diff --git a/1999/0xxx/CVE-1999-0416.json b/1999/0xxx/CVE-1999-0416.json index 83e1836e629..eb1f50c8a39 100644 --- a/1999/0xxx/CVE-1999-0416.json +++ b/1999/0xxx/CVE-1999-0416.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0416", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0416", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990311 Cisco 7xx TCP and HTTP Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/770/7xxconn-pub.shtml" - }, - { - "name" : "J-034", - "refsource" : "CIAC", - "url" : "http://ciac.llnl.gov/ciac/bulletins/j-034.shtml" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990311 Cisco 7xx TCP and HTTP Vulnerabilities", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/770/7xxconn-pub.shtml" + }, + { + "name": "J-034", + "refsource": "CIAC", + "url": "http://ciac.llnl.gov/ciac/bulletins/j-034.shtml" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0896.json b/1999/0xxx/CVE-1999-0896.json index 1a432d84335..1d6e3646a07 100644 --- a/1999/0xxx/CVE-1999-0896.json +++ b/1999/0xxx/CVE-1999-0896.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0896", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0896", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://service.real.com/help/faq/servg260.html", - "refsource" : "MISC", - "url" : "http://service.real.com/help/faq/servg260.html" - }, - { - "name" : "767", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/767" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in RealNetworks RealServer administration utility allows remote attackers to execute arbitrary commands via a long username and password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "767", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/767" + }, + { + "name": "http://service.real.com/help/faq/servg260.html", + "refsource": "MISC", + "url": "http://service.real.com/help/faq/servg260.html" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1178.json b/1999/1xxx/CVE-1999-1178.json index 945be3d6abb..33e34f666c4 100644 --- a/1999/1xxx/CVE-1999-1178.json +++ b/1999/1xxx/CVE-1999-1178.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1178", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1178", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "sambar-dump-env(3223)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3223" - }, - { - "name" : "19980610 Sambar Server Beta BUG..", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/9505" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "sambar-dump-env(3223)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3223" + }, + { + "name": "19980610 Sambar Server Beta BUG..", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/9505" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1183.json b/1999/1xxx/CVE-1999-1183.json index 9868d7e73eb..ee0185f422a 100644 --- a/1999/1xxx/CVE-1999-1183.json +++ b/1999/1xxx/CVE-1999-1183.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1183", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1183", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980403-02-PX", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19980403-02-PX" - }, - { - "name" : "19980403-01-PX", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19980403-01-PX" - }, - { - "name" : "8556", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/8556" - }, - { - "name" : "sgi-mailcap(809)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/809.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "System Manager sysmgr GUI in SGI IRIX 6.4 and 6.3 allows remote attackers to execute commands by providing a trojan horse (1) runtask or (2) runexec descriptor file, which is used to execute a System Manager Task when the user's Mailcap entry supports the x-sgi-task or x-sgi-exec type." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "8556", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/8556" + }, + { + "name": "19980403-02-PX", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19980403-02-PX" + }, + { + "name": "19980403-01-PX", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19980403-01-PX" + }, + { + "name": "sgi-mailcap(809)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/809.php" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1184.json b/1999/1xxx/CVE-1999-1184.json index 002aa17fbf6..49876dafd8a 100644 --- a/1999/1xxx/CVE-1999-1184.json +++ b/1999/1xxx/CVE-1999-1184.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1184", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1184", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19970513", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=87602167420967&w=2" - }, - { - "name" : "19970514 Re: ELM overflow", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=87602167420970&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Elm 2.4 and earlier allows local users to gain privileges via a long TERM environmental variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19970513", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=87602167420967&w=2" + }, + { + "name": "19970514 Re: ELM overflow", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=87602167420970&w=2" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1470.json b/1999/1xxx/CVE-1999-1470.json index a5952a7c9cb..5d535e24b51 100644 --- a/1999/1xxx/CVE-1999-1470.json +++ b/1999/1xxx/CVE-1999-1470.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1470", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Eastman Work Management 3.21 stores passwords in cleartext in the COMMON and LOCATOR registry keys, which could allow local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1470", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990624 Eastman Software Work Management 3.21", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=93034788412494&w=2" - }, - { - "name" : "eastman-cleartext-passwords(2303)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2303" - }, - { - "name" : "485", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/485" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Eastman Work Management 3.21 stores passwords in cleartext in the COMMON and LOCATOR registry keys, which could allow local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990624 Eastman Software Work Management 3.21", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=93034788412494&w=2" + }, + { + "name": "eastman-cleartext-passwords(2303)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2303" + }, + { + "name": "485", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/485" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0140.json b/2000/0xxx/CVE-2000-0140.json index d341caba944..b12a4f69a49 100644 --- a/2000/0xxx/CVE-2000-0140.json +++ b/2000/0xxx/CVE-2000-0140.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0140", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service via a large number of connections." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0140", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000210 remote DoS on Internet Anywhere Mail Server Ver.3.1.3", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=95021326417936&w=2" - }, - { - "name" : "980", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/980" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service via a large number of connections." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000210 remote DoS on Internet Anywhere Mail Server Ver.3.1.3", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=95021326417936&w=2" + }, + { + "name": "980", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/980" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0339.json b/2000/0xxx/CVE-2000-0339.json index 3678f16e552..8ce3eef2196 100644 --- a/2000/0xxx/CVE-2000-0339.json +++ b/2000/0xxx/CVE-2000-0339.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0339", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0339", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000420 ZoneAlarm", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000421044123.2353.qmail@securityfocus.com" - }, - { - "name" : "1137", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1137" - }, - { - "name" : "1294", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1294" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000420 ZoneAlarm", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000421044123.2353.qmail@securityfocus.com" + }, + { + "name": "1294", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1294" + }, + { + "name": "1137", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1137" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0376.json b/2000/0xxx/CVE-2000-0376.json index b611c1ec8fd..a4b26f5b374 100644 --- a/2000/0xxx/CVE-2000-0376.json +++ b/2000/0xxx/CVE-2000-0376.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0376", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote attackers to execute arbitrary commands via a long HTTP GET request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0376", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "1324", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1324" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote attackers to execute arbitrary commands via a long HTTP GET request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1324", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1324" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0519.json b/2000/0xxx/CVE-2000-0519.json index 8f3e93e4993..27416e8e8df 100644 --- a/2000/0xxx/CVE-2000-0519.json +++ b/2000/0xxx/CVE-2000-0519.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0519", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different \"SSL Certificate Validation\" vulnerabilities." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0519", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt", - "refsource" : "MISC", - "url" : "http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt" - }, - { - "name" : "MS00-039", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039" - }, - { - "name" : "CA-2000-10", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-2000-10.html" - }, - { - "name" : "1309", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1309" - }, - { - "name" : "ie-revalidate-certificate(4627)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4627" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establishes a new SSL session with the same server during the same Internet Explorer session, aka one of two different \"SSL Certificate Validation\" vulnerabilities." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt", + "refsource": "MISC", + "url": "http://www.acrossecurity.com/aspr/ASPR-1999-12-15-1-PUB.txt" + }, + { + "name": "CA-2000-10", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-2000-10.html" + }, + { + "name": "MS00-039", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-039" + }, + { + "name": "1309", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1309" + }, + { + "name": "ie-revalidate-certificate(4627)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4627" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0580.json b/2000/0xxx/CVE-2000-0580.json index e5cae066281..2482c634c92 100644 --- a/2000/0xxx/CVE-2000-0580.json +++ b/2000/0xxx/CVE-2000-0580.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000630 SecureXpert Advisory [SX-20000620-2]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000630161935.4619B-100000@fjord.fscinternet.com" - }, - { - "name" : "1415", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1415" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000630 SecureXpert Advisory [SX-20000620-2]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000630161935.4619B-100000@fjord.fscinternet.com" + }, + { + "name": "1415", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1415" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0653.json b/2000/0xxx/CVE-2000-0653.json index 4d3560e7ccd..341b59e6e8b 100644 --- a/2000/0xxx/CVE-2000-0653.json +++ b/2000/0xxx/CVE-2000-0653.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0653", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the \"Persistent Mail-Browser Link\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0653", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS00-045", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-045" - }, - { - "name" : "1502", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1502" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the \"Persistent Mail-Browser Link\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1502", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1502" + }, + { + "name": "MS00-045", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-045" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0760.json b/2000/0xxx/CVE-2000-0760.json index 6dea76dea57..919527a1879 100644 --- a/2000/0xxx/CVE-2000-0760.json +++ b/2000/0xxx/CVE-2000-0760.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0760", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0760", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000719 [LoWNOISE] Snoop Servlet (Tomcat 3.1 and 3.0)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719235404.24004A-100000@grex.cyberspace.org" - }, - { - "name" : "1532", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1532" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000719 [LoWNOISE] Snoop Servlet (Tomcat 3.1 and 3.0)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26date%3D2000-07-15%26msg%3DPine.SUN.3.96.1000719235404.24004A-100000@grex.cyberspace.org" + }, + { + "name": "1532", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1532" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0904.json b/2000/0xxx/CVE-2000-0904.json index abaf13a209e..26ecd4da454 100644 --- a/2000/0xxx/CVE-2000-0904.json +++ b/2000/0xxx/CVE-2000-0904.