 2.2.8 Blind SQL Injection Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/499618/100/0/threaded" + }, + { + "name": "33306", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/33306" + }, + { + "name": "51005", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/51005" + } + ] + } +} \ No newline at end of file diff --git a/2008/6xxx/CVE-2008-6856.json b/2008/6xxx/CVE-2008-6856.json index 5fd53a74ee7..24e8aa066c4 100644 --- a/2008/6xxx/CVE-2008-6856.json +++ b/2008/6xxx/CVE-2008-6856.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-6856", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-6856", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6900", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6900" - }, - { - "name" : "32024", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32024" - }, - { - "name" : "32472", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32472" - }, - { - "name" : "absolutenewsmanager-cookie-security-bypass(46301)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46301" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Xigla Software Absolute News Manager.NET 5.1 allows remote attackers to bypass authentication and gain administrative access by setting a cookie to a certain value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "absolutenewsmanager-cookie-security-bypass(46301)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46301" + }, + { + "name": "32024", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32024" + }, + { + "name": "6900", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6900" + }, + { + "name": "32472", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32472" + } + ] + } +} \ No newline at end of file diff --git a/2008/7xxx/CVE-2008-7027.json b/2008/7xxx/CVE-2008-7027.json index 953732668a7..42612d424a5 100644 --- a/2008/7xxx/CVE-2008-7027.json +++ b/2008/7xxx/CVE-2008-7027.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-7027", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-7027", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "6579", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/6579" - }, - { - "name" : "31422", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31422" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Libra File Manager 1.18 and earlier allows remote attackers to bypass authentication and gain privileges by setting the user and pass cookies to 1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6579", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/6579" + }, + { + "name": "31422", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31422" + } + ] + } +} \ No newline at end of file diff --git a/2008/7xxx/CVE-2008-7228.json b/2008/7xxx/CVE-2008-7228.json index 46e916a57bc..8fec202677f 100644 --- a/2008/7xxx/CVE-2008-7228.json +++ b/2008/7xxx/CVE-2008-7228.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2008-7228", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple format string vulnerabilities in White_Dune before 0.29beta851 have unspecified impact and attack vectors, a different vulnerability than CVE-2008-0101." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2008-7228", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[fm-news] 20080206 Newsletter for Tuesday, February 05th 2008", - "refsource" : "MLIST", - "url" : "http://archives.neohapsis.com/archives/apps/freshmeat/2008-02/0005.html" - }, - { - "name" : "42677", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42677" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple format string vulnerabilities in White_Dune before 0.29beta851 have unspecified impact and attack vectors, a different vulnerability than CVE-2008-0101." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[fm-news] 20080206 Newsletter for Tuesday, February 05th 2008", + "refsource": "MLIST", + "url": "http://archives.neohapsis.com/archives/apps/freshmeat/2008-02/0005.html" + }, + { + "name": "42677", + "refsource": "OSVDB", + "url": "http://osvdb.org/42677" + } + ] + } +} \ No newline at end of file diff --git a/2013/2xxx/CVE-2013-2474.json b/2013/2xxx/CVE-2013-2474.json index b4ed3d042ef..eee36942b78 100644 --- a/2013/2xxx/CVE-2013-2474.json +++ b/2013/2xxx/CVE-2013-2474.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-2474", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-2474", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/2xxx/CVE-2013-2528.json b/2013/2xxx/CVE-2013-2528.json index 3f93b75021b..4d5f1ad6c90 100644 --- a/2013/2xxx/CVE-2013-2528.json +++ b/2013/2xxx/CVE-2013-2528.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-2528", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-2528", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6065.json b/2013/6xxx/CVE-2013-6065.json index e8564eec63b..7fadd5cc1d8 100644 --- a/2013/6xxx/CVE-2013-6065.json +++ b/2013/6xxx/CVE-2013-6065.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6065", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-6065", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6190.json b/2013/6xxx/CVE-2013-6190.json index c61c779ab17..e2a7b7d9079 100644 --- a/2013/6xxx/CVE-2013-6190.json +++ b/2013/6xxx/CVE-2013-6190.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6190", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-6190", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6498.json b/2013/6xxx/CVE-2013-6498.json index f240b2bc7e3..f2fa9a9053e 100644 --- a/2013/6xxx/CVE-2013-6498.json +++ b/2013/6xxx/CVE-2013-6498.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6498", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2013-6498", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2013/6xxx/CVE-2013-6534.json b/2013/6xxx/CVE-2013-6534.json index 87ad068e63a..f145f565028 100644 --- a/2013/6xxx/CVE-2013-6534.json +++ b/2013/6xxx/CVE-2013-6534.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2013-6534", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-6534", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2017/10xxx/CVE-2017-10440.json b/2017/10xxx/CVE-2017-10440.json index 17d56c6e988..4b745d28e41 100644 --- a/2017/10xxx/CVE-2017-10440.json +++ b/2017/10xxx/CVE-2017-10440.