From 41b6c772b3d7ed8c946b261e86ac34d86ebe6444 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 22:28:44 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0968.json | 140 +++--- 1999/1xxx/CVE-1999-1025.json | 140 +++--- 1999/1xxx/CVE-1999-1032.json | 150 +++--- 1999/1xxx/CVE-1999-1359.json | 130 ++--- 1999/1xxx/CVE-1999-1373.json | 120 ++--- 2000/0xxx/CVE-2000-0026.json | 140 +++--- 2000/0xxx/CVE-2000-0033.json | 120 ++--- 2000/0xxx/CVE-2000-0702.json | 140 +++--- 2000/0xxx/CVE-2000-0761.json | 140 +++--- 2000/0xxx/CVE-2000-0959.json | 140 +++--- 2000/0xxx/CVE-2000-0986.json | 130 ++--- 2000/1xxx/CVE-2000-1139.json | 140 +++--- 2000/1xxx/CVE-2000-1222.json | 130 ++--- 2005/2xxx/CVE-2005-2032.json | 150 +++--- 2005/2xxx/CVE-2005-2685.json | 130 ++--- 2005/2xxx/CVE-2005-2870.json | 120 ++--- 2005/2xxx/CVE-2005-2910.json | 34 +- 2005/3xxx/CVE-2005-3285.json | 160 +++--- 2005/3xxx/CVE-2005-3309.json | 170 +++---- 2005/3xxx/CVE-2005-3414.json | 170 +++---- 2005/3xxx/CVE-2005-3507.json | 180 +++---- 2005/3xxx/CVE-2005-3624.json | 930 +++++++++++++++++------------------ 2005/4xxx/CVE-2005-4146.json | 180 +++---- 2005/4xxx/CVE-2005-4448.json | 160 +++--- 2009/2xxx/CVE-2009-2014.json | 140 +++--- 2009/2xxx/CVE-2009-2209.json | 150 +++--- 2009/2xxx/CVE-2009-2414.json | 470 +++++++++--------- 2009/2xxx/CVE-2009-2515.json | 140 +++--- 2009/2xxx/CVE-2009-2586.json | 150 +++--- 2009/2xxx/CVE-2009-2773.json | 150 +++--- 2009/3xxx/CVE-2009-3414.json | 130 ++--- 2009/3xxx/CVE-2009-3520.json | 130 ++--- 2009/3xxx/CVE-2009-3705.json | 140 +++--- 2009/3xxx/CVE-2009-3797.json | 310 ++++++------ 2009/3xxx/CVE-2009-3923.json | 150 +++--- 2015/0xxx/CVE-2015-0598.json | 130 ++--- 2015/0xxx/CVE-2015-0639.json | 130 ++--- 2015/1xxx/CVE-2015-1451.json | 160 +++--- 2015/1xxx/CVE-2015-1470.json | 34 +- 2015/1xxx/CVE-2015-1657.json | 130 ++--- 2015/1xxx/CVE-2015-1788.json | 570 ++++++++++----------- 2015/4xxx/CVE-2015-4054.json | 180 +++---- 2015/4xxx/CVE-2015-4207.json | 140 +++--- 2015/4xxx/CVE-2015-4369.json | 160 +++--- 2015/4xxx/CVE-2015-4640.json | 170 +++---- 2015/4xxx/CVE-2015-4992.json | 130 ++--- 2015/8xxx/CVE-2015-8088.json | 130 ++--- 2015/8xxx/CVE-2015-8396.json | 190 +++---- 2015/9xxx/CVE-2015-9198.json | 132 ++--- 2018/3xxx/CVE-2018-3402.json | 34 +- 2018/6xxx/CVE-2018-6016.json | 120 ++--- 2018/6xxx/CVE-2018-6360.json | 150 +++--- 2018/6xxx/CVE-2018-6573.json | 34 +- 2018/6xxx/CVE-2018-6814.json | 34 +- 2018/7xxx/CVE-2018-7449.json | 130 ++--- 2018/7xxx/CVE-2018-7764.json | 122 ++--- 2019/5xxx/CVE-2019-5116.json | 34 +- 2019/5xxx/CVE-2019-5624.json | 34 +- 58 files changed, 4641 insertions(+), 4641 deletions(-) diff --git a/1999/0xxx/CVE-1999-0968.json b/1999/0xxx/CVE-1999-0968.json index 8e84d25e15a..b43f31fdbca 100644 --- a/1999/0xxx/CVE-1999-0968.json +++ b/1999/0xxx/CVE-1999-0968.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0968", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in BNC IRC proxy allows remote attackers to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0968", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19981226 bnc exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/11711" - }, - { - "name" : "bnc-proxy-bo(1546)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1546" - }, - { - "name" : "1927", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1927" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in BNC IRC proxy allows remote attackers to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1927", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1927" + }, + { + "name": "19981226 bnc exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/11711" + }, + { + "name": "bnc-proxy-bo(1546)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1546" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1025.json b/1999/1xxx/CVE-1999-1025.json index 2b665902606..f541e932c7c 100644 --- a/1999/1xxx/CVE-1999-1025.json +++ b/1999/1xxx/CVE-1999-1025.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1025", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1025", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19981012 Annoying Solaris/CDE/NIS+ bug", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=90831127921062&w=2" - }, - { - "name" : "4115685", - "refsource" : "SUNBUG", - "url" : "http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fpatches%2F106027&zone_32=411568%2A%20" - }, - { - "name" : "294", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/294" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CDE screen lock program (screenlock) on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19981012 Annoying Solaris/CDE/NIS+ bug", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=90831127921062&w=2" + }, + { + "name": "4115685", + "refsource": "SUNBUG", + "url": "http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fpatches%2F106027&zone_32=411568%2A%20" + }, + { + "name": "294", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/294" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1032.json b/1999/1xxx/CVE-1999-1032.json index d06594d3d84..a9d20c87bd1 100644 --- a/1999/1xxx/CVE-1999-1032.json +++ b/1999/1xxx/CVE-1999-1032.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1032", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1032", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "CA-1991-11", - "refsource" : "CERT", - "url" : "http://www.cert.org/advisories/CA-1991-11.html" - }, - { - "name" : "B-36", - "refsource" : "CIAC", - "url" : "http://ciac.llnl.gov/ciac/bulletins/b-36.shtml" - }, - { - "name" : "26", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26" - }, - { - "name" : "ultrix-telnet(584)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/584" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26" + }, + { + "name": "ultrix-telnet(584)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/584" + }, + { + "name": "CA-1991-11", + "refsource": "CERT", + "url": "http://www.cert.org/advisories/CA-1991-11.html" + }, + { + "name": "B-36", + "refsource": "CIAC", + "url": "http://ciac.llnl.gov/ciac/bulletins/b-36.shtml" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1359.json b/1999/1xxx/CVE-1999-1359.json index ce19dda3149..aeaeb76e0f6 100644 --- a/1999/1xxx/CVE-1999-1359.json +++ b/1999/1xxx/CVE-1999-1359.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1359", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1359", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "Q163875", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/support/kb/articles/q163/8/75.asp" - }, - { - "name" : "nt-group-policy-longname(7401)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/7401.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "nt-group-policy-longname(7401)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/7401.php" + }, + { + "name": "Q163875", + "refsource": "MSKB", + "url": "http://support.microsoft.com/support/kb/articles/q163/8/75.asp" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1373.json b/1999/1xxx/CVE-1999-1373.json index a83b6a74a78..3adc61b5703 100644 --- a/1999/1xxx/CVE-1999-1373.json +++ b/1999/1xxx/CVE-1999-1373.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1373", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FORE PowerHub before 5.0.1 allows remote attackers to cause a denial of service (hang) via a TCP SYN scan with TCP/IP OS fingerprinting, e.g. via nmap." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1373", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990105 Re: Network Scan Vulnerability [SUMMARY]", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=91651770130771&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FORE PowerHub before 5.0.1 allows remote attackers to cause a denial of service (hang) via a TCP SYN scan with TCP/IP OS fingerprinting, e.g. via nmap." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990105 Re: Network Scan Vulnerability [SUMMARY]", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=91651770130771&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0026.json b/2000/0xxx/CVE-2000-0026.json index fa418a0a86d..527d002e60e 100644 --- a/2000/0xxx/CVE-2000-0026.json +++ b/2000/0xxx/CVE-2000-0026.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0026", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0026", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19991223 FYI, SCO Security patches available.", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=94606167110764&w=2" - }, - { - "name" : "876", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/876" - }, - { - "name" : "6310", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/6310" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "6310", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/6310" + }, + { + "name": "876", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/876" + }, + { + "name": "19991223 FYI, SCO Security patches available.", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=94606167110764&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0033.json b/2000/0xxx/CVE-2000-0033.json index 548f55fa1bd..57f4e30e438 100644 --- a/2000/0xxx/CVE-2000-0033.json +++ b/2000/0xxx/CVE-2000-0033.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0033", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0033", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "899", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/899" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "899", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/899" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0702.json b/2000/0xxx/CVE-2000-0702.json index d353331d1cc..690e7ec2560 100644 --- a/2000/0xxx/CVE-2000-0702.json +++ b/2000/0xxx/CVE-2000-0702.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0702", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0702", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000821 [HackersLab bugpaper] HP-UX net.init rc script", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0261.html" - }, - { - "name" : "1602", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1602" - }, - { - "name" : "hp-netinit-symlink(5131)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5131" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "hp-netinit-symlink(5131)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5131" + }, + { + "name": "1602", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1602" + }, + { + "name": "20000821 [HackersLab bugpaper] HP-UX net.init rc script", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0261.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0761.json b/2000/0xxx/CVE-2000-0761.json index d450a4d20c7..9dbffd90910 100644 --- a/2000/0xxx/CVE-2000-0761.json +++ b/2000/0xxx/CVE-2000-0761.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0761", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0761", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000815 OS/2 Warp 4.5 FTP Server DoS", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-08/0166.html" - }, - { - "name" : "ftp://ftp.software.ibm.com/ps/products/tcpip/fixes/v4.3os2/ic27721/README", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.software.ibm.com/ps/products/tcpip/fixes/v4.3os2/ic27721/README" - }, - { - "name" : "1582", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1582" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ftp://ftp.software.ibm.com/ps/products/tcpip/fixes/v4.3os2/ic27721/README", + "refsource": "CONFIRM", + "url": "ftp://ftp.software.ibm.com/ps/products/tcpip/fixes/v4.3os2/ic27721/README" + }, + { + "name": "1582", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1582" + }, + { + "name": "20000815 OS/2 Warp 4.5 FTP Server DoS", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0166.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0959.json b/2000/0xxx/CVE-2000-0959.json index 641956c1c5e..ec2cdbd7012 100644 --- a/2000/0xxx/CVE-2000-0959.json +++ b/2000/0xxx/CVE-2000-0959.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0959", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0959", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000926 ld.so bug - LD_DEBUG_OUTPUT follows symlinks", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/85028" - }, - { - "name" : "1719", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1719" - }, - { - "name" : "glibc-unset-symlink(5299)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5299" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a program is spawned from a setuid program, which could allow local users to overwrite files via a symlink attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1719", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1719" + }, + { + "name": "glibc-unset-symlink(5299)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5299" + }, + { + "name": "20000926 ld.so bug - LD_DEBUG_OUTPUT follows symlinks", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/85028" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0986.json b/2000/0xxx/CVE-2000-0986.json index b6f30727d41..636384b164e 100644 --- a/2000/0xxx/CVE-2000-0986.json +++ b/2000/0xxx/CVE-2000-0986.