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0904", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in the .photon directory in the web document root, which allows remote attackers to obtain that information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0904", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000901 Multiple QNX Voyager Issues", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/79956" - }, - { - "name" : "1648", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1648" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in the .photon directory in the web document root, which allows remote attackers to obtain that information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000901 Multiple QNX Voyager Issues", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/79956" + }, + { + "name": "1648", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1648" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1169.json b/2000/1xxx/CVE-2000-1169.json index 79ada15fd04..11c8d0ddd0b 100644 --- a/2000/1xxx/CVE-2000-1169.json +++ b/2000/1xxx/CVE-2000-1169.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1169", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1169", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001123 OpenSSH Security Advisory (adv.fwd)", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0195.html" - }, - { - "name" : "MDKSA-2000:068", - "refsource" : "MANDRAKE", - "url" : "http://www.linux-mandrake.com/en/security/MDKSA-2000-068.php3" - }, - { - "name" : "20001115 Trustix Security Advisory - bind and openssh (and modutils)", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0217.html" - }, - { - "name" : "20001118 openssh: possible remote exploit", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2000/20001118" - }, - { - "name" : "CLSA-2000:345", - "refsource" : "CONECTIVA", - "url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000345" - }, - { - "name" : "RHSA-2000:111", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-111.html" - }, - { - "name" : "SuSE-SA:2000:47", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0004.html" - }, - { - "name" : "1949", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1949" - }, - { - "name" : "openssh-unauthorized-access(5517)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5517" - }, - { - "name" : "2114", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/2114" - }, - { - "name" : "6248", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/6248" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2000:068", + "refsource": "MANDRAKE", + "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-068.php3" + }, + { + "name": "SuSE-SA:2000:47", + "refsource": "SUSE", + "url": "http://lists.suse.com/archives/suse-security-announce/2000-Nov/0004.html" + }, + { + "name": "RHSA-2000:111", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-111.html" + }, + { + "name": "20001123 OpenSSH Security Advisory (adv.fwd)", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0195.html" + }, + { + "name": "openssh-unauthorized-access(5517)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5517" + }, + { + "name": "20001118 openssh: possible remote exploit", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2000/20001118" + }, + { + "name": "20001115 Trustix Security Advisory - bind and openssh (and modutils)", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0217.html" + }, + { + "name": "1949", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1949" + }, + { + "name": "CLSA-2000:345", + "refsource": "CONECTIVA", + "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000345" + }, + { + "name": "6248", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/6248" + }, + { + "name": "2114", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/2114" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2172.json b/2005/2xxx/CVE-2005-2172.json index 0bf3b593223..68917df456d 100644 --- a/2005/2xxx/CVE-2005-2172.json +++ b/2005/2xxx/CVE-2005-2172.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2172", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2172", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2424.json b/2005/2xxx/CVE-2005-2424.json index 4f12953a03e..02e9935b69d 100644 --- a/2005/2xxx/CVE-2005-2424.json +++ b/2005/2xxx/CVE-2005-2424.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2424", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the interface to freeze." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2424", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050725 Siemens SANTIS 50 Authentication Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112230914431638&w=2" - }, - { - "name" : "http://www.securenetwork.it/advisories/", - "refsource" : "MISC", - "url" : "http://www.securenetwork.it/advisories/" - }, - { - "name" : "14372", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14372" - }, - { - "name" : "18294", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/18294" - }, - { - "name" : "16215", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16215" - }, - { - "name" : "santis50-packet-gain-access(21552)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21552" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The management interface for Siemens SANTIS 50 running firmware 4.2.8.0, and possibly other products including Ericsson HN294dp and Dynalink RTA300W, allows remote attackers to access the Telnet port without authentication via certain packets to the web interface that cause the interface to freeze." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "santis50-packet-gain-access(21552)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21552" + }, + { + "name": "16215", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16215" + }, + { + "name": "18294", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/18294" + }, + { + "name": "14372", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14372" + }, + { + "name": "http://www.securenetwork.it/advisories/", + "refsource": "MISC", + "url": "http://www.securenetwork.it/advisories/" + }, + { + "name": "20050725 Siemens SANTIS 50 Authentication Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112230914431638&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2554.json b/2005/2xxx/CVE-2005-2554.json index 26658243b79..0fabb69e3bd 100644 --- a/2005/2xxx/CVE-2005-2554.json +++ b/2005/2xxx/CVE-2005-2554.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2554", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the \"Common Framework\\Db\" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2554", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050811 Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)", - "refsource" : "FULLDISC", - "url" : "http://lists.virus.org/full-disclosure-0508/msg00376.html" - }, - { - "name" : "http://reedarvin.thearvins.com/20050811-01.html", - "refsource" : "MISC", - "url" : "http://reedarvin.thearvins.com/20050811-01.html" - }, - { - "name" : "http://knowledgemap.nai.com/KanisaSupportSite/search.do?cmd=displayKC&docType=kc&externalId=KBkb42216xml", - "refsource" : "CONFIRM", - "url" : "http://knowledgemap.nai.com/KanisaSupportSite/search.do?cmd=displayKC&docType=kc&externalId=KBkb42216xml" - }, - { - "name" : "14549", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14549" - }, - { - "name" : "ADV-2005-1402", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/1402" - }, - { - "name" : "18735", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/18735" - }, - { - "name" : "16410", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16410" - }, - { - "name" : "epolicy-orchestrator-gain-privileges(21839)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21839" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the \"Common Framework\\Db\" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2005-1402", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/1402" + }, + { + "name": "20050811 Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3)", + "refsource": "FULLDISC", + "url": "http://lists.virus.org/full-disclosure-0508/msg00376.html" + }, + { + "name": "http://knowledgemap.nai.com/KanisaSupportSite/search.do?cmd=displayKC&docType=kc&externalId=KBkb42216xml", + "refsource": "CONFIRM", + "url": "http://knowledgemap.nai.com/KanisaSupportSite/search.do?cmd=displayKC&docType=kc&externalId=KBkb42216xml" + }, + { + "name": "epolicy-orchestrator-gain-privileges(21839)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21839" + }, + { + "name": "14549", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14549" + }, + { + "name": "16410", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16410" + }, + { + "name": "18735", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/18735" + }, + { + "name": "http://reedarvin.thearvins.com/20050811-01.html", + "refsource": "MISC", + "url": "http://reedarvin.thearvins.com/20050811-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2620.json b/2005/2xxx/CVE-2005-2620.json index 4ad7e0ec9b1..f3495b38e3a 100644 --- a/2005/2xxx/CVE-2005-2620.json +++ b/2005/2xxx/CVE-2005-2620.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2620", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2620", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050817 NOVL-2005010098073 GroupWise Password Caching", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112431139225724&w=2" - }, - { - "name" : "20050620 Novell GroupWise Plain Text Password Vulnerability.", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2005-06/0158.html" - }, - { - "name" : "20050825 NOVL-2005010098073 GroupWise Password Caching", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0858.html" - }, - { - "name" : "http://www.securiteam.com/windowsntfocus/5UP0Q0UG0I.html", - "refsource" : "MISC", - "url" : "http://www.securiteam.com/windowsntfocus/5UP0Q0UG0I.html" - }, - { - "name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972056.htm", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972056.htm" - }, - { - "name" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098073.htm", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098073.htm" - }, - { - "name" : "13997", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/13997" - }, - { - "name" : "17470", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/17470" - }, - { - "name" : "1014247", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014247" - }, - { - "name" : "groupwise-client-plaintext-password(21075)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21075" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.securiteam.com/windowsntfocus/5UP0Q0UG0I.html", + "refsource": "MISC", + "url": "http://www.securiteam.com/windowsntfocus/5UP0Q0UG0I.html" + }, + { + "name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098073.htm", + "refsource": "CONFIRM", + "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098073.htm" + }, + { + "name": "20050825 NOVL-2005010098073 GroupWise Password Caching", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0858.html" + }, + { + "name": "1014247", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014247" + }, + { + "name": "13997", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/13997" + }, + { + "name": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972056.htm", + "refsource": "CONFIRM", + "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/2972056.htm" + }, + { + "name": "20050817 NOVL-2005010098073 GroupWise Password Caching", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112431139225724&w=2" + }, + { + "name": "17470", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/17470" + }, + { + "name": "groupwise-client-plaintext-password(21075)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21075" + }, + { + "name": "20050620 Novell GroupWise Plain Text Password Vulnerability.", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2005-06/0158.