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-10440", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-10440", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/10xxx/CVE-2017-10514.json b/2017/10xxx/CVE-2017-10514.json index d70c58b0546..644856f70b3 100644 --- a/2017/10xxx/CVE-2017-10514.json +++ b/2017/10xxx/CVE-2017-10514.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-10514", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-10514", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11028.json b/2017/11xxx/CVE-2017-11028.json index e4d1eaf0144..e5f7c238767 100644 --- a/2017/11xxx/CVE-2017-11028.json +++ b/2017/11xxx/CVE-2017-11028.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-11-01T00:00:00", - "ID" : "CVE-2017-11028", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the ISP Camera driver, the contents of an arbitrary kernel address can be leaked to userspace by the function msm_isp_get_stream_common_data()." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Exposure in Camera" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-11-01T00:00:00", + "ID": "CVE-2017-11028", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android for MSM, Firefox OS for MSM, QRD Android", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-11-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-11-01" - }, - { - "name" : "101774", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101774" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the ISP Camera driver, the contents of an arbitrary kernel address can be leaked to userspace by the function msm_isp_get_stream_common_data()." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Exposure in Camera" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "101774", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101774" + }, + { + "name": "https://source.android.com/security/bulletin/2017-11-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-11-01" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11064.json b/2017/11xxx/CVE-2017-11064.json index 302860e5875..aa897e63e0b 100644 --- a/2017/11xxx/CVE-2017-11064.json +++ b/2017/11xxx/CVE-2017-11064.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-10-02T00:00:00", - "ID" : "CVE-2017-11064", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36815952. References: QC-CR#2054770, QC-CR#2058447, QC-CR#2066628, QC-CR#2087785" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-10-02T00:00:00", + "ID": "CVE-2017-11064", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/pixel/2017-10-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/pixel/2017-10-01" - }, - { - "name" : "101160", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101160" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36815952. References: QC-CR#2054770, QC-CR#2058447, QC-CR#2066628, QC-CR#2087785" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/pixel/2017-10-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/pixel/2017-10-01" + }, + { + "name": "101160", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101160" + } + ] + } +} \ No newline at end of file diff --git a/2017/11xxx/CVE-2017-11239.json b/2017/11xxx/CVE-2017-11239.json index 546f758bb0b..3da17436ece 100644 --- a/2017/11xxx/CVE-2017-11239.json +++ b/2017/11xxx/CVE-2017-11239.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@adobe.com", - "DATE_PUBLIC" : "2017-08-08T00:00:00", - "ID" : "CVE-2017-11239", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Acrobat Reader", - "version" : { - "version_data" : [ - { - "version_value" : "2017.009.20058 and earlier" - }, - { - "version_value" : "2017.008.30051 and earlier" - }, - { - "version_value" : "2015.006.30306 and earlier" - }, - { - "version_value" : "11.0.20 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Adobe Systems Incorporated" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. Successful exploitation could lead to arbitrary code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Memory Corruption" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2017-08-08T00:00:00", + "ID": "CVE-2017-11239", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Acrobat Reader", + "version": { + "version_data": [ + { + "version_value": "2017.009.20058 and earlier" + }, + { + "version_value": "2017.008.30051 and earlier" + }, + { + "version_value": "2015.006.30306 and earlier" + }, + { + "version_value": "11.0.20 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Adobe Systems Incorporated" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html" - }, - { - "name" : "100184", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100184" - }, - { - "name" : "1039098", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1039098" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to text strings. Successful exploitation could lead to arbitrary code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "100184", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100184" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb17-24.html" + }, + { + "name": "1039098", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1039098" + } + ] + } +} \ No newline at end of file diff --git a/2017/14xxx/CVE-2017-14852.json b/2017/14xxx/CVE-2017-14852.json index f89c495ea90..ff8b0be03f0 100644 --- a/2017/14xxx/CVE-2017-14852.json +++ b/2017/14xxx/CVE-2017-14852.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-14852", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-14852", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15184.json b/2017/15xxx/CVE-2017-15184.json index 3d14860b0d9..6b7ab9d9f1c 100644 --- a/2017/15xxx/CVE-2017-15184.json +++ b/2017/15xxx/CVE-2017-15184.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15184", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15184", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15282.json b/2017/15xxx/CVE-2017-15282.json index aa9bdc7d66f..776470110da 100644 --- a/2017/15xxx/CVE-2017-15282.json +++ b/2017/15xxx/CVE-2017-15282.