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0986", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsping, trcasst, and trcroute possibly allow local users to gain privileges via a long ORACLE_HOME environmental variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0986", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001020 [ Hackerslab bug_paper ] Linux ORACLE 8.1.5 vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0294.html" - }, - { - "name" : "oracle-home-bo(5390)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5390" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsping, trcasst, and trcroute possibly allow local users to gain privileges via a long ORACLE_HOME environmental variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oracle-home-bo(5390)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5390" + }, + { + "name": "20001020 [ Hackerslab bug_paper ] Linux ORACLE 8.1.5 vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0294.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1139.json b/2000/1xxx/CVE-2000-1139.json index 6d2c2616b46..e1ccfff8d65 100644 --- a/2000/1xxx/CVE-2000-1139.json +++ b/2000/1xxx/CVE-2000-1139.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1139", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the \"Exchange User Account\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1139", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS00-088", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-088" - }, - { - "name" : "1958", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1958" - }, - { - "name" : "ms-exchange-username-pwd(5537)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5537" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the \"Exchange User Account\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1958", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1958" + }, + { + "name": "ms-exchange-username-pwd(5537)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5537" + }, + { + "name": "MS00-088", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-088" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1222.json b/2000/1xxx/CVE-2000-1222.json index 157350c498c..7134591bf09 100644 --- a/2000/1xxx/CVE-2000-1222.json +++ b/2000/1xxx/CVE-2000-1222.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1222", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1222", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#17566", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/17566" - }, - { - "name" : "aix-sysback-elevate-privileges(6432)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6432" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "aix-sysback-elevate-privileges(6432)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6432" + }, + { + "name": "VU#17566", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/17566" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2032.json b/2005/2xxx/CVE-2005-2032.json index 68bc088863f..29828cd1f5d 100644 --- a/2005/2xxx/CVE-2005-2032.json +++ b/2005/2xxx/CVE-2005-2032.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2032", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2032", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "101768", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101768-1" - }, - { - "name" : "13968", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/13968" - }, - { - "name" : "1014218", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014218" - }, - { - "name" : "15723", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15723" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in lpadmin on Sun Solaris 7, 8, and 9 allows local users to overwrite arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1014218", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014218" + }, + { + "name": "15723", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15723" + }, + { + "name": "101768", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101768-1" + }, + { + "name": "13968", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/13968" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2685.json b/2005/2xxx/CVE-2005-2685.json index 76adadd5cf9..dcb8a4fd818 100644 --- a/2005/2xxx/CVE-2005-2685.json +++ b/2005/2xxx/CVE-2005-2685.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2685", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via a direct request to admin/PhpMyExplorer/editerfichier.php, then editing the desired file to contain the PHP code, as demonstrated using header.php in the fichier parameter. NOTE: it is possible that this vulnerability stems from PhpMyExplorer, which is a separate package." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2685", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://rgod.altervista.org/save_yourself_from_savewebportal34.html", - "refsource" : "MISC", - "url" : "http://rgod.altervista.org/save_yourself_from_savewebportal34.html" - }, - { - "name" : "16522", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16522" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SaveWebPortal 3.4 allows remote attackers to execute arbitrary PHP code via a direct request to admin/PhpMyExplorer/editerfichier.php, then editing the desired file to contain the PHP code, as demonstrated using header.php in the fichier parameter. NOTE: it is possible that this vulnerability stems from PhpMyExplorer, which is a separate package." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://rgod.altervista.org/save_yourself_from_savewebportal34.html", + "refsource": "MISC", + "url": "http://rgod.altervista.org/save_yourself_from_savewebportal34.html" + }, + { + "name": "16522", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16522" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2870.json b/2005/2xxx/CVE-2005-2870.json index 95b556c77e9..8ff7c57824b 100644 --- a/2005/2xxx/CVE-2005-2870.json +++ b/2005/2xxx/CVE-2005-2870.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2870", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2870", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "101897", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101897-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "101897", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101897-1" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2910.json b/2005/2xxx/CVE-2005-2910.json index 34a33be23f0..1f1fca48d1f 100644 --- a/2005/2xxx/CVE-2005-2910.json +++ b/2005/2xxx/CVE-2005-2910.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2910", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2910", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3285.json b/2005/3xxx/CVE-2005-3285.json index db77617652b..6ddf21e0d0a 100644 --- a/2005/3xxx/CVE-2005-3285.json +++ b/2005/3xxx/CVE-2005-3285.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3285", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in comersus_backoffice_searchItemForm.asp in Comersus BackOffice Plus allows remote attackers to inject arbitrary web script or HTML via the (1) forwardTo1, (2) forwardTo2, (3) nameFT1, or (4) nameFT2 parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3285", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://lostmon.blogspot.com/2005/10/comersus-backoffice-plus-cross-site.html", - "refsource" : "MISC", - "url" : "http://lostmon.blogspot.com/2005/10/comersus-backoffice-plus-cross-site.html" - }, - { - "name" : "15118", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15118" - }, - { - "name" : "20032", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20032" - }, - { - "name" : "1015064", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015064" - }, - { - "name" : "17219", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17219" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in comersus_backoffice_searchItemForm.asp in Comersus BackOffice Plus allows remote attackers to inject arbitrary web script or HTML via the (1) forwardTo1, (2) forwardTo2, (3) nameFT1, or (4) nameFT2 parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20032", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20032" + }, + { + "name": "http://lostmon.blogspot.com/2005/10/comersus-backoffice-plus-cross-site.html", + "refsource": "MISC", + "url": "http://lostmon.blogspot.com/2005/10/comersus-backoffice-plus-cross-site.html" + }, + { + "name": "15118", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15118" + }, + { + "name": "1015064", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015064" + }, + { + "name": "17219", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17219" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3309.json b/2005/3xxx/CVE-2005-3309.json index 7daa6ba7837..c2ce14ba56b 100644 --- a/2005/3xxx/CVE-2005-3309.json +++ b/2005/3xxx/CVE-2005-3309.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3309", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Zomplog 3.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in detail.php and the catid parameter in (2) get.php and (3) index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3309", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20250", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20250" - }, - { - "name" : "20251", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20251" - }, - { - "name" : "20252", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20252" - }, - { - "name" : "1015088", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/alerts/2005/Oct/1015088.html" - }, - { - "name" : "17306", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17306/" - }, - { - "name" : "zomplog-multiple-scripts-sql-injection(22827)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22827" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Zomplog 3.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in detail.php and the catid parameter in (2) get.php and (3) index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20250", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20250" + }, + { + "name": "20252", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20252" + }, + { + "name": "20251", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20251" + }, + { + "name": "1015088", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/alerts/2005/Oct/1015088.html" + }, + { + "name": "17306", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17306/" + }, + { + "name": "zomplog-multiple-scripts-sql-injection(22827)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22827" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3414.json b/2005/3xxx/CVE-2005-3414.json index c125df3246b..1cfd72e3063 100644 --- a/2005/3xxx/CVE-2005-3414.json +++ b/2005/3xxx/CVE-2005-3414.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "eyeOS 0.8.4 stores usrinfo.xml under the web document root with insufficient access control, which allows remote attackers to obtain user credentials." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.thebillygoatcurse.com/advisories/eyeOS_0.8.4_Multiple.pdf", - "refsource" : "MISC", - "url" : "http://www.thebillygoatcurse.com/advisories/eyeOS_0.8.4_Multiple.pdf" - }, - { - "name" : "15256", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15256" - }, - { - "name" : "ADV-2005-2259", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2259" - }, - { - "name" : "20411", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20411" - }, - { - "name" : "17105", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17105" - }, - { - "name" : "eyeos-usrinfo-information-disclosure(22938)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22938" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "eyeOS 0.8.4 stores usrinfo.xml under the web document root with insufficient access control, which allows remote attackers to obtain user credentials." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "eyeos-usrinfo-information-disclosure(22938)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22938" + }, + { + "name": "15256", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15256" + }, + { + "name": "http://www.thebillygoatcurse.com/advisories/eyeOS_0.8.4_Multiple.pdf", + "refsource": "MISC", + "url": "http://www.thebillygoatcurse.com/advisories/eyeOS_0.8.4_Multiple.pdf" + }, + { + "name": "20411", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20411" + }, + { + "name": "17105", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17105" + }, + { + "name": "ADV-2005-2259", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2259" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3507.json b/2005/3xxx/CVE-2005-3507.json index 1d794df93c1..0067a0ff4cd 100644 --- a/2005/3xxx/CVE-2005-3507.json +++ b/2005/3xxx/CVE-2005-3507.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3507", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in CuteNews 1.4.1 allows remote attackers to include arbitrary files, execute code, and gain privileges via \"../\" sequences in the template parameter to (1) show_archives.php and (2) show_news.