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2700.json b/2005/2xxx/CVE-2005-2700.json index 0b28e8c910c..af179abe03e 100644 --- a/2005/2xxx/CVE-2005-2700.json +++ b/2005/2xxx/CVE-2005-2700.json @@ -1,312 +1,312 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2700", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ssl_engine_kernel.c in mod_ssl before 2.8.24, when using \"SSLVerifyClient optional\" in the global virtual host configuration, does not properly enforce \"SSLVerifyClient require\" in a per-location context, which allows remote attackers to bypass intended access restrictions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2005-2700", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[apache-modssl] 20050902 [ANNOUNCE] mod_ssl 2.8.24-1.3.33", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=apache-modssl&m=112569517603897&w=2" - }, - { - "name" : "http://people.apache.org/~jorton/CAN-2005-2700.diff", - "refsource" : "CONFIRM", - "url" : "http://people.apache.org/~jorton/CAN-2005-2700.diff" - }, - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm" - }, - { - "name" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117", - "refsource" : "CONFIRM", - "url" : "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117" - }, - { - "name" : "DSA-805", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-805" - }, - { - "name" : "DSA-807", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-807" - }, - { - "name" : "GLSA-200509-12", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml" - }, - { - "name" : "HPSBUX01232", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=112870296926652&w=2" - }, - { - "name" : "SSRT051043", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=112870296926652&w=2" - }, - { - "name" : "MDKSA-2005:161", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:161" - }, - { - "name" : "OpenPKG-SA-2005.017", - "refsource" : "OPENPKG", - "url" : "http://marc.info/?l=bugtraq&m=112604765028607&w=2" - }, - { - "name" : "RHSA-2005:608", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-608.html" - }, - { - "name" : "RHSA-2005:773", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-773.html" - }, - { - "name" : "RHSA-2005:816", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-816.html" - }, - { - "name" : "102197", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1" - }, - { - "name" : "102198", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1" - }, - { - "name" : "SUSE-SA:2005:051", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2005_51_apache2.html" - }, - { - "name" : "SUSE-SA:2005:052", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2005_52_apache2.html" - }, - { - "name" : "SuSE-SA:2006:051", - "refsource" : "SUSE", - "url" : "https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html" - }, - { - "name" : "TSLSA-2005-0059", - "refsource" : "TRUSTIX", - "url" : "http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html" - }, - { - "name" : "USN-177-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-177-1" - }, - { - "name" : "VU#744929", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/744929" - }, - { - "name" : "14721", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14721" - }, - { - "name" : "oval:org.mitre.oval:def:10416", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416" - }, - { - "name" : "ADV-2005-1625", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/1625" - }, - { - "name" : "ADV-2005-2659", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2659" - }, - { - "name" : "ADV-2006-0789", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0789" - }, - { - "name" : "ADV-2006-4207", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4207" - }, - { - "name" : "19188", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/19188" - }, - { - "name" : "16700", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16700" - }, - { - "name" : "16705", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16705" - }, - { - "name" : "16714", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16714" - }, - { - "name" : "16743", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16743" - }, - { - "name" : "16746", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16746" - }, - { - "name" : "16748", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16748" - }, - { - "name" : "16753", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16753" - }, - { - "name" : "16754", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16754" - }, - { - "name" : "16769", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16769" - }, - { - "name" : "16771", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16771" - }, - { - "name" : "16789", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16789" - }, - { - "name" : "16864", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16864" - }, - { - "name" : "16956", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16956" - }, - { - "name" : "17088", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17088" - }, - { - "name" : "17288", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17288" - }, - { - "name" : "17311", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17311" - }, - { - "name" : "17813", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17813" - }, - { - "name" : "19072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19072" - }, - { - "name" : "19073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19073" - }, - { - "name" : "21848", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21848" - }, - { - "name" : "22523", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22523" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ssl_engine_kernel.c in mod_ssl before 2.8.24, when using \"SSLVerifyClient optional\" in the global virtual host configuration, does not properly enforce \"SSLVerifyClient require\" in a per-location context, which allows remote attackers to bypass intended access restrictions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16705", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16705" + }, + { + "name": "DSA-807", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-807" + }, + { + "name": "SSRT051043", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=112870296926652&w=2" + }, + { + "name": "RHSA-2005:608", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-608.html" + }, + { + "name": "16700", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16700" + }, + { + "name": "17813", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17813" + }, + { + "name": "16743", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16743" + }, + { + "name": "16753", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16753" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm" + }, + { + "name": "HPSBUX01232", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=112870296926652&w=2" + }, + { + "name": "ADV-2005-2659", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2659" + }, + { + "name": "17088", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17088" + }, + { + "name": "TSLSA-2005-0059", + "refsource": "TRUSTIX", + "url": "http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html" + }, + { + "name": "22523", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22523" + }, + { + "name": "SUSE-SA:2005:051", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2005_51_apache2.html" + }, + { + "name": "16748", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16748" + }, + { + "name": "USN-177-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-177-1" + }, + { + "name": "http://people.apache.org/~jorton/CAN-2005-2700.diff", + "refsource": "CONFIRM", + "url": "http://people.apache.org/~jorton/CAN-2005-2700.diff" + }, + { + "name": "16754", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16754" + }, + { + "name": "MDKSA-2005:161", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:161" + }, + { + "name": "oval:org.mitre.oval:def:10416", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10416" + }, + { + "name": "RHSA-2005:773", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-773.html" + }, + { + "name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117", + "refsource": "CONFIRM", + "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=3117" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=167195" + }, + { + "name": "SuSE-SA:2006:051", + "refsource": "SUSE", + "url": "https://lists.opensuse.org/opensuse-security-announce/2006-09/msg00016.html" + }, + { + "name": "RHSA-2005:816", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-816.html" + }, + { + "name": "16789", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16789" + }, + { + "name": "16714", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16714" + }, + { + "name": "16769", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16769" + }, + { + "name": "ADV-2006-4207", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4207" + }, + { + "name": "17288", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17288" + }, + { + "name": "16956", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16956" + }, + { + "name": "19072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19072" + }, + { + "name": "21848", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21848" + }, + { + "name": "19188", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/19188" + }, + { + "name": "ADV-2005-1625", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/1625" + }, + { + "name": "16771", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16771" + }, + { + "name": "16746", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16746" + }, + { + "name": "GLSA-200509-12", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml" + }, + { + "name": "SUSE-SA:2005:052", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2005_52_apache2.html" + }, + { + "name": "DSA-805", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-805" + }, + { + "name": "14721", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14721" + }, + { + "name": "19073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19073" + }, + { + "name": "[apache-modssl] 20050902 [ANNOUNCE] mod_ssl 2.8.24-1.3.33", + "refsource": "MLIST", + "url": "http://marc.info/?l=apache-modssl&m=112569517603897&w=2" + }, + { + "name": "VU#744929", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/744929" + }, + { + "name": "OpenPKG-SA-2005.017", + "refsource": "OPENPKG", + "url": "http://marc.info/?l=bugtraq&m=112604765028607&w=2" + }, + { + "name": "16864", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16864" + }, + { + "name": "17311", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17311" + }, + { + "name": "102197", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1" + }, + { + "name": "102198", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102198-1" + }, + { + "name": "ADV-2006-0789", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0789" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3871.json b/2005/3xxx/CVE-2005-3871.json index 64f7c55c848..d19d846a721 100644 --- a/2005/3xxx/CVE-2005-3871.json +++ b/2005/3xxx/CVE-2005-3871.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3871", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Joels Bulletin board (JBB) 0.9.9rc3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) nr parameter in topiczeigen.php, (2) forum and (3) zeigeseite parameters in showforum.php, (4) forum parameter in newtopic.php, and (5) tidnr parameter in neuerbeitrag.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3871", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pridels0.blogspot.com/2005/11/jbb-sql-inj-vuln.html", - "refsource" : "MISC", - "url" : "http://pridels0.blogspot.com/2005/11/jbb-sql-inj-vuln.html" - }, - { - "name" : "15590", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15590" - }, - { - "name" : "ADV-2005-2620", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2620" - }, - { - "name" : "21148", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/21148" - }, - { - "name" : "21149", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/21149" - }, - { - "name" : "21150", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/21150" - }, - { - "name" : "21151", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/21151" - }, - { - "name" : "17727", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17727" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Joels Bulletin board (JBB) 0.9.9rc3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) nr parameter in topiczeigen.php, (2) forum and (3) zeigeseite parameters in showforum.php, (4) forum parameter in newtopic.php, and (5) tidnr parameter in neuerbeitrag.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21149", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/21149" + }, + { + "name": "15590", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15590" + }, + { + "name": "17727", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17727" + }, + { + "name": "http://pridels0.blogspot.com/2005/11/jbb-sql-inj-vuln.html", + "refsource": "MISC", + "url": "http://pridels0.blogspot.com/2005/11/jbb-sql-inj-vuln.html" + }, + { + "name": "21151", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/21151" + }, + { + "name": "ADV-2005-2620", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2620" + }, + { + "name": "21148", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/21148" + }, + { + "name": "21150", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/21150" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5239.json b/2007/5xxx/CVE-2007-5239.json index 7d2506c15ef..b6162684ea7 100644 --- a/2007/5xxx/CVE-2007-5239.json +++ b/2007/5xxx/CVE-2007-5239.json @@ -1,242 +1,242 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5239", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5239", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071029 FLEA-2007-0061-1 sun-jre sun-jdk", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482926/100/0/threaded" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2008-0010.