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15282", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15282", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15284.json b/2017/15xxx/CVE-2017-15284.json index 6e17d47c5ef..8c1127d3221 100644 --- a/2017/15xxx/CVE-2017-15284.json +++ b/2017/15xxx/CVE-2017-15284.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15284", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 425), allowing a least privileged user to upload an SVG file containing malicious code as the Avatar for the profile. When this is opened by the Admin, it causes JavaScript execution in the context of the Admin account." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15284", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42978", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42978/" - }, - { - "name" : "https://github.com/octobercms/library/commit/3bbbbf3da469f457881b5af902eb0b89b95189a2", - "refsource" : "MISC", - "url" : "https://github.com/octobercms/library/commit/3bbbbf3da469f457881b5af902eb0b89b95189a2" - }, - { - "name" : "https://packetstormsecurity.com/files/144587/OctoberCMS-1.0.425-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/144587/OctoberCMS-1.0.425-Cross-Site-Scripting.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-Site Scripting exists in OctoberCMS 1.0.425 (aka Build 425), allowing a least privileged user to upload an SVG file containing malicious code as the Avatar for the profile. When this is opened by the Admin, it causes JavaScript execution in the context of the Admin account." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://packetstormsecurity.com/files/144587/OctoberCMS-1.0.425-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/144587/OctoberCMS-1.0.425-Cross-Site-Scripting.html" + }, + { + "name": "42978", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42978/" + }, + { + "name": "https://github.com/octobercms/library/commit/3bbbbf3da469f457881b5af902eb0b89b95189a2", + "refsource": "MISC", + "url": "https://github.com/octobercms/library/commit/3bbbbf3da469f457881b5af902eb0b89b95189a2" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15672.json b/2017/15xxx/CVE-2017-15672.json index 226192aa385..db9037a2516 100644 --- a/2017/15xxx/CVE-2017-15672.json +++ b/2017/15xxx/CVE-2017-15672.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15672", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The read_header function in libavcodec/ffv1dec.c in FFmpeg 3.3.4 and earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15672", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20171103 [CVE-2017-15672]: ffmpeg: read out of bounds of buffer when it parsing an craft mp4 file.", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2017/11/03/4" - }, - { - "name" : "[debian-lts-announce] 20190107 [SECURITY] [DLA 1630-1] libav security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html" - }, - { - "name" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904", - "refsource" : "CONFIRM", - "url" : "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904" - }, - { - "name" : "DSA-4049", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2017/dsa-4049" - }, - { - "name" : "101690", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101690" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The read_header function in libavcodec/ffv1dec.c in FFmpeg 3.3.4 and earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "101690", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101690" + }, + { + "name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904", + "refsource": "CONFIRM", + "url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=c20f4fcb74da2d0432c7b54499bb98f48236b904" + }, + { + "name": "[oss-security] 20171103 [CVE-2017-15672]: ffmpeg: read out of bounds of buffer when it parsing an craft mp4 file.", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2017/11/03/4" + }, + { + "name": "[debian-lts-announce] 20190107 [SECURITY] [DLA 1630-1] libav security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html" + }, + { + "name": "DSA-4049", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2017/dsa-4049" + } + ] + } +} \ No newline at end of file diff --git a/2017/15xxx/CVE-2017-15682.json b/2017/15xxx/CVE-2017-15682.json index d874be86d0e..dd44178dff8 100644 --- a/2017/15xxx/CVE-2017-15682.json +++ b/2017/15xxx/CVE-2017-15682.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-15682", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-15682", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9085.json b/2017/9xxx/CVE-2017-9085.json index 1f4e3dd7ea6..9d8a622e1cc 100644 --- a/2017/9xxx/CVE-2017-9085.json +++ b/2017/9xxx/CVE-2017-9085.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9085", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 6.5 to 8.0 allow remote attackers to inject arbitrary web script via the (1) \"paramFile\" parameter to /Site/Troubleshooting/DiagnosticReport.asp, or (2) \"paramFile\" parameter to /Site/Troubleshooting/SpeedTest.asp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2017-9085", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://packetstormsecurity.com/files/142587/Kodak-InSite-8.0-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/142587/Kodak-InSite-8.0-Cross-Site-Scripting.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 6.5 to 8.0 allow remote attackers to inject arbitrary web script via the (1) \"paramFile\" parameter to /Site/Troubleshooting/DiagnosticReport.asp, or (2) \"paramFile\" parameter to /Site/Troubleshooting/SpeedTest.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://packetstormsecurity.com/files/142587/Kodak-InSite-8.0-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/142587/Kodak-InSite-8.0-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2017/9xxx/CVE-2017-9306.json b/2017/9xxx/CVE-2017-9306.json index 00f2b9c32cb..c605a144f1e 100644 --- a/2017/9xxx/CVE-2017-9306.json +++ b/2017/9xxx/CVE-2017-9306.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2017-9306", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "inc/SP/Html/Html.class.php in sysPass 2.1.9 allows remote attackers to bypass the XSS filter, as demonstrated by use of an \"