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3507", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://rgod.altervista.org/cute141.html", - "refsource" : "MISC", - "url" : "http://rgod.altervista.org/cute141.html" - }, - { - "name" : "15295", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15295" - }, - { - "name" : "ADV-2005-2296", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2296" - }, - { - "name" : "20472", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20472" - }, - { - "name" : "20473", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20473" - }, - { - "name" : "20474", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20474" - }, - { - "name" : "17435", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17435" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in CuteNews 1.4.1 allows remote attackers to include arbitrary files, execute code, and gain privileges via \"../\" sequences in the template parameter to (1) show_archives.php and (2) show_news.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20474", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20474" + }, + { + "name": "20473", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20473" + }, + { + "name": "17435", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17435" + }, + { + "name": "20472", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20472" + }, + { + "name": "http://rgod.altervista.org/cute141.html", + "refsource": "MISC", + "url": "http://rgod.altervista.org/cute141.html" + }, + { + "name": "ADV-2005-2296", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2296" + }, + { + "name": "15295", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15295" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3624.json b/2005/3xxx/CVE-2005-3624.json index 0fa9ac6371b..06ccb953568 100644 --- a/2005/3xxx/CVE-2005-3624.json +++ b/2005/3xxx/CVE-2005-3624.json @@ -1,467 +1,467 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3624", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2005-3624", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://scary.beasts.org/security/CESA-2005-003.txt", - "refsource" : "MISC", - "url" : "http://scary.beasts.org/security/CESA-2005-003.txt" - }, - { - "name" : "http://www.kde.org/info/security/advisory-20051207-2.txt", - "refsource" : "CONFIRM", - "url" : "http://www.kde.org/info/security/advisory-20051207-2.txt" - }, - { - "name" : "DSA-931", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-931" - }, - { - "name" : "DSA-932", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-932" - }, - { - "name" : "DSA-937", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-937" - }, - { - "name" : "DSA-938", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-938" - }, - { - "name" : "DSA-940", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-940" - }, - { - "name" : "DSA-936", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-936" - }, - { - "name" : "DSA-950", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-950" - }, - { - "name" : "DSA-961", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-961" - }, - { - "name" : "DSA-962", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-962" - }, - { - "name" : "FLSA:175404", - "refsource" : "FEDORA", - "url" : "http://www.securityfocus.com/archive/1/427990/100/0/threaded" - }, - { - "name" : "FEDORA-2005-025", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" - }, - { - "name" : "FEDORA-2005-026", - "refsource" : "FEDORA", - "url" : "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" - }, - { - "name" : "FLSA-2006:176751", - "refsource" : "FEDORA", - "url" : "http://www.securityfocus.com/archive/1/427053/100/0/threaded" - }, - { - "name" : "GLSA-200601-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" - }, - { - "name" : "GLSA-200601-17", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" - }, - { - "name" : "MDKSA-2006:010", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" - }, - { - "name" : "MDKSA-2006:003", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" - }, - { - "name" : "MDKSA-2006:004", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" - }, - { - "name" : "MDKSA-2006:005", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" - }, - { - "name" : "MDKSA-2006:006", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" - }, - { - "name" : "MDKSA-2006:008", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" - }, - { - "name" : "MDKSA-2006:012", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" - }, - { - "name" : "MDKSA-2006:011", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" - }, - { - "name" : "RHSA-2006:0177", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2006-0177.html" - }, - { - "name" : "RHSA-2006:0160", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0160.html" - }, - { - "name" : "RHSA-2006:0163", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0163.html" - }, - { - "name" : "SCOSA-2006.15", - "refsource" : "SCO", - "url" : "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" - }, - { - "name" : "20051201-01-U", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" - }, - { - "name" : "20060101-01-U", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" - }, - { - "name" : "20060201-01-U", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" - }, - { - "name" : "SSA:2006-045-04", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747" - }, - { - "name" : "SSA:2006-045-09", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683" - }, - { - "name" : "102972", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" - }, - { - "name" : "SUSE-SA:2006:001", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" - }, - { - "name" : "2006-0002", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2006/0002/" - }, - { - "name" : "USN-236-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/236-1/" - }, - { - "name" : "16143", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16143" - }, - { - "name" : "oval:org.mitre.oval:def:9437", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" - }, - { - "name" : "ADV-2006-0047", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/0047" - }, - { - "name" : "ADV-2007-2280", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2280" - }, - { - "name" : "18303", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18303" - }, - { - "name" : "18312", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18312" - }, - { - "name" : "18313", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18313" - }, - { - "name" : "18329", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18329" - }, - { - "name" : "18332", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18332" - }, - { - "name" : "18334", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18334" - }, - { - "name" : "18387", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18387" - }, - { - "name" : "18416", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18416" - }, - { - "name" : "18338", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18338" - }, - { - "name" : "18349", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18349" - }, - { - "name" : "18375", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18375" - }, - { - "name" : "18385", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18385" - }, - { - "name" : "18389", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18389" - }, - { - "name" : "18423", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18423" - }, - { - "name" : "18448", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18448" - }, - { - "name" : "18398", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18398" - }, - { - "name" : "18407", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18407" - }, - { - "name" : "18534", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18534" - }, - { - "name" : "18582", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18582" - }, - { - "name" : "18517", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18517" - }, - { - "name" : "18554", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18554" - }, - { - "name" : "18642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18642" - }, - { - "name" : "18644", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18644" - }, - { - "name" : "18674", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18674" - }, - { - "name" : "18675", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18675" - }, - { - "name" : "18679", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18679" - }, - { - "name" : "18908", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18908" - }, - { - "name" : "18913", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18913" - }, - { - "name" : "19230", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19230" - }, - { - "name" : "19377", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19377" - }, - { - "name" : "18425", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18425" - }, - { - "name" : "18463", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18463" - }, - { - "name" : "18147", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18147" - }, - { - "name" : "18373", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18373" - }, - { - "name" : "18380", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18380" - }, - { - "name" : "18414", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18414" - }, - { - "name" : "18428", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18428" - }, - { - "name" : "18436", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18436" - }, - { - "name" : "25729", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25729" - }, - { - "name" : "xpdf-ccitt-faxstream-bo(24022)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16143", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16143" + }, + { + "name": "DSA-932", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-932" + }, + { + "name": "18349", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18349" + }, + { + "name": "18147", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18147" + }, + { + "name": "SCOSA-2006.15", + "refsource": "SCO", + "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" + }, + { + "name": "http://scary.beasts.org/security/CESA-2005-003.txt", + "refsource": "MISC", + "url": "http://scary.beasts.org/security/CESA-2005-003.txt" + }, + { + "name": "http://www.kde.org/info/security/advisory-20051207-2.txt", + "refsource": "CONFIRM", + "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" + }, + { + "name": "18679", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18679" + }, + { + "name": "18312", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18312" + }, + { + "name": "18644", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18644" + }, + { + "name": "USN-236-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/236-1/" + }, + { + "name": "18425", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18425" + }, + { + "name": "18373", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18373" + }, + { + "name": "18303", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18303" + }, + { + "name": "DSA-931", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-931" + }, + { + "name": "18554", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18554" + }, + { + "name": "MDKSA-2006:003", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" + }, + { + "name": "19230", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19230" + }, + { + "name": "102972", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" + }, + { + "name": "MDKSA-2006:012", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" + }, + { + "name": "DSA-962", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-962" + }, + { + "name": "RHSA-2006:0163", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" + }, + { + "name": "DSA-937", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-937" + }, + { + "name": "18398", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18398" + }, + { + "name": "FLSA-2006:176751", + "refsource": "FEDORA", + "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" + }, + { + "name": "2006-0002", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2006/0002/" + }, + { + "name": "SUSE-SA:2006:001", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" + }, + { + "name": "DSA-936", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-936" + }, + { + "name": "FEDORA-2005-026", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" + }, + { + "name": "18329", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18329" + }, + { + "name": "18463", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18463" + }, + { + "name": "18642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18642" + }, + { + "name": "18674", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18674" + }, + { + "name": "MDKSA-2006:005", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" + }, + { + "name": "18313", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18313" + }, + { + "name": "20051201-01-U", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" + }, + { + "name": "20060101-01-U", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" + }, + { + "name": "18448", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18448" + }, + { + "name": "18436", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18436" + }, + { + "name": "18428", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18428" + }, + { + "name": "18380", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18380" + }, + { + "name": "18423", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18423" + }, + { + "name": "18416", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18416" + }, + { + "name": "RHSA-2006:0177", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" + }, + { + "name": "ADV-2007-2280", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2280" + }, + { + "name": "GLSA-200601-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" + }, + { + "name": "18407", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18407" + }, + { + "name": "18332", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18332" + }, + { + "name": "18517", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18517" + }, + { + "name": "18582", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18582" + }, + { + "name": "18534", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18534" + }, + { + "name": "SSA:2006-045-09", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472683" + }, + { + "name": "18908", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18908" + }, + { + "name": "25729", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25729" + }, + { + "name": "18414", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18414" + }, + { + "name": "MDKSA-2006:006", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" + }, + { + "name": "18338", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18338" + }, + { + "name": "MDKSA-2006:008", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" + }, + { + "name": "20060201-01-U", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" + }, + { + "name": "RHSA-2006:0160", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" + }, + { + "name": "MDKSA-2006:010", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" + }, + { + "name": "DSA-940", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-940" + }, + { + "name": "MDKSA-2006:004", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" + }, + { + "name": "ADV-2006-0047", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/0047" + }, + { + "name": "GLSA-200601-17", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" + }, + { + "name": "xpdf-ccitt-faxstream-bo(24022)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" + }, + { + "name": "18389", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18389" + }, + { + "name": "oval:org.mitre.oval:def:9437", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" + }, + { + "name": "SSA:2006-045-04", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.474747" + }, + { + "name": "19377", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19377" + }, + { + "name": "FEDORA-2005-025", + "refsource": "FEDORA", + "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" + }, + { + "name": "FLSA:175404", + "refsource": "FEDORA", + "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" + }, + { + "name": "DSA-961", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-961" + }, + { + "name": "18675", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18675" + }, + { + "name": "18913", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18913" + }, + { + "name": "DSA-938", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-938" + }, + { + "name": "18334", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18334" + }, + { + "name": "18375", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18375" + }, + { + "name": "DSA-950", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-950" + }, + { + "name": "18387", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18387" + }, + { + "name": "MDKSA-2006:011", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" + }, + { + "name": "18385", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18385" + } + ] + } +} \ No newline at end of file diff --git a/2005/4xxx/CVE-2005-4146.json b/2005/4xxx/CVE-2005-4146.json index c7f6a441e74..e49471a50e6 100644 --- a/2005/4xxx/CVE-2005-4146.json +++ b/2005/4xxx/CVE-2005-4146.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-4146", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lyris ListManager before 8.9b allows remote attackers to obtain sensitive information via a request to the TCLHTTPd status module, which provides sensitive server configuration information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-4146", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051208 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0349.html" - }, - { - "name" : "20051209 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/419077/100/0/threaded" - }, - { - "name" : "http://metasploit.com/research/vulns/lyris_listmanager/", - "refsource" : "MISC", - "url" : "http://metasploit.com/research/vulns/lyris_listmanager/" - }, - { - "name" : "15788", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15788" - }, - { - "name" : "ADV-2005-2820", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2820" - }, - { - "name" : "21550", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/21550" - }, - { - "name" : "17943", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17943" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lyris ListManager before 8.9b allows remote attackers to obtain sensitive information via a request to the TCLHTTPd status module, which provides sensitive server configuration information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "21550", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/21550" + }, + { + "name": "20051209 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/419077/100/0/threaded" + }, + { + "name": "http://metasploit.com/research/vulns/lyris_listmanager/", + "refsource": "MISC", + "url": "http://metasploit.com/research/vulns/lyris_listmanager/" + }, + { + "name": "ADV-2005-2820", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2820" + }, + { + "name": "20051208 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-12/0349.html" + }, + { + "name": "15788", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15788" + }, + { + "name": "17943", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17943" + } + ] + } +} \ No newline at end of file diff --git a/2005/4xxx/CVE-2005-4448.json b/2005/4xxx/CVE-2005-4448.json index 1eb450ab13b..a78983f2e04 100644 --- a/2005/4xxx/CVE-2005-4448.json +++ b/2005/4xxx/CVE-2005-4448.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-4448", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FlatNuke 2.5.6 verifies authentication credentials based on an MD5 checksum of the admin name and the hashed password rather than the plaintext password, which allows attackers to gain privileges by obtaining the password hash (possibly via CVE-2005-2813), then calculating the credentials and including them in the secid cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-4448", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/419107" - }, - { - "name" : "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78&view=markup", - "refsource" : "MISC", - "url" : "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78&view=markup" - }, - { - "name" : "15796", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15796" - }, - { - "name" : "1015339", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015339" - }, - { - "name" : "flatnuke-multiple-obtain-information(22159)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FlatNuke 2.5.6 verifies authentication credentials based on an MD5 checksum of the admin name and the hashed password rather than the plaintext password, which allows attackers to gain privileges by obtaining the password hash (possibly via CVE-2005-2813), then calculating the credentials and including them in the secid cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "flatnuke-multiple-obtain-information(22159)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22159" + }, + { + "name": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78&view=markup", + "refsource": "MISC", + "url": "http://cvs.sourceforge.net/viewcvs.py/flatnuke/flatnuke/Changelog?rev=1.78&view=markup" + }, + { + "name": "15796", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15796" + }, + { + "name": "20051210 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/419107" + }, + { + "name": "1015339", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015339" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2014.json b/2009/2xxx/CVE-2009-2014.json index a0e2210f305..da7d6829fe3 100644 --- a/2009/2xxx/CVE-2009-2014.json +++ b/2009/2xxx/CVE-2009-2014.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2014", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2014", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8891", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8891" - }, - { - "name" : "35257", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35257" - }, - { - "name" : "joomla-comschool-classid-sql-injection(50988)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50988" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the ComSchool (com_school) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the classid parameter in a showclass action to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "8891", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8891" + }, + { + "name": "joomla-comschool-classid-sql-injection(50988)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50988" + }, + { + "name": "35257", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35257" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2209.json b/2009/2xxx/CVE-2009-2209.json index 172bda530b2..2c3682742eb 100644 --- a/2009/2xxx/CVE-2009-2209.json +++ b/2009/2xxx/CVE-2009-2209.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2209", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the key parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2209", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9000", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/9000" - }, - { - "name" : "55325", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/55325" - }, - { - "name" : "ADV-2009-1658", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1658" - }, - { - "name" : "rscms-key-sql-injection(51304)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51304" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in rscms_mod_newsview.php in RS-CMS 2.1 allows remote attackers to execute arbitrary SQL commands via the key parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "9000", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/9000" + }, + { + "name": "rscms-key-sql-injection(51304)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51304" + }, + { + "name": "55325", + "refsource": "OSVDB", + "url": "http://osvdb.org/55325" + }, + { + "name": "ADV-2009-1658", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1658" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2414.json b/2009/2xxx/CVE-2009-2414.json index 4620c492846..6a34a9719e8 100644 --- a/2009/2xxx/CVE-2009-2414.json +++ b/2009/2xxx/CVE-2009-2414.json @@ -1,237 +1,237 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2009-2414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/507985/100/0/threaded" - }, - { - "name" : "[debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion", - "refsource" : "MLIST", - "url" : "http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg678527.html" - }, - { - "name" : "http://www.cert.fi/en/reports/2009/vulnerability2009085.html", - "refsource" : "MISC", - "url" : "http://www.cert.fi/en/reports/2009/vulnerability2009085.html" - }, - { - "name" : "http://www.codenomicon.com/labs/xml/", - "refsource" : "MISC", - "url" : "http://www.codenomicon.com/labs/xml/" - }, - { - "name" : "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html", - "refsource" : "MISC", - "url" : "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=515195", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=515195" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html" - }, - { - "name" : "http://support.apple.com/kb/HT3937", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3937" - }, - { - "name" : "http://support.apple.com/kb/HT3949", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3949" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" - }, - { - "name" : "http://support.apple.com/kb/HT4225", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4225" - }, - { - "name" : "http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html", - "refsource" : "CONFIRM", - "url" : "http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html" - }, - { - "name" : "https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59", - "refsource" : "CONFIRM", - "url" : "https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59" - }, - { - "name" : "APPLE-SA-2009-11-09-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html" - }, - { - "name" : "APPLE-SA-2009-11-11-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html" - }, - { - "name" : "APPLE-SA-2010-06-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" - }, - { - "name" : "DSA-1859", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