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2008-0010.html" - }, - { - "name" : "BEA08-198.00", - "refsource" : "BEA", - "url" : "http://dev2dev.bea.com/pub/advisory/272" - }, - { - "name" : "GLSA-200804-20", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml" - }, - { - "name" : "GLSA-200804-28", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200804-28.xml" - }, - { - "name" : "GLSA-200806-11", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml" - }, - { - "name" : "HPSBUX02284", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533" - }, - { - "name" : "SSRT071483", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533" - }, - { - "name" : "RHSA-2007:0963", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0963.html" - }, - { - "name" : "RHSA-2007:1041", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-1041.html" - }, - { - "name" : "RHSA-2008:0132", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0132.html" - }, - { - "name" : "RHSA-2008:0156", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0156.html" - }, - { - "name" : "RHSA-2008:0100", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0100.html" - }, - { - "name" : "103072", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1" - }, - { - "name" : "SUSE-SA:2007:055", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_55_java.html" - }, - { - "name" : "SUSE-SA:2008:025", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html" - }, - { - "name" : "oval:org.mitre.oval:def:8758", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8758" - }, - { - "name" : "ADV-2007-3895", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3895" - }, - { - "name" : "ADV-2008-0609", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0609" - }, - { - "name" : "ADV-2008-1856", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1856/references" - }, - { - "name" : "1018814", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018814" - }, - { - "name" : "27206", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27206" - }, - { - "name" : "27261", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27261" - }, - { - "name" : "27716", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27716" - }, - { - "name" : "27693", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27693" - }, - { - "name" : "27804", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27804" - }, - { - "name" : "28777", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28777" - }, - { - "name" : "28880", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28880" - }, - { - "name" : "29042", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29042" - }, - { - "name" : "29214", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29214" - }, - { - "name" : "29340", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29340" - }, - { - "name" : "29858", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29858" - }, - { - "name" : "29897", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29897" - }, - { - "name" : "30676", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30676" - }, - { - "name" : "30780", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30780" - }, - { - "name" : "sun-java-dragdrop-weak-security(36950)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36950" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier does not properly enforce access restrictions for untrusted (1) applications and (2) applets, which allows user-assisted remote attackers to copy or rename arbitrary files when local users perform drag-and-drop operations from the untrusted application or applet window onto certain types of desktop applications." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2008:0132", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0132.html" + }, + { + "name": "RHSA-2007:1041", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-1041.html" + }, + { + "name": "ADV-2007-3895", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3895" + }, + { + "name": "30676", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30676" + }, + { + "name": "29042", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29042" + }, + { + "name": "27693", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27693" + }, + { + "name": "http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/0c36b6416afc3868b8b1b9012955e323.html" + }, + { + "name": "SUSE-SA:2007:055", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_55_java.html" + }, + { + "name": "103072", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103072-1" + }, + { + "name": "sun-java-dragdrop-weak-security(36950)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36950" + }, + { + "name": "29897", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29897" + }, + { + "name": "27206", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27206" + }, + { + "name": "27804", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27804" + }, + { + "name": "GLSA-200804-28", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml" + }, + { + "name": "HPSBUX02284", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533" + }, + { + "name": "29858", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29858" + }, + { + "name": "RHSA-2007:0963", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0963.html" + }, + { + "name": "RHSA-2008:0100", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0100.html" + }, + { + "name": "ADV-2008-0609", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0609" + }, + { + "name": "SUSE-SA:2008:025", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00010.html" + }, + { + "name": "27261", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27261" + }, + { + "name": "SSRT071483", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01234533" + }, + { + "name": "20071029 FLEA-2007-0061-1 sun-jre sun-jdk", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482926/100/0/threaded" + }, + { + "name": "28777", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28777" + }, + { + "name": "RHSA-2008:0156", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0156.html" + }, + { + "name": "BEA08-198.00", + "refsource": "BEA", + "url": "http://dev2dev.bea.com/pub/advisory/272" + }, + { + "name": "30780", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30780" + }, + { + "name": "1018814", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018814" + }, + { + "name": "28880", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28880" + }, + { + "name": "27716", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27716" + }, + { + "name": "ADV-2008-1856", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1856/references" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2008-0010.html" + }, + { + "name": "29214", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29214" + }, + { + "name": "29340", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29340" + }, + { + "name": "GLSA-200804-20", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml" + }, + { + "name": "GLSA-200806-11", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml" + }, + { + "name": "oval:org.mitre.oval:def:8758", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8758" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2128.json b/2009/2xxx/CVE-2009-2128.json index 9aee41d7296..b525c68fe23 100644 --- a/2009/2xxx/CVE-2009-2128.json +++ b/2009/2xxx/CVE-2009-2128.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2128", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the title (aka subject) field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2128", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.elvinbts.org/show_bug.php?id=49", - "refsource" : "CONFIRM", - "url" : "http://bugs.elvinbts.org/show_bug.php?id=49" - }, - { - "name" : "35430", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35430" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in close_bug.php in Elvin before 1.2.1 allows remote attackers to execute arbitrary SQL commands via the title (aka subject) field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.elvinbts.org/show_bug.php?id=49", + "refsource": "CONFIRM", + "url": "http://bugs.elvinbts.org/show_bug.php?id=49" + }, + { + "name": "35430", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35430" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2425.json b/2009/2xxx/CVE-2009-2425.json index b6b587bee69..3bd70ee2d3b 100644 --- a/2009/2xxx/CVE-2009-2425.json +++ b/2009/2xxx/CVE-2009-2425.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2425", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Tor before 0.2.0.35 allows remote attackers to cause a denial of service (application crash) via a malformed router descriptor." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2425", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[or-announce] 20090625 Tor 0.2.0.35 is released", - "refsource" : "MLIST", - "url" : "http://archives.seul.org/or/announce/Jun-2009/msg00000.html" - }, - { - "name" : "35505", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35505" - }, - { - "name" : "55340", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/55340" - }, - { - "name" : "35546", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35546" - }, - { - "name" : "ADV-2009-1716", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1716" - }, - { - "name" : "tor-router-descriptors-dos(51376)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51376" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Tor before 0.2.0.35 allows remote attackers to cause a denial of service (application crash) via a malformed router descriptor." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35546", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35546" + }, + { + "name": "[or-announce] 20090625 Tor 0.2.0.35 is released", + "refsource": "MLIST", + "url": "http://archives.seul.org/or/announce/Jun-2009/msg00000.html" + }, + { + "name": "tor-router-descriptors-dos(51376)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51376" + }, + { + "name": "55340", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/55340" + }, + { + "name": "ADV-2009-1716", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1716" + }, + { + "name": "35505", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35505" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2564.json b/2009/2xxx/CVE-2009-2564.json index 0c3a5f1d3aa..402503d6d80 100644 --- a/2009/2xxx/CVE-2009-2564.json +++ b/2009/2xxx/CVE-2009-2564.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2564", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\\bin\\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2564", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090720 Adobe related service (getPlus_HelperSvc.exe) local elevation of privileges", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/505095/100/0/threaded" - }, - { - "name" : "http://blogs.adobe.com/psirt/2009/07/local_privilege_escalation_in.html", - "refsource" : "CONFIRM", - "url" : "http://blogs.adobe.com/psirt/2009/07/local_privilege_escalation_in.html" - }, - { - "name" : "9199", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9199" - }, - { - "name" : "http://retrogod.altervista.org/9sg_adobe_local.html", - "refsource" : "MISC", - "url" : "http://retrogod.altervista.org/9sg_adobe_local.html" - }, - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb09-15.html" - }, - { - "name" : "TA09-286B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-286B.html" - }, - { - "name" : "35740", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35740" - }, - { - "name" : "oval:org.mitre.oval:def:5719", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5719" - }, - { - "name" : "1023007", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023007" - }, - { - "name" : "35930", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35930" - }, - { - "name" : "36331", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36331" - }, - { - "name" : "ADV-2009-1969", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1969" - }, - { - "name" : "ADV-2009-2898", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2898" - }, - { - "name" : "getplus-nos-insecure-permissions(54383)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54383" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\\bin\\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "9199", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9199" + }, + { + "name": "TA09-286B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-286B.html" + }, + { + "name": "1023007", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023007" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb09-15.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb09-15.html" + }, + { + "name": "oval:org.mitre.oval:def:5719", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5719" + }, + { + "name": "35740", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35740" + }, + { + "name": "ADV-2009-1969", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1969" + }, + { + "name": "http://retrogod.altervista.org/9sg_adobe_local.html", + "refsource": "MISC", + "url": "http://retrogod.altervista.org/9sg_adobe_local.html" + }, + { + "name": "getplus-nos-insecure-permissions(54383)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54383" + }, + { + "name": "35930", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35930" + }, + { + "name": "20090720 Adobe related service (getPlus_HelperSvc.exe) local elevation of privileges", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/505095/100/0/threaded" + }, + { + "name": "ADV-2009-2898", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2898" + }, + { + "name": "36331", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36331" + }, + { + "name": "http://blogs.adobe.com/psirt/2009/07/local_privilege_escalation_in.html", + "refsource": "CONFIRM", + "url": "http://blogs.adobe.com/psirt/2009/07/local_privilege_escalation_in.html" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2857.json b/2009/2xxx/CVE-2009-2857.json index df8382a5e54..1eb2d20229d 100644 --- a/2009/2xxx/CVE-2009-2857.json +++ b/2009/2xxx/CVE-2009-2857.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2857", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2857", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127721-02-1", - "refsource" : "CONFIRM", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127721-02-1" - }, - { - "name" : "257848", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-257848-1" - }, - { - "name" : "oval:org.mitre.oval:def:6152", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6152" - }, - { - "name" : "36319", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36319" - }, - { - "name" : "ADV-2009-2291", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2291" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2009-2291", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2291" + }, + { + "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127721-02-1", + "refsource": "CONFIRM", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-127721-02-1" + }, + { + "name": "257848", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-257848-1" + }, + { + "name": "36319", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36319" + }, + { + "name": "oval:org.mitre.oval:def:6152", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6152" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3857.json b/2009/3xxx/CVE-2009-3857.json index 6a9ff7caa33..a76d7e77a1a 100644 --- a/2009/3xxx/CVE-2009-3857.json +++ b/2009/3xxx/CVE-2009-3857.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3857", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service (application crash) via a Ruby (.rb) file containing a long string, which triggers the crash when a scroll bar is used." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3857", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9133", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9133" - }, - { - "name" : "scite-editor-file-dos(51674)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51674" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Softonic International SciTE 1.72 allows user-assisted remote attackers to cause a denial of service (application crash) via a Ruby (.rb) file containing a long string, which triggers the crash when a scroll bar is used." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "9133", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9133" + }, + { + "name": "scite-editor-file-dos(51674)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51674" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3871.json b/2009/3xxx/CVE-2009-3871.json index 2ca4bef10d9..d0332cf04c0 100644 --- a/2009/3xxx/CVE-2009-3871.json +++ b/2009/3xxx/CVE-2009-3871.json @@ -1,202 +1,202 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3871", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3871", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-09-079/", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-09-079/" - }, - { - "name" : "http://java.sun.com/javase/6/webnotes/6u17.html", - "refsource" : "CONFIRM", - "url" : "http://java.sun.com/javase/6/webnotes/6u17.html" - }, - { - "name" : "http://support.apple.com/kb/HT3969", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3969" - }, - { - "name" : "http://support.apple.com/kb/HT3970", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3970" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html" - }, - { - "name" : "APPLE-SA-2009-12-03-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2009-12-03-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html" - }, - { - "name" : "GLSA-200911-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200911-02.xml" - }, - { - "name" : "HPSBMU02703", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=131593453929393&w=2" - }, - { - "name" : "SSRT100242", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=131593453929393&w=2" - }, - { - "name" : "HPSBMU02799", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=134254866602253&w=2" - }, - { - "name" : "HPSBUX02503", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=126566824131534&w=2" - }, - { - "name" : "SSRT100019", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=126566824131534&w=2" - }, - { - "name" : "MDVSA-2010:084", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084" - }, - { - "name" : "RHSA-2009:1694", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-1694.html" - }, - { - "name" : "270474", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1" - }, - { - "name" : "SUSE-SA:2009:058", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html" - }, - { - "name" : "36881", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36881" - }, - { - "name" : "oval:org.mitre.oval:def:6698", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6698" - }, - { - "name" : "oval:org.mitre.oval:def:8275", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8275" - }, - { - "name" : "oval:org.mitre.oval:def:9360", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9360" - }, - { - "name" : "oval:org.mitre.oval:def:12134", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12134" - }, - { - "name" : "1023132", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023132" - }, - { - "name" : "37231", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37231" - }, - { - "name" : "37239", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37239" - }, - { - "name" : "37386", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37386" - }, - { - "name" : "37581", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37581" - }, - { - "name" : "37841", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37841" - }, - { - "name" : "ADV-2009-3131", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3131" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the setBytePixels function in the Abstract Window Toolkit (AWT) in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via crafted arguments, aka Bug Id 6872358." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBUX02503", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=126566824131534&w=2" + }, + { + "name": "oval:org.mitre.oval:def:9360", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9360" + }, + { + "name": "36881", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36881" + }, + { + "name": "http://support.apple.com/kb/HT3970", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3970" + }, + { + "name": "HPSBMU02799", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2" + }, + { + "name": "http://support.apple.com/kb/HT3969", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3969" + }, + { + "name": "HPSBMU02703", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=131593453929393&w=2" + }, + { + "name": "GLSA-200911-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200911-02.xml" + }, + { + "name": "RHSA-2009:1694", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-1694.html" + }, + { + "name": "APPLE-SA-2009-12-03-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00000.html" + }, + { + "name": "37231", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37231" + }, + { + "name": "SSRT100019", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=126566824131534&w=2" + }, + { + "name": "oval:org.mitre.oval:def:12134", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12134" + }, + { + "name": "1023132", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023132" + }, + { + "name": "SSRT100242", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=131593453929393&w=2" + }, + { + "name": "oval:org.mitre.oval:def:6698", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6698" + }, + { + "name": "SUSE-SA:2009:058", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00010.html" + }, + { + "name": "270474", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-09-079/", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-09-079/" + }, + { + "name": "ADV-2009-3131", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3131" + }, + { + "name": "APPLE-SA-2009-12-03-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Dec/msg00001.html" + }, + { + "name": "37581", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37581" + }, + { + "name": "oval:org.mitre.oval:def:8275", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8275" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html" + }, + { + "name": "http://java.sun.com/javase/6/webnotes/6u17.html", + "refsource": "CONFIRM", + "url": "http://java.sun.com/javase/6/webnotes/6u17.html" + }, + { + "name": "37841", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37841" + }, + { + "name": "37239", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37239" + }, + { + "name": "MDVSA-2010:084", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:084" + }, + { + "name": "37386", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37386" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0061.json b/2015/0xxx/CVE-2015-0061.json index a6f81207fa9..4f56a731485 100644 --- a/2015/0xxx/CVE-2015-0061.json +++ b/2015/0xxx/CVE-2015-0061.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0061", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for TIFF images, which allows remote attackers to obtain sensitive information from process memory via a crafted image file, aka \"TIFF Processing Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-0061", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-016", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-016" - }, - { - "name" : "72456", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72456" - }, - { - "name" : "1031725", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031725" - }, - { - "name" : "ms-tiff-cve20150061-info-disc(100435)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100435" - }, - { - "name" : "win-ms15kb3029944-update(100436)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100436" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for TIFF images, which allows remote attackers to obtain sensitive information from process memory via a crafted image file, aka \"TIFF Processing Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ms-tiff-cve20150061-info-disc(100435)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100435" + }, + { + "name": "72456", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72456" + }, + { + "name": "1031725", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031725" + }, + { + "name": "win-ms15kb3029944-update(100436)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100436" + }, + { + "name": "MS15-016", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-016" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0159.json b/2015/0xxx/CVE-2015-0159.json index ff754be7102..883b6408aea 100644 --- a/2015/0xxx/CVE-2015-0159.json +++ b/2015/0xxx/CVE-2015-0159.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0159", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-3570. Reason: This candidate is a reservation duplicate of CVE-2014-3570. Notes: All CVE users should reference CVE-2014-3570 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-0159", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-3570. Reason: This candidate is a reservation duplicate of CVE-2014-3570. Notes: All CVE users should reference CVE-2014-3570 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0204.json b/2015/0xxx/CVE-2015-0204.json index 6585883804f..d1de58e5869 100644 --- a/2015/0xxx/CVE-2015-0204.json +++ b/2015/0xxx/CVE-2015-0204.json @@ -1,402 +1,402 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0204", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the \"FREAK\" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-0204", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://freakattack.com/", - "refsource" : "MISC", - "url" : "https://freakattack.com/" - }, - { - "name" : "http://support.novell.com/security/cve/CVE-2015-0204.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/security/cve/CVE-2015-0204.html" - }, - { - "name" : "https://github.com/openssl/openssl/commit/ce325c60c74b0fa784f5872404b722e120e5cab0", - "refsource" : "CONFIRM", - "url" : "https://github.com/openssl/openssl/commit/ce325c60c74b0fa784f5872404b722e120e5cab0" - }, - { - "name" : "https://www.openssl.org/news/secadv_20150108.txt", - "refsource" : "CONFIRM", - "url" : "https://www.openssl.org/news/secadv_20150108.txt" - }, - { - "name" : "https://www.openssl.org/news/secadv_20150319.txt", - "refsource" : "CONFIRM", - "url" : "https://www.openssl.org/news/secadv_20150319.txt" - }, - { - "name" : "https://support.apple.com/HT204659", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT204659" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21883640", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21883640" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" - }, - { - "name" : "https://bto.bluecoat.com/security-advisory/sa88", - "refsource" : "CONFIRM", - "url" : "https://bto.bluecoat.com/security-advisory/sa88" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679" - }, - { - "name" : "https://bto.bluecoat.com/security-advisory/sa91", - "refsource" : "CONFIRM", - "url" : "https://bto.bluecoat.com/security-advisory/sa91" - }, - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241" - }, - { - "name" : "http://www-304.ibm.com/support/docview.wss?uid=swg21960769", - "refsource" : "CONFIRM", - "url" : "http://www-304.ibm.com/support/docview.wss?uid=swg21960769" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10102", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10102" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10108", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10108" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10110", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10110" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" - }, - { - "name" : "https://support.citrix.com/article/CTX216642", - "refsource" : "CONFIRM", - "url" : "https://support.citrix.com/article/CTX216642" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "APPLE-SA-2015-04-08-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" - }, - { - "name" : "20150310 Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl" - }, - { - "name" : "DSA-3125", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3125" - }, - { - "name" : "GLSA-201503-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201503-11" - }, - { - "name" : "HPSBUX03244", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142496289803847&w=2" - }, - { - "name" : "SSRT101885", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142496289803847&w=2" - }, - { - "name" : "HPSBGN03299", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142720981827617&w=2" - }, - { - "name" : "HPSBHF03289", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142721102728110&w=2" - }, - { - "name" : "SSRT101987", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142720981827617&w=2" - }, - { - "name" : "HPSBMU03345", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144043644216842&w=2" - }, - { - "name" : "HPSBMU03380", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=143748090628601&w=2" - }, - { - "name" : "HPSBMU03396", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144050205101530&w=2" - }, - { - "name" : "HPSBMU03397", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144050297101809&w=2" - }, - { - "name" : "HPSBMU03409", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144050155601375&w=2" - }, - { - "name" : "HPSBMU03413", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144050254401665&w=2" - }, - { - "name" : "HPSBOV03318", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142895206924048&w=2" - }, - { - "name" : "HPSBUX03162", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=142496179803395&w=2" - }, - { - "name" : "HPSBUX03334", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=143213830203296&w=2" - }, - { - "name" : "SSRT102000", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=143213830203296&w=2" - }, - { - "name" : "MDVSA-2015:019", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:019" - }, - { - "name" : "MDVSA-2015:062", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" - }, - { - "name" : "MDVSA-2015:063", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:063" - }, - { - "name" : "RHSA-2015:0066", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0066.html" - }, - { - "name" : "RHSA-2015:0800", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0800.html" - }, - { - "name" : "RHSA-2015:0849", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0849.html" - }, - { - "name" : "RHSA-2016:1650", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1650.html" - }, - { - "name" : "openSUSE-SU-2015:0130", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html" - }, - { - "name" : "SUSE-SU-2015:0578", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html" - }, - { - "name" : "SUSE-SU-2015:0946", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" - }, - { - "name" : "openSUSE-SU-2016:0640", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" - }, - { - "name" : "SUSE-SU-2016:0113", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" - }, - { - "name" : "SUSE-SU-2015:2166", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" - }, - { - "name" : "SUSE-SU-2015:2168", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" - }, - { - "name" : "SUSE-SU-2015:2182", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" - }, - { - "name" : "SUSE-SU-2015:2192", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" - }, - { - "name" : "SUSE-SU-2015:2216", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" - }, - { - "name" : "SUSE-SU-2015:1085", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html" - }, - { - "name" : "SUSE-SU-2015:1086", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html" - }, - { - "name" : "SUSE-SU-2015:1138", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html" - }, - { - "name" : "SUSE-SU-2015:1161", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "71936", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/71936" - }, - { - "name" : "1033378", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033378" - }, - { - "name" : "openssl-cve20150204-weak-security(99707)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/99707" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the \"FREAK\" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:2182", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10110", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10110" + }, + { + "name": "HPSBOV03318", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142895206924048&w=2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "openSUSE-SU-2015:0130", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00021.html" + }, + { + "name": "20150310 Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl" + }, + { + "name": "HPSBGN03299", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142720981827617&w=2" + }, + { + "name": "71936", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/71936" + }, + { + "name": "SUSE-SU-2015:2192", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "HPSBMU03409", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2" + }, + { + "name": "https://support.apple.com/HT204659", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT204659" + }, + { + "name": "https://www.openssl.org/news/secadv_20150319.txt", + "refsource": "CONFIRM", + "url": "https://www.openssl.org/news/secadv_20150319.txt" + }, + { + "name": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769", + "refsource": "CONFIRM", + "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "HPSBMU03380", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=143748090628601&w=2" + }, + { + "name": "HPSBMU03345", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144043644216842&w=2" + }, + { + "name": "RHSA-2015:0849", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0849.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1033378", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033378" + }, + { + "name": "HPSBHF03289", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142721102728110&w=2" + }, + { + "name": "openSUSE-SU-2016:0640", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" + }, + { + "name": "https://www.openssl.org/news/secadv_20150108.txt", + "refsource": "CONFIRM", + "url": "https://www.openssl.org/news/secadv_20150108.txt" + }, + { + "name": "MDVSA-2015:019", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:019" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html" + }, + { + "name": "SUSE-SU-2015:2166", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10679" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" + }, + { + "name": "openssl-cve20150204-weak-security(99707)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99707" + }, + { + "name": "RHSA-2015:0066", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0066.html" + }, + { + "name": "http://support.novell.com/security/cve/CVE-2015-0204.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/security/cve/CVE-2015-0204.html" + }, + { + "name": "HPSBUX03334", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=143213830203296&w=2" + }, + { + "name": "https://freakattack.com/", + "refsource": "MISC", + "url": "https://freakattack.com/" + }, + { + "name": "MDVSA-2015:063", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:063" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640" + }, + { + "name": "HPSBUX03244", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142496289803847&w=2" + }, + { + "name": "APPLE-SA-2015-04-08-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html" + }, + { + "name": "SUSE-SU-2015:1138", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10108", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10108" + }, + { + "name": "SUSE-SU-2015:0578", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html" + }, + { + "name": "SUSE-SU-2015:2216", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10102", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10102" + }, + { + "name": "https://bto.bluecoat.com/security-advisory/sa91", + "refsource": "CONFIRM", + "url": "https://bto.bluecoat.com/security-advisory/sa91" + }, + { + "name": "https://github.com/openssl/openssl/commit/ce325c60c74b0fa784f5872404b722e120e5cab0", + "refsource": "CONFIRM", + "url": "https://github.com/openssl/openssl/commit/ce325c60c74b0fa784f5872404b722e120e5cab0" + }, + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241" + }, + { + "name": "SUSE-SU-2015:1086", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html" + }, + { + "name": "SUSE-SU-2015:0946", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html" + }, + { + "name": "HPSBMU03397", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144050297101809&w=2" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "RHSA-2016:1650", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1650.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" + }, + { + "name": "RHSA-2015:0800", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0800.html" + }, + { + "name": "SSRT102000", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=143213830203296&w=2" + }, + { + "name": "HPSBMU03396", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144050205101530&w=2" + }, + { + "name": "HPSBUX03162", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142496179803395&w=2" + }, + { + "name": "SSRT101987", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142720981827617&w=2" + }, + { + "name": "MDVSA-2015:062", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062" + }, + { + "name": "SUSE-SU-2015:2168", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" + }, + { + "name": "SUSE-SU-2015:1085", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html" + }, + { + "name": "https://support.citrix.com/article/CTX216642", + "refsource": "CONFIRM", + "url": "https://support.citrix.com/article/CTX216642" + }, + { + "name": "HPSBMU03413", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144050254401665&w=2" + }, + { + "name": "SUSE-SU-2015:1161", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html" + }, + { + "name": "SSRT101885", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=142496289803847&w=2" + }, + { + "name": "https://bto.bluecoat.com/security-advisory/sa88", + "refsource": "CONFIRM", + "url": "https://bto.bluecoat.com/security-advisory/sa88" + }, + { + "name": "GLSA-201503-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201503-11" + }, + { + "name": "DSA-3125", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3125" + }, + { + "name": "SUSE-SU-2016:0113", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0649.json b/2015/0xxx/CVE-2015-0649.json index 18987529f29..98822b2552a 100644 --- a/2015/0xxx/CVE-2015-0649.json +++ b/2015/0xxx/CVE-2015-0649.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0649", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun63514." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-0649", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150325 Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun63514." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150325 Multiple Vulnerabilities in Cisco IOS Software Common Industrial Protocol", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1643.json b/2015/1xxx/CVE-2015-1643.json index 710f8f83567..2e0a07fb91d 100644 --- a/2015/1xxx/CVE-2015-1643.json +++ b/2015/1xxx/CVE-2015-1643.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1643", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka \"NtCreateTransactionManager Type Confusion Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-1643", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-038", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-038" - }, - { - "name" : "1032113", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032113" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka \"NtCreateTransactionManager Type Confusion Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032113", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032113" + }, + { + "name": "MS15-038", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-038" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3515.json b/2015/3xxx/CVE-2015-3515.json index 50efc70ff6e..f2f13dda366 100644 --- a/2015/3xxx/CVE-2015-3515.json +++ b/2015/3xxx/CVE-2015-3515.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3515", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3515", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4610.json b/2015/4xxx/CVE-2015-4610.json index 6eb2af36252..b415810f9e2 100644 --- a/2015/4xxx/CVE-2015-4610.json +++ b/2015/4xxx/CVE-2015-4610.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4610", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Store Locator (locator) extension before 3.3.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4610", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-009/", - "refsource" : "MISC", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-009/" - }, - { - "name" : "http://typo3.org/extensions/repository/view/locator", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/extensions/repository/view/locator" - }, - { - "name" : "75262", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75262" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Store Locator (locator) extension before 3.3.1 for TYPO3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-009/", + "refsource": "MISC", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2015-009/" + }, + { + "name": "http://typo3.org/extensions/repository/view/locator", + "refsource": "CONFIRM", + "url": "http://typo3.org/extensions/repository/view/locator" + }, + { + "name": "75262", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75262" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4639.json b/2015/4xxx/CVE-2015-4639.json index d4914f9c53a..f927bf80f42 100644 --- a/2015/4xxx/CVE-2015-4639.json +++ b/2015/4xxx/CVE-2015-4639.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4639", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, and 3.20.x before 3.20.1 allows remote attackers to inject arbitrary web script or HTML via a crafted list name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4639", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14416#c4", - "refsource" : "CONFIRM", - "url" : "http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14416#c4" - }, - { - "name" : "https://koha-community.org/security-release-koha-3-16-12/", - "refsource" : "CONFIRM", - "url" : "https://koha-community.org/security-release-koha-3-16-12/" - }, - { - "name" : "https://koha-community.org/security-release-koha-3-20-1/", - "refsource" : "CONFIRM", - "url" : "https://koha-community.org/security-release-koha-3-20-1/" - }, - { - "name" : "https://koha-community.org/koha-3-14-16-released/", - "refsource" : "CONFIRM", - "url" : "https://koha-community.org/koha-3-14-16-released/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, and 3.20.x before 3.20.1 allows remote attackers to inject arbitrary web script or HTML via a crafted list name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14416#c4", + "refsource": "CONFIRM", + "url": "http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14416#c4" + }, + { + "name": "https://koha-community.org/security-release-koha-3-16-12/", + "refsource": "CONFIRM", + "url": "https://koha-community.org/security-release-koha-3-16-12/" + }, + { + "name": "https://koha-community.org/security-release-koha-3-20-1/", + "refsource": "CONFIRM", + "url": "https://koha-community.org/security-release-koha-3-20-1/" + }, + { + "name": "https://koha-community.org/koha-3-14-16-released/", + "refsource": "CONFIRM", + "url": "https://koha-community.org/koha-3-14-16-released/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8069.json b/2015/8xxx/CVE-2015-8069.json index b1f0d86e93f..81b1157726c 100644 --- a/2015/8xxx/CVE-2015-8069.json +++ b/2015/8xxx/CVE-2015-8069.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8069", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8069", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "GLSA-201601-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-03" - }, - { - "name" : "SUSE-SU-2015:2236", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" - }, - { - "name" : "SUSE-SU-2015:2247", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:2239", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" - }, - { - "name" : "78715", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78715" - }, - { - "name" : "1034318", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2239", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "78715", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78715" + }, + { + "name": "SUSE-SU-2015:2236", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" + }, + { + "name": "SUSE-SU-2015:2247", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" + }, + { + "name": "1034318", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034318" + }, + { + "name": "GLSA-201601-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-03" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8121.json b/2015/8xxx/CVE-2015-8121.json index b86ea39f1dd..5e41c38753b 100644 --- a/2015/8xxx/CVE-2015-8121.json +++ b/2015/8xxx/CVE-2015-8121.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8121", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8121", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8959.json b/2015/8xxx/CVE-2015-8959.json index fe135c329ba..38d82bf91fe 100644 --- a/2015/8xxx/CVE-2015-8959.json +++ b/2015/8xxx/CVE-2015-8959.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8959", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2015-8959", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/09/22/2" - }, - { - "name" : "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861", - "refsource" : "CONFIRM", - "url" : "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378738", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1378738" - }, - { - "name" : "https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110", - "refsource" : "CONFIRM", - "url" : "https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110" - }, - { - "name" : "https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4", - "refsource" : "CONFIRM", - "url" : "https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4" - }, - { - "name" : "93230", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93230" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93230", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93230" + }, + { + "name": "[oss-security] 20160922 Re: CVE Requests: Various ImageMagick issues (as reported in the Debian BTS)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/09/22/2" + }, + { + "name": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861", + "refsource": "CONFIRM", + "url": "http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26861" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1378738", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1378738" + }, + { + "name": "https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110", + "refsource": "CONFIRM", + "url": "https://github.com/ImageMagick/ImageMagick/commit/3ab016764c7f787829d9065440d86f5609765110" + }, + { + "name": "https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4", + "refsource": "CONFIRM", + "url": "https://github.com/ImageMagick/ImageMagick/commit/9b428b7af688fe319320aed15f2b94281d1e37b4" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9035.json b/2015/9xxx/CVE-2015-9035.json index 06c277fd60a..219207f19c6 100644 --- a/2015/9xxx/CVE-2015-9035.json +++ b/2015/9xxx/CVE-2015-9035.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-07-01T00:00:00", - "ID" : "CVE-2015-9035", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Uncontrolled Resource Consumption Vulnerability in IMS" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-07-01T00:00:00", + "ID": "CVE-2015-9035", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "99467", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99467" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Uncontrolled Resource Consumption Vulnerability in IMS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "99467", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99467" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9197.json b/2015/9xxx/CVE-2015-9197.json index 2ff42cceaec..2f291633c40 100644 --- a/2015/9xxx/CVE-2015-9197.json +++ b/2015/9xxx/CVE-2015-9197.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9197", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, SD 810" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, when enabling XPUs for SMEM partitions, if configuration values are out of range, memory access outside the SMEM may occur and set incorrect XPU configurations." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer overflow vulnerability while enabling XPUs for SMEM partitions" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9197", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, SD 810" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, when enabling XPUs for SMEM partitions, if configuration values are out of range, memory access outside the SMEM may occur and set incorrect XPU configurations." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer overflow vulnerability while enabling XPUs for SMEM partitions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5098.json b/2016/5xxx/CVE-2016-5098.json index ff83fcb96e8..73e44be7cf3 100644 --- a/2016/5xxx/CVE-2016-5098.json +++ b/2016/5xxx/CVE-2016-5098.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5098", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5098", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8" - }, - { - "name" : "https://www.phpmyadmin.net/security/PMASA-2016-15", - "refsource" : "CONFIRM", - "url" : "https://www.phpmyadmin.net/security/PMASA-2016-15" - }, - { - "name" : "GLSA-201701-32", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-32" - }, - { - "name" : "openSUSE-SU-2016:1556", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00043.html" - }, - { - "name" : "1035980", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035980" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/d2dc9481d2af25b035778c67eaf0bfd2d2c59dd8" + }, + { + "name": "openSUSE-SU-2016:1556", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00043.html" + }, + { + "name": "https://www.phpmyadmin.net/security/PMASA-2016-15", + "refsource": "CONFIRM", + "url": "https://www.phpmyadmin.net/security/PMASA-2016-15" + }, + { + "name": "1035980", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035980" + }, + { + "name": "GLSA-201701-32", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-32" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5282.json b/2016/5xxx/CVE-2016-5282.json index 258a87674a6..55aadb7a535 100644 --- a/2016/5xxx/CVE-2016-5282.json +++ b/2016/5xxx/CVE-2016-5282.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5282", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-5282", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=932335", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=932335" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "93052", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93052" - }, - { - "name" : "1036852", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036852" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 49.0 does not properly restrict the scheme in favicon requests, which might allow remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by a jar: URL for a favicon resource." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=932335", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=932335" + }, + { + "name": "93052", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93052" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "1036852", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036852" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5601.json b/2016/5xxx/CVE-2016-5601.json index 32c9faaa27a..db119356b23 100644 --- a/2016/5xxx/CVE-2016-5601.json +++ b/2016/5xxx/CVE-2016-5601.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5601", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5601", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93704", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93704" - }, - { - "name" : "1037052", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037052" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "1037052", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037052" + }, + { + "name": "93704", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93704" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2038.json b/2018/2xxx/CVE-2018-2038.json index 6d05d6e211a..8e3083e6829 100644 --- a/2018/2xxx/CVE-2018-2038.json +++ b/2018/2xxx/CVE-2018-2038.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2038", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2038", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2189.json b/2018/2xxx/CVE-2018-2189.json index 5c55e9c0af9..035ef2dfe46 100644 --- a/2018/2xxx/CVE-2018-2189.json +++ b/2018/2xxx/CVE-2018-2189.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2189", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2189", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2266.json b/2018/2xxx/CVE-2018-2266.json index 44c86e4f149..4691f9919c4 100644 --- a/2018/2xxx/CVE-2018-2266.json +++ b/2018/2xxx/CVE-2018-2266.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2266", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2266", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2571.json b/2018/2xxx/CVE-2018-2571.json index 00b30c3e019..7cd01a34885 100644 --- a/2018/2xxx/CVE-2018-2571.json +++ b/2018/2xxx/CVE-2018-2571.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2571", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Communications Unified Inventory Management", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "7.2.4.2.x" - }, - { - "version_affected" : "=", - "version_value" : "7.3" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). Supported versions that are affected are 7.2.4.2.x and 7.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Unified Inventory Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Unified Inventory Management accessible data as well as unauthorized read access to a subset of Oracle Communications Unified Inventory Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Unified Inventory Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Unified Inventory Management accessible data as well as unauthorized read access to a subset of Oracle Communications Unified Inventory Management accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2571", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Communications Unified Inventory Management", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.2.4.2.x" + }, + { + "version_affected": "=", + "version_value": "7.3" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "102669", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102669" - }, - { - "name" : "1040200", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040200" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). Supported versions that are affected are 7.2.4.2.x and 7.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Unified Inventory Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Unified Inventory Management accessible data as well as unauthorized read access to a subset of Oracle Communications Unified Inventory Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Unified Inventory Management. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Unified Inventory Management accessible data as well as unauthorized read access to a subset of Oracle Communications Unified Inventory Management accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "102669", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102669" + }, + { + "name": "1040200", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040200" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2729.json b/2018/2xxx/CVE-2018-2729.json index dbf1d5094fa..2daa67fe0dd 100644 --- a/2018/2xxx/CVE-2018-2729.json +++ b/2018/2xxx/CVE-2018-2729.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2729", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Financial Services Funds Transfer Pricing", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "6.1.x" - }, - { - "version_affected" : "=", - "version_value" : "8.0.x" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Financial Services Funds Transfer Pricing component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6.1.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Funds Transfer Pricing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Funds Transfer Pricing accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Funds Transfer Pricing accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Funds Transfer Pricing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Funds Transfer Pricing accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Funds Transfer Pricing accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2729", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Financial Services Funds Transfer Pricing", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.1.x" + }, + { + "version_affected": "=", + "version_value": "8.0.x" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "102635", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102635" - }, - { - "name" : "1040214", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040214" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Financial Services Funds Transfer Pricing component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6.1.x and 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Funds Transfer Pricing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Funds Transfer Pricing accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Funds Transfer Pricing accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Funds Transfer Pricing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Funds Transfer Pricing accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Funds Transfer Pricing accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "1040214", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040214" + }, + { + "name": "102635", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102635" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2739.json b/2018/2xxx/CVE-2018-2739.json index 7acd829ced2..ef75427d295 100644 --- a/2018/2xxx/CVE-2018-2739.json +++ b/2018/2xxx/CVE-2018-2739.json @@ -1,81 +1,81 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2739", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "COREid Access", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "10.1.4.3.0" - }, - { - "version_affected" : "=", - "version_value" : "11.1.2.3.0" - }, - { - "version_affected" : "=", - "version_value" : "12.2.1.3.0" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Access Manager accessible data as well as unauthorized access to critical data or complete access to all Oracle Access Manager accessible data. CVSS 3.0 Base Score 9.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Access Manager accessible data as well as unauthorized access to critical data or complete access to all Oracle Access Manager accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2739", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "COREid Access", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.1.4.3.0" + }, + { + "version_affected": "=", + "version_value": "11.1.2.3.0" + }, + { + "version_affected": "=", + "version_value": "12.2.1.3.0" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "103784", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103784" - }, - { - "name" : "1040695", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040695" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Access Manager accessible data as well as unauthorized access to critical data or complete access to all Oracle Access Manager accessible data. CVSS 3.0 Base Score 9.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Access Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Access Manager accessible data as well as unauthorized access to critical data or complete access to all Oracle Access Manager accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040695", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040695" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "103784", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103784" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6282.json b/2018/6xxx/CVE-2018-6282.json index a6a94482808..b2a74aa8a16 100644 --- a/2018/6xxx/CVE-2018-6282.json +++ b/2018/6xxx/CVE-2018-6282.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6282", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6282", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6632.json b/2018/6xxx/CVE-2018-6632.json index 08b85197e28..32695ed1665 100644 --- a/2018/6xxx/CVE-2018-6632.json +++ b/2018/6xxx/CVE-2018-6632.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6632", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000110." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6632", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/80000110", - "refsource" : "MISC", - "url" : "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/80000110" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000110." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/80000110", + "refsource": "MISC", + "url": "https://github.com/ZhiyuanWang-Chengdu-Qihoo360/Micropoint_POC/tree/master/mp110005/80000110" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6791.json b/2018/6xxx/CVE-2018-6791.json index e59424fe0c2..1f4381840f5 100644 --- a/2018/6xxx/CVE-2018-6791.json +++ b/2018/6xxx/CVE-2018-6791.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6791", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is \"$(touch b)\" -- this will create a file called b in the home folder." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6791", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.kde.org/show_bug.cgi?id=389815", - "refsource" : "CONFIRM", - "url" : "https://bugs.kde.org/show_bug.cgi?id=389815" - }, - { - "name" : "https://cgit.kde.org/plasma-workspace.git/commit/?id=9db872df82c258315c6ebad800af59e81ffb9212", - "refsource" : "CONFIRM", - "url" : "https://cgit.kde.org/plasma-workspace.git/commit/?id=9db872df82c258315c6ebad800af59e81ffb9212" - }, - { - "name" : "DSA-4116", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4116" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is \"$(touch b)\" -- this will create a file called b in the home folder." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://cgit.kde.org/plasma-workspace.git/commit/?id=9db872df82c258315c6ebad800af59e81ffb9212", + "refsource": "CONFIRM", + "url": "https://cgit.kde.org/plasma-workspace.git/commit/?id=9db872df82c258315c6ebad800af59e81ffb9212" + }, + { + "name": "DSA-4116", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4116" + }, + { + "name": "https://bugs.kde.org/show_bug.cgi?id=389815", + "refsource": "CONFIRM", + "url": "https://bugs.kde.org/show_bug.cgi?id=389815" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6801.json b/2018/6xxx/CVE-2018-6801.json index f08d5da34be..f91fb4794a2 100644 --- a/2018/6xxx/CVE-2018-6801.json +++ b/2018/6xxx/CVE-2018-6801.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6801", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6801", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6812.json b/2018/6xxx/CVE-2018-6812.json index 85f6738d579..b37201f543f 100644 --- a/2018/6xxx/CVE-2018-6812.json +++ b/2018/6xxx/CVE-2018-6812.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6812", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6812", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6935.json b/2018/6xxx/CVE-2018-6935.json index 73c03f5078d..6bc30df41b2 100644 --- a/2018/6xxx/CVE-2018-6935.json +++ b/2018/6xxx/CVE-2018-6935.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6935", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP Scripts Mall Student Profile Management System Script v2.0.6 has XSS via the Name field to list_student.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6935", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://0day4u.wordpress.com/2018/03/19/student-profile-management-system-script-stored-xss/", - "refsource" : "MISC", - "url" : "https://0day4u.wordpress.com/2018/03/19/student-profile-management-system-script-stored-xss/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP Scripts Mall Student Profile Management System Script v2.0.6 has XSS via the Name field to list_student.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://0day4u.wordpress.com/2018/03/19/student-profile-management-system-script-stored-xss/", + "refsource": "MISC", + "url": "https://0day4u.wordpress.com/2018/03/19/student-profile-management-system-script-stored-xss/" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1078.json b/2019/1xxx/CVE-2019-1078.json index 64ef8c584e0..cbd574138bd 100644 --- a/2019/1xxx/CVE-2019-1078.json +++ b/2019/1xxx/CVE-2019-1078.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1078", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1078", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1121.json b/2019/1xxx/CVE-2019-1121.json index 73c92df9cfe..d4794c13394 100644 --- a/2019/1xxx/CVE-2019-1121.json +++ b/2019/1xxx/CVE-2019-1121.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1121", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1121", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1318.json b/2019/1xxx/CVE-2019-1318.json index ffa63f30981..c979c240458 100644 --- a/2019/1xxx/CVE-2019-1318.json +++ b/2019/1xxx/CVE-2019-1318.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1318", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1318", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5467.json b/2019/5xxx/CVE-2019-5467.json index f9a6db901f2..ff9839533f3 100644 --- a/2019/5xxx/CVE-2019-5467.json +++ b/2019/5xxx/CVE-2019-5467.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5467", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5467", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5648.json b/2019/5xxx/CVE-2019-5648.json index 53d33c9bf87..40bf362b968 100644 --- a/2019/5xxx/CVE-2019-5648.json +++ b/2019/5xxx/CVE-2019-5648.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5648", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5648", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5750.json b/2019/5xxx/CVE-2019-5750.json index 292b9f91caf..0e90c63afe6 100644 --- a/2019/5xxx/CVE-2019-5750.json +++ b/2019/5xxx/CVE-2019-5750.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5750", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5750", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5953.json b/2019/5xxx/CVE-2019-5953.json index 7f287f27bcf..f776ad97b41 100644 --- a/2019/5xxx/CVE-2019-5953.json +++ b/2019/5xxx/CVE-2019-5953.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5953", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5953", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file