2009/dsa-1859" - }, - { - "name" : "FEDORA-2009-8491", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html" - }, - { - "name" : "FEDORA-2009-8498", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html" - }, - { - "name" : "FEDORA-2009-8580", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html" - }, - { - "name" : "SUSE-SR:2009:015", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html" - }, - { - "name" : "USN-815-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-815-1" - }, - { - "name" : "36010", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36010" - }, - { - "name" : "oval:org.mitre.oval:def:10129", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10129" - }, - { - "name" : "oval:org.mitre.oval:def:8639", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8639" - }, - { - "name" : "36338", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36338" - }, - { - "name" : "36207", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36207" - }, - { - "name" : "36417", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36417" - }, - { - "name" : "37471", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37471" - }, - { - "name" : "37346", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37346" - }, - { - "name" : "35036", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35036" - }, - { - "name" : "36631", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36631" - }, - { - "name" : "ADV-2009-2420", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2420" - }, - { - "name" : "ADV-2009-3184", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3184" - }, - { - "name" : "ADV-2009-3316", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3316" - }, - { - "name" : "ADV-2009-3217", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3217" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-815-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-815-1" + }, + { + "name": "FEDORA-2009-8491", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00537.html" + }, + { + "name": "36631", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36631" + }, + { + "name": "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html", + "refsource": "MISC", + "url": "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html" + }, + { + "name": "http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html", + "refsource": "CONFIRM", + "url": "http://www.openoffice.org/security/cves/CVE-2009-2414-2416.html" + }, + { + "name": "APPLE-SA-2009-11-11-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00001.html" + }, + { + "name": "ADV-2009-3217", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3217" + }, + { + "name": "37471", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37471" + }, + { + "name": "http://support.apple.com/kb/HT4225", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4225" + }, + { + "name": "ADV-2009-2420", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2420" + }, + { + "name": "FEDORA-2009-8580", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00642.html" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2009-0016.html" + }, + { + "name": "36417", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36417" + }, + { + "name": "http://www.cert.fi/en/reports/2009/vulnerability2009085.html", + "refsource": "MISC", + "url": "http://www.cert.fi/en/reports/2009/vulnerability2009085.html" + }, + { + "name": "http://www.codenomicon.com/labs/xml/", + "refsource": "MISC", + "url": "http://www.codenomicon.com/labs/xml/" + }, + { + "name": "SUSE-SR:2009:015", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html" + }, + { + "name": "http://support.apple.com/kb/HT3949", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3949" + }, + { + "name": "[debian-bugs-dist] 20090810 Bug#540865: libxml2: CVE-2009-2414, CVE-2009-2416 pointer-user-after-free and stack overflow because of function recursion", + "refsource": "MLIST", + "url": "http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg678527.html" + }, + { + "name": "36010", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36010" + }, + { + "name": "http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2009/08/stable-update-security-fixes.html" + }, + { + "name": "20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/507985/100/0/threaded" + }, + { + "name": "https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59", + "refsource": "CONFIRM", + "url": "https://git.gnome.org/browse/libxml2/commit/?id=489f9671e71cc44a97b23111b3126ac8a1e21a59" + }, + { + "name": "35036", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35036" + }, + { + "name": "36338", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36338" + }, + { + "name": "FEDORA-2009-8498", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00547.html" + }, + { + "name": "oval:org.mitre.oval:def:8639", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8639" + }, + { + "name": "oval:org.mitre.oval:def:10129", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10129" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=515195", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=515195" + }, + { + "name": "ADV-2009-3184", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3184" + }, + { + "name": "DSA-1859", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2009/dsa-1859" + }, + { + "name": "APPLE-SA-2009-11-09-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html" + }, + { + "name": "APPLE-SA-2010-06-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010/Jun/msg00003.html" + }, + { + "name": "37346", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37346" + }, + { + "name": "ADV-2009-3316", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3316" + }, + { + "name": "http://support.apple.com/kb/HT3937", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3937" + }, + { + "name": "36207", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36207" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2515.json b/2009/2xxx/CVE-2009-2515.json index f51824da155..31234869bd0 100644 --- a/2009/2xxx/CVE-2009-2515.json +++ b/2009/2xxx/CVE-2009-2515.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2515", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka \"Windows Kernel Integer Underflow Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2009-2515", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS09-058", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-058" - }, - { - "name" : "TA09-286A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" - }, - { - "name" : "oval:org.mitre.oval:def:6506", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6506" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka \"Windows Kernel Integer Underflow Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS09-058", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-058" + }, + { + "name": "TA09-286A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-286A.html" + }, + { + "name": "oval:org.mitre.oval:def:6506", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6506" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2586.json b/2009/2xxx/CVE-2009-2586.json index 2f77abc997b..c720686a750 100644 --- a/2009/2xxx/CVE-2009-2586.json +++ b/2009/2xxx/CVE-2009-2586.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2586", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in articles.php in EDGEPHP EZArticles allows remote attackers to inject arbitrary web script or HTML via the title parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2586", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/0907-exploits/ezarticles-xss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0907-exploits/ezarticles-xss.txt" - }, - { - "name" : "56002", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/56002" - }, - { - "name" : "35924", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35924" - }, - { - "name" : "ezarticles-articles-xss(51858)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51858" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in articles.php in EDGEPHP EZArticles allows remote attackers to inject arbitrary web script or HTML via the title parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "56002", + "refsource": "OSVDB", + "url": "http://osvdb.org/56002" + }, + { + "name": "ezarticles-articles-xss(51858)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51858" + }, + { + "name": "35924", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35924" + }, + { + "name": "http://packetstormsecurity.org/0907-exploits/ezarticles-xss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0907-exploits/ezarticles-xss.txt" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2773.json b/2009/2xxx/CVE-2009-2773.json index e121fda6c71..b5ecd6a64a2 100644 --- a/2009/2xxx/CVE-2009-2773.json +++ b/2009/2xxx/CVE-2009-2773.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2773", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in home.php in PHP Paid 4 Mail Script allows remote attackers to execute arbitrary PHP code via a URL in the page parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2773", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9269", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9269" - }, - { - "name" : "56573", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/56573" - }, - { - "name" : "35972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35972" - }, - { - "name" : "phppaid4mail-home-file-include(52015)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52015" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in home.php in PHP Paid 4 Mail Script allows remote attackers to execute arbitrary PHP code via a URL in the page parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35972" + }, + { + "name": "9269", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9269" + }, + { + "name": "phppaid4mail-home-file-include(52015)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52015" + }, + { + "name": "56573", + "refsource": "OSVDB", + "url": "http://osvdb.org/56573" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3414.json b/2009/3xxx/CVE-2009-3414.json index 6ce4c460bea..08d9cf6b264 100644 --- a/2009/3xxx/CVE-2009-3414.json +++ b/2009/3xxx/CVE-2009-3414.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-3976 and CVE-2009-3413." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2009-3414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html" - }, - { - "name" : "TA10-012A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-012A.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-3976 and CVE-2009-3413." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html" + }, + { + "name": "TA10-012A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-012A.html" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3520.json b/2009/3xxx/CVE-2009-3520.json index da8172a293b..1e5e65486ff 100644 --- a/2009/3xxx/CVE-2009-3520.json +++ b/2009/3xxx/CVE-2009-3520.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3520", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the Your_account module in CMSphp 0.21 allows remote attackers to hijack the authentication of administrators for requests that change an administrator password via the pseudo, pwd, and uid parameters in an admin_info_user_verif action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3520", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/0909-exploits/cmsphp-xsrf.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0909-exploits/cmsphp-xsrf.txt" - }, - { - "name" : "36075", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36075" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the Your_account module in CMSphp 0.21 allows remote attackers to hijack the authentication of administrators for requests that change an administrator password via the pseudo, pwd, and uid parameters in an admin_info_user_verif action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.org/0909-exploits/cmsphp-xsrf.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0909-exploits/cmsphp-xsrf.txt" + }, + { + "name": "36075", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36075" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3705.json b/2009/3xxx/CVE-2009-3705.json index 3c7394de899..72590680ec2 100644 --- a/2009/3xxx/CVE-2009-3705.json +++ b/2009/3xxx/CVE-2009-3705.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3705", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in debugger.php in Achievo before 1.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3705", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/0909-exploits/achievo134-rfi.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0909-exploits/achievo134-rfi.txt" - }, - { - "name" : "http://www.achievo.org/download/releasenotes/1_4_0", - "refsource" : "CONFIRM", - "url" : "http://www.achievo.org/download/releasenotes/1_4_0" - }, - { - "name" : "1023017", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023017" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in debugger.php in Achievo before 1.4.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1023017", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023017" + }, + { + "name": "http://packetstormsecurity.org/0909-exploits/achievo134-rfi.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0909-exploits/achievo134-rfi.txt" + }, + { + "name": "http://www.achievo.org/download/releasenotes/1_4_0", + "refsource": "CONFIRM", + "url": "http://www.achievo.org/download/releasenotes/1_4_0" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3797.json b/2009/3xxx/CVE-2009-3797.json index 3eeb0ae16cc..168fae3d99a 100644 --- a/2009/3xxx/CVE-2009-3797.json +++ b/2009/3xxx/CVE-2009-3797.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3797", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2009-3797", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb09-19.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb09-19.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=543857", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=543857" - }, - { - "name" : "http://support.apple.com/kb/HT4004", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4004" - }, - { - "name" : "APPLE-SA-2010-01-19-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html" - }, - { - "name" : "RHSA-2009:1657", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2009-1657.html" - }, - { - "name" : "1021716", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021716.1-1" - }, - { - "name" : "SUSE-SA:2009:062", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00003.html" - }, - { - "name" : "TA09-343A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-343A.html" - }, - { - "name" : "37199", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37199" - }, - { - "name" : "oval:org.mitre.oval:def:7140", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7140" - }, - { - "name" : "oval:org.mitre.oval:def:8350", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8350" - }, - { - "name" : "oval:org.mitre.oval:def:15795", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15795" - }, - { - "name" : "1023306", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023306" - }, - { - "name" : "1023307", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023307" - }, - { - "name" : "37584", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37584" - }, - { - "name" : "37902", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37902" - }, - { - "name" : "38241", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38241" - }, - { - "name" : "ADV-2009-3456", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3456" - }, - { - "name" : "ADV-2010-0173", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0173" - }, - { - "name" : "flash-air-corruption-code-execution(54633)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54633" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2009:1657", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2009-1657.html" + }, + { + "name": "1023307", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023307" + }, + { + "name": "http://support.apple.com/kb/HT4004", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4004" + }, + { + "name": "1021716", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021716.1-1" + }, + { + "name": "APPLE-SA-2010-01-19-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html" + }, + { + "name": "ADV-2009-3456", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3456" + }, + { + "name": "SUSE-SA:2009:062", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00003.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=543857", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=543857" + }, + { + "name": "flash-air-corruption-code-execution(54633)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54633" + }, + { + "name": "37584", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37584" + }, + { + "name": "37902", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37902" + }, + { + "name": "oval:org.mitre.oval:def:7140", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7140" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb09-19.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb09-19.html" + }, + { + "name": "1023306", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023306" + }, + { + "name": "oval:org.mitre.oval:def:8350", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8350" + }, + { + "name": "TA09-343A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-343A.html" + }, + { + "name": "38241", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38241" + }, + { + "name": "37199", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37199" + }, + { + "name": "oval:org.mitre.oval:def:15795", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15795" + }, + { + "name": "ADV-2010-0173", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0173" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3923.json b/2009/3xxx/CVE-2009-3923.json index fc8b1fd3901..1fc5a2dc6c6 100644 --- a/2009/3xxx/CVE-2009-3923.json +++ b/2009/3xxx/CVE-2009-3923.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3923", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3923", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1", - "refsource" : "CONFIRM", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1" - }, - { - "name" : "268328", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1" - }, - { - "name" : "36917", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36917" - }, - { - "name" : "vdi-authentication-unauth-access(54136)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54136" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "vdi-authentication-unauth-access(54136)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54136" + }, + { + "name": "268328", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1" + }, + { + "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1", + "refsource": "CONFIRM", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1" + }, + { + "name": "36917", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36917" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0598.json b/2015/0xxx/CVE-2015-0598.json index 1759c93da52..05590234e74 100644 --- a/2015/0xxx/CVE-2015-0598.json +++ b/2015/0xxx/CVE-2015-0598.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0598", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The RADIUS implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted IPv6 Attributes in Access-Accept packets, aka Bug IDs CSCur84322 and CSCur27693." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-0598", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150305 Cisco IOS Software and Cisco IOS XE Software Crafted RADIUS Packet Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0598" - }, - { - "name" : "1031842", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031842" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RADIUS implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted IPv6 Attributes in Access-Accept packets, aka Bug IDs CSCur84322 and CSCur27693." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031842", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031842" + }, + { + "name": "20150305 Cisco IOS Software and Cisco IOS XE Software Crafted RADIUS Packet Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0598" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0639.json b/2015/0xxx/CVE-2015-0639.json index ada26f82b7c..708a4c23b09 100644 --- a/2015/0xxx/CVE-2015-0639.json +++ b/2015/0xxx/CVE-2015-0639.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0639", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Common Flow Table (CFT) feature in Cisco IOS XE 3.6 and 3.7 before 3.7.1S, 3.8 before 3.8.0S, 3.9 before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S, when MMON or NBAR is enabled, allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets with IPv4 UDP encapsulation, aka Bug ID CSCua79665." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-0639", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150325 Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe" - }, - { - "name" : "1031981", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031981" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Common Flow Table (CFT) feature in Cisco IOS XE 3.6 and 3.7 before 3.7.1S, 3.8 before 3.8.0S, 3.9 before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0S, 3.13 before 3.13.0S, 3.14 before 3.14.0S, and 3.15 before 3.15.0S, when MMON or NBAR is enabled, allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets with IPv4 UDP encapsulation, aka Bug ID CSCua79665." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031981", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031981" + }, + { + "name": "20150325 Multiple Vulnerabilities in Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-iosxe" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1451.json b/2015/1xxx/CVE-2015-1451.json index de46ba2f5d6..920a53d9403 100644 --- a/2015/1xxx/CVE-2015-1451.json +++ b/2015/1xxx/CVE-2015-1451.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1451", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-1451", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150129 Fortinet FortiOS Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Jan/125" - }, - { - "name" : "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf", - "refsource" : "MISC", - "url" : "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf" - }, - { - "name" : "http://www.fortiguard.com/advisory/FG-IR-15-002/", - "refsource" : "CONFIRM", - "url" : "http://www.fortiguard.com/advisory/FG-IR-15-002/" - }, - { - "name" : "72383", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72383" - }, - { - "name" : "61661", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61661" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457 allow remote authenticated users to inject arbitrary web script or HTML via the (1) WTP Name or (2) WTP Active Software Version field in a CAPWAP Join request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150129 Fortinet FortiOS Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Jan/125" + }, + { + "name": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf", + "refsource": "MISC", + "url": "http://www.security-assessment.com/files/documents/advisory/Fortinet_FortiOS_Multiple_Vulnerabilities.pdf" + }, + { + "name": "http://www.fortiguard.com/advisory/FG-IR-15-002/", + "refsource": "CONFIRM", + "url": "http://www.fortiguard.com/advisory/FG-IR-15-002/" + }, + { + "name": "61661", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61661" + }, + { + "name": "72383", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72383" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1470.json b/2015/1xxx/CVE-2015-1470.json index bc71247faeb..66e438118ad 100644 --- a/2015/1xxx/CVE-2015-1470.json +++ b/2015/1xxx/CVE-2015-1470.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1470", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-1470", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1657.json b/2015/1xxx/CVE-2015-1657.json index a263236d01b..835d8fbc019 100644 --- a/2015/1xxx/CVE-2015-1657.json +++ b/2015/1xxx/CVE-2015-1657.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1657", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-1657", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-032", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-032" - }, - { - "name" : "1032108", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032108" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032108", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032108" + }, + { + "name": "MS15-032", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-032" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1788.json b/2015/1xxx/CVE-2015-1788.json index a0649a55df5..0e01cc65f95 100644 --- a/2015/1xxx/CVE-2015-1788.json +++ b/2015/1xxx/CVE-2015-1788.json @@ -1,287 +1,287 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1788", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-1788", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/openssl/openssl/commit/4924b37ee01f71ae19c94a8934b80eeb2f677932", - "refsource" : "CONFIRM", - "url" : "https://github.com/openssl/openssl/commit/4924b37ee01f71ae19c94a8934b80eeb2f677932" - }, - { - "name" : "https://www.openssl.org/news/secadv_20150611.txt", - "refsource" : "CONFIRM", - "url" : "https://www.openssl.org/news/secadv_20150611.txt" - }, - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery", - "refsource" : "CONFIRM", - "url" : "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery" - }, - { - "name" : "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015", - "refsource" : "CONFIRM", - "url" : "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015" - }, - { - "name" : "https://openssl.org/news/secadv/20150611.txt", - "refsource" : "CONFIRM", - "url" : "https://openssl.org/news/secadv/20150611.txt" - }, - { - "name" : "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015", - "refsource" : "CONFIRM", - "url" : "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015" - }, - { - "name" : "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015", - "refsource" : "CONFIRM", - "url" : "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015" - }, - { - "name" : "https://bto.bluecoat.com/security-advisory/sa98", - "refsource" : "CONFIRM", - "url" : "https://bto.bluecoat.com/security-advisory/sa98" - }, - { - "name" : "http://www-304.ibm.com/support/docview.wss?uid=swg21960041", - "refsource" : "CONFIRM", - "url" : "http://www-304.ibm.com/support/docview.wss?uid=swg21960041" - }, - { - "name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10122", - "refsource" : "CONFIRM", - "url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10122" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" - }, - { - "name" : "https://support.citrix.com/article/CTX216642", - "refsource" : "CONFIRM", - "url" : "https://support.citrix.com/article/CTX216642" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl" - }, - { - "name" : "DSA-3287", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3287" - }, - { - "name" : "GLSA-201506-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201506-02" - }, - { - "name" : "HPSBUX03388", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=143880121627664&w=2" - }, - { - "name" : "SSRT102180", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=143880121627664&w=2" - }, - { - "name" : "HPSBMU03409", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=144050155601375&w=2" - }, - { - "name" : "NetBSD-SA2015-008", - "refsource" : "NETBSD", - "url" : "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc" - }, - { - "name" : "openSUSE-SU-2016:0640", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" - }, - { - "name" : "openSUSE-SU-2015:1277", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html" - }, - { - "name" : "SUSE-SU-2015:1143", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html" - }, - { - "name" : "SUSE-SU-2015:1150", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html" - }, - { - "name" : "SUSE-SU-2015:1181", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html" - }, - { - "name" : "SUSE-SU-2015:1182", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html" - }, - { - "name" : "SUSE-SU-2015:1184", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html" - }, - { - "name" : "openSUSE-SU-2015:1139", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html" - }, - { - "name" : "SUSE-SU-2015:1185", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html" - }, - { - "name" : "USN-2639-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2639-1" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "75158", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75158" - }, - { - "name" : "1032564", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032564" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:1184", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html" + }, + { + "name": "SSRT102180", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2" + }, + { + "name": "DSA-3287", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3287" + }, + { + "name": "SUSE-SU-2015:1150", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html" + }, + { + "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122", + "refsource": "CONFIRM", + "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122" + }, + { + "name": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015", + "refsource": "CONFIRM", + "url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015" + }, + { + "name": "HPSBMU03409", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2" + }, + { + "name": "75158", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75158" + }, + { + "name": "https://openssl.org/news/secadv/20150611.txt", + "refsource": "CONFIRM", + "url": "https://openssl.org/news/secadv/20150611.txt" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "SUSE-SU-2015:1182", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" + }, + { + "name": "SUSE-SU-2015:1143", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html" + }, + { + "name": "openSUSE-SU-2016:0640", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "1032564", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032564" + }, + { + "name": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041", + "refsource": "CONFIRM", + "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" + }, + { + "name": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015", + "refsource": "CONFIRM", + "url": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" + }, + { + "name": "20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl" + }, + { + "name": "openSUSE-SU-2015:1277", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html" + }, + { + "name": "SUSE-SU-2015:1181", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html" + }, + { + "name": "https://github.com/openssl/openssl/commit/4924b37ee01f71ae19c94a8934b80eeb2f677932", + "refsource": "CONFIRM", + "url": "https://github.com/openssl/openssl/commit/4924b37ee01f71ae19c94a8934b80eeb2f677932" + }, + { + "name": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery", + "refsource": "CONFIRM", + "url": "http://fortiguard.com/advisory/2015-07-09-cve-2015-1793-openssl-alternative-chains-certificate-forgery" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "USN-2639-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2639-1" + }, + { + "name": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015", + "refsource": "CONFIRM", + "url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015" + }, + { + "name": "GLSA-201506-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201506-02" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "HPSBUX03388", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html" + }, + { + "name": "https://support.citrix.com/article/CTX216642", + "refsource": "CONFIRM", + "url": "https://support.citrix.com/article/CTX216642" + }, + { + "name": "SUSE-SU-2015:1185", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694" + }, + { + "name": "openSUSE-SU-2015:1139", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html" + }, + { + "name": "https://bto.bluecoat.com/security-advisory/sa98", + "refsource": "CONFIRM", + "url": "https://bto.bluecoat.com/security-advisory/sa98" + }, + { + "name": "NetBSD-SA2015-008", + "refsource": "NETBSD", + "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc" + }, + { + "name": "https://www.openssl.org/news/secadv_20150611.txt", + "refsource": "CONFIRM", + "url": "https://www.openssl.org/news/secadv_20150611.txt" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4054.json b/2015/4xxx/CVE-2015-4054.json index 010975d471d..e2328a853d5 100644 --- a/2015/4xxx/CVE-2015-4054.json +++ b/2015/4xxx/CVE-2015-4054.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4054", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a password packet before a startup packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2015-4054", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150522 Re: CVE Request: pgbouncer: DoS/remote crash: invalid packet order causes lookup of NULL pointer", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/05/22/5" - }, - { - "name" : "https://github.com/pgbouncer/pgbouncer/commit/74d6e5f7de5ec736f71204b7b422af7380c19ac5", - "refsource" : "CONFIRM", - "url" : "https://github.com/pgbouncer/pgbouncer/commit/74d6e5f7de5ec736f71204b7b422af7380c19ac5" - }, - { - "name" : "https://github.com/pgbouncer/pgbouncer/commit/edab5be6665b9e8de66c25ba527509b229468573", - "refsource" : "CONFIRM", - "url" : "https://github.com/pgbouncer/pgbouncer/commit/edab5be6665b9e8de66c25ba527509b229468573" - }, - { - "name" : "https://github.com/pgbouncer/pgbouncer/issues/42", - "refsource" : "CONFIRM", - "url" : "https://github.com/pgbouncer/pgbouncer/issues/42" - }, - { - "name" : "https://pgbouncer.github.io/changelog.html#pgbouncer-15x", - "refsource" : "CONFIRM", - "url" : "https://pgbouncer.github.io/changelog.html#pgbouncer-15x" - }, - { - "name" : "GLSA-201701-24", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-24" - }, - { - "name" : "74751", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74751" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a password packet before a startup packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/pgbouncer/pgbouncer/commit/edab5be6665b9e8de66c25ba527509b229468573", + "refsource": "CONFIRM", + "url": "https://github.com/pgbouncer/pgbouncer/commit/edab5be6665b9e8de66c25ba527509b229468573" + }, + { + "name": "https://github.com/pgbouncer/pgbouncer/commit/74d6e5f7de5ec736f71204b7b422af7380c19ac5", + "refsource": "CONFIRM", + "url": "https://github.com/pgbouncer/pgbouncer/commit/74d6e5f7de5ec736f71204b7b422af7380c19ac5" + }, + { + "name": "https://pgbouncer.github.io/changelog.html#pgbouncer-15x", + "refsource": "CONFIRM", + "url": "https://pgbouncer.github.io/changelog.html#pgbouncer-15x" + }, + { + "name": "74751", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74751" + }, + { + "name": "https://github.com/pgbouncer/pgbouncer/issues/42", + "refsource": "CONFIRM", + "url": "https://github.com/pgbouncer/pgbouncer/issues/42" + }, + { + "name": "[oss-security] 20150522 Re: CVE Request: pgbouncer: DoS/remote crash: invalid packet order causes lookup of NULL pointer", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/05/22/5" + }, + { + "name": "GLSA-201701-24", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-24" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4207.json b/2015/4xxx/CVE-2015-4207.json index 78da8c18c23..b48dd9c24e2 100644 --- a/2015/4xxx/CVE-2015-4207.json +++ b/2015/4xxx/CVE-2015-4207.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4207", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco WebEx Meeting Center places a meeting's access number in a URL, which allows remote attackers to obtain sensitive information and bypass intended attendance restrictions by visiting a meeting-registration page, aka Bug ID CSCus62147." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4207", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150622 Cisco WebEx Meetings Meeting Access Number Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39457" - }, - { - "name" : "75350", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75350" - }, - { - "name" : "1032705", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032705" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco WebEx Meeting Center places a meeting's access number in a URL, which allows remote attackers to obtain sensitive information and bypass intended attendance restrictions by visiting a meeting-registration page, aka Bug ID CSCus62147." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "75350", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75350" + }, + { + "name": "20150622 Cisco WebEx Meetings Meeting Access Number Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39457" + }, + { + "name": "1032705", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032705" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4369.json b/2015/4xxx/CVE-2015-4369.json index 7e8d6e0bedf..2de74048d53 100644 --- a/2015/4xxx/CVE-2015-4369.json +++ b/2015/4xxx/CVE-2015-4369.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4369", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the \"Administer Trick Question\" permission to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4369", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/04/25/6" - }, - { - "name" : "https://www.drupal.org/node/2446065", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2446065" - }, - { - "name" : "https://www.drupal.org/node/2373143", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2373143" - }, - { - "name" : "https://www.drupal.org/node/2373147", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2373147" - }, - { - "name" : "72946", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72946" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the \"Administer Trick Question\" permission to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2446065", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2446065" + }, + { + "name": "[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/04/25/6" + }, + { + "name": "72946", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72946" + }, + { + "name": "https://www.drupal.org/node/2373147", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2373147" + }, + { + "name": "https://www.drupal.org/node/2373143", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2373143" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4640.json b/2015/4xxx/CVE-2015-4640.json index 7bed91ec106..c2f562e01bf 100644 --- a/2015/4xxx/CVE-2015-4640.json +++ b/2015/4xxx/CVE-2015-4640.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4640", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net server, which allows man-in-the-middle attackers to write to language-pack files by modifying an HTTP response. NOTE: CVE-2015-4640 exploitation can be combined with CVE-2015-4641 exploitation for man-in-the-middle code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4640", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arstechnica.com/security/2015/06/new-exploit-turns-samsung-galaxy-phones-into-remote-bugging-devices/", - "refsource" : "MISC", - "url" : "http://arstechnica.com/security/2015/06/new-exploit-turns-samsung-galaxy-phones-into-remote-bugging-devices/" - }, - { - "name" : "https://github.com/nowsecure/samsung-ime-rce-poc/", - "refsource" : "MISC", - "url" : "https://github.com/nowsecure/samsung-ime-rce-poc/" - }, - { - "name" : "https://www.nowsecure.com/blog/2015/06/16/remote-code-execution-as-system-user-on-samsung-phones/", - "refsource" : "MISC", - "url" : "https://www.nowsecure.com/blog/2015/06/16/remote-code-execution-as-system-user-on-samsung-phones/" - }, - { - "name" : "https://www.nowsecure.com/keyboard-vulnerability/", - "refsource" : "MISC", - "url" : "https://www.nowsecure.com/keyboard-vulnerability/" - }, - { - "name" : "VU#155412", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/155412" - }, - { - "name" : "75347", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75347" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices relies on an HTTP connection to the skslm.swiftkey.net server, which allows man-in-the-middle attackers to write to language-pack files by modifying an HTTP response. NOTE: CVE-2015-4640 exploitation can be combined with CVE-2015-4641 exploitation for man-in-the-middle code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.nowsecure.com/keyboard-vulnerability/", + "refsource": "MISC", + "url": "https://www.nowsecure.com/keyboard-vulnerability/" + }, + { + "name": "https://www.nowsecure.com/blog/2015/06/16/remote-code-execution-as-system-user-on-samsung-phones/", + "refsource": "MISC", + "url": "https://www.nowsecure.com/blog/2015/06/16/remote-code-execution-as-system-user-on-samsung-phones/" + }, + { + "name": "https://github.com/nowsecure/samsung-ime-rce-poc/", + "refsource": "MISC", + "url": "https://github.com/nowsecure/samsung-ime-rce-poc/" + }, + { + "name": "75347", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75347" + }, + { + "name": "http://arstechnica.com/security/2015/06/new-exploit-turns-samsung-galaxy-phones-into-remote-bugging-devices/", + "refsource": "MISC", + "url": "http://arstechnica.com/security/2015/06/new-exploit-turns-samsung-galaxy-phones-into-remote-bugging-devices/" + }, + { + "name": "VU#155412", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/155412" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4992.json b/2015/4xxx/CVE-2015-4992.json index 415c374fca6..b540e39ef40 100644 --- a/2015/4xxx/CVE-2015-4992.json +++ b/2015/4xxx/CVE-2015-4992.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4992", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-4992", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21965734", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21965734" - }, - { - "name" : "IT10723", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IT10723" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21965734", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21965734" + }, + { + "name": "IT10723", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT10723" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8088.json b/2015/8xxx/CVE-2015-8088.json index 76e669f6c42..f367d747c9c 100644 --- a/2015/8xxx/CVE-2015-8088.json +++ b/2015/8xxx/CVE-2015-8088.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8088", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8088", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/hw-460347", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/hw-460347" - }, - { - "name" : "77560", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77560" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "77560", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77560" + }, + { + "name": "http://www.huawei.com/en/psirt/security-advisories/hw-460347", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/hw-460347" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8396.json b/2015/8xxx/CVE-2015-8396.json index 2232a3a9f70..1c3f65131c3 100644 --- a/2015/8xxx/CVE-2015-8396.json +++ b/2015/8xxx/CVE-2015-8396.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8396", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160111 CVE-2015-8396: GDCM buffer overflow in ImageRegionReader::ReadIntoBuffer", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537264/100/0/threaded" - }, - { - "name" : "39229", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39229/" - }, - { - "name" : "20160111 CVE-2015-8396: GDCM buffer overflow in ImageRegionReader::ReadIntoBuffer", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jan/29" - }, - { - "name" : "[gdcm-developers] 20151204 [Gdcm2] GDCM <2.6.1 two vulnerabilites", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/p/gdcm/mailman/message/34670701/" - }, - { - "name" : "[gdcm-developers] 20151221 Re: [Gdcm2] GDCM <2.6.1 two vulnerabilites", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/p/gdcm/mailman/message/34687533/" - }, - { - "name" : "http://census-labs.com/news/2016/01/11/gdcm-buffer-overflow-imageregionreaderreadintobuffer/", - "refsource" : "MISC", - "url" : "http://census-labs.com/news/2016/01/11/gdcm-buffer-overflow-imageregionreaderreadintobuffer/" - }, - { - "name" : "http://packetstormsecurity.com/files/135205/GDCM-2.6.0-2.6.1-Integer-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135205/GDCM-2.6.0-2.6.1-Integer-Overflow.html" - }, - { - "name" : "http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160111 CVE-2015-8396: GDCM buffer overflow in ImageRegionReader::ReadIntoBuffer", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537264/100/0/threaded" + }, + { + "name": "[gdcm-developers] 20151204 [Gdcm2] GDCM <2.6.1 two vulnerabilites", + "refsource": "MLIST", + "url": "http://sourceforge.net/p/gdcm/mailman/message/34670701/" + }, + { + "name": "39229", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39229/" + }, + { + "name": "http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/p/gdcm/gdcm/ci/e547b1ded3fd21e0b0ad149f13045aa12d4b9b7c/" + }, + { + "name": "[gdcm-developers] 20151221 Re: [Gdcm2] GDCM <2.6.1 two vulnerabilites", + "refsource": "MLIST", + "url": "http://sourceforge.net/p/gdcm/mailman/message/34687533/" + }, + { + "name": "http://census-labs.com/news/2016/01/11/gdcm-buffer-overflow-imageregionreaderreadintobuffer/", + "refsource": "MISC", + "url": "http://census-labs.com/news/2016/01/11/gdcm-buffer-overflow-imageregionreaderreadintobuffer/" + }, + { + "name": "20160111 CVE-2015-8396: GDCM buffer overflow in ImageRegionReader::ReadIntoBuffer", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jan/29" + }, + { + "name": "http://packetstormsecurity.com/files/135205/GDCM-2.6.0-2.6.1-Integer-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135205/GDCM-2.6.0-2.6.1-Integer-Overflow.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9198.json b/2015/9xxx/CVE-2015-9198.json index b691c25b5a2..0efebcb8bdc 100644 --- a/2015/9xxx/CVE-2015-9198.json +++ b/2015/9xxx/CVE-2015-9198.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9198", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer underflow vulnerability in function qsee_register_log_buff may lead to arbitrary writing of secure memory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Possible Integer underflow in QTEE" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9198", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer underflow vulnerability in function qsee_register_log_buff may lead to arbitrary writing of secure memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Possible Integer underflow in QTEE" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2018/3xxx/CVE-2018-3402.json b/2018/3xxx/CVE-2018-3402.json index 71e78d1e607..a61e916c84e 100644 --- a/2018/3xxx/CVE-2018-3402.json +++ b/2018/3xxx/CVE-2018-3402.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-3402", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-3402", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6016.json b/2018/6xxx/CVE-2018-6016.json index 32866304896..d202a500e57 100644 --- a/2018/6xxx/CVE-2018-6016.json +++ b/2018/6xxx/CVE-2018-6016.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6016", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unquoted Windows search path vulnerability in the srvInventoryWebServer service in 10-Strike Network Monitor 5.4 allows local users to gain privileges via a malicious artefact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6016", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20180309 10-Strike Network Monitor 5.4 - Unquoted Service Path", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2018/Mar/21" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unquoted Windows search path vulnerability in the srvInventoryWebServer service in 10-Strike Network Monitor 5.4 allows local users to gain privileges via a malicious artefact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20180309 10-Strike Network Monitor 5.4 - Unquoted Service Path", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2018/Mar/21" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6360.json b/2018/6xxx/CVE-2018-6360.json index 8d8283c4da3..d6c835134fa 100644 --- a/2018/6xxx/CVE-2018-6360.json +++ b/2018/6xxx/CVE-2018-6360.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6360", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdl_hook.lua. For example, an av://lavfi:ladspa=file= URL signifies that the product should call dlopen on a shared object file located at an arbitrary local pathname. The issue exists because the product does not consider that youtube-dl can provide a potentially unsafe URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6360", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43", - "refsource" : "MISC", - "url" : "https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43" - }, - { - "name" : "https://github.com/mpv-player/mpv/issues/5456", - "refsource" : "MISC", - "url" : "https://github.com/mpv-player/mpv/issues/5456" - }, - { - "name" : "DSA-4105", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2018/dsa-4105" - }, - { - "name" : "GLSA-201805-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201805-05" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdl_hook.lua. For example, an av://lavfi:ladspa=file= URL signifies that the product should call dlopen on a shared object file located at an arbitrary local pathname. The issue exists because the product does not consider that youtube-dl can provide a potentially unsafe URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43", + "refsource": "MISC", + "url": "https://github.com/mpv-player/mpv/commit/e6e6b0dcc7e9b0dbf35154a179b3dc1fcfcaff43" + }, + { + "name": "GLSA-201805-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201805-05" + }, + { + "name": "https://github.com/mpv-player/mpv/issues/5456", + "refsource": "MISC", + "url": "https://github.com/mpv-player/mpv/issues/5456" + }, + { + "name": "DSA-4105", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4105" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6573.json b/2018/6xxx/CVE-2018-6573.json index 9787d46da3b..2f1188dc349 100644 --- a/2018/6xxx/CVE-2018-6573.json +++ b/2018/6xxx/CVE-2018-6573.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6573", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6573", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6814.json b/2018/6xxx/CVE-2018-6814.json index cc845745e71..646e1788cb2 100644 --- a/2018/6xxx/CVE-2018-6814.json +++ b/2018/6xxx/CVE-2018-6814.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6814", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6814", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7449.json b/2018/7xxx/CVE-2018-7449.json index 2f157530259..29ecd269fbb 100644 --- a/2018/7xxx/CVE-2018-7449.json +++ b/2018/7xxx/CVE-2018-7449.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7449", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SEGGER FTP Server for Windows before 3.22a allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7449", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44221", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44221/" - }, - { - "name" : "http://hyp3rlinx.altervista.org/advisories/SEGGER-embOS-FTP-SERVER-v3.22-FTP-COMMANDS-DENIAL-OF-SERVICE.txt", - "refsource" : "MISC", - "url" : "http://hyp3rlinx.altervista.org/advisories/SEGGER-embOS-FTP-SERVER-v3.22-FTP-COMMANDS-DENIAL-OF-SERVICE.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SEGGER FTP Server for Windows before 3.22a allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "44221", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44221/" + }, + { + "name": "http://hyp3rlinx.altervista.org/advisories/SEGGER-embOS-FTP-SERVER-v3.22-FTP-COMMANDS-DENIAL-OF-SERVICE.txt", + "refsource": "MISC", + "url": "http://hyp3rlinx.altervista.org/advisories/SEGGER-embOS-FTP-SERVER-v3.22-FTP-COMMANDS-DENIAL-OF-SERVICE.txt" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7764.json b/2018/7xxx/CVE-2018-7764.json index 06af8843a5e..16ed2c3f81c 100644 --- a/2018/7xxx/CVE-2018-7764.json +++ b/2018/7xxx/CVE-2018-7764.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cybersecurity@se.com", - "DATE_PUBLIC" : "2018-04-05T00:00:00", - "ID" : "CVE-2018-7764", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "U.Motion", - "version" : { - "version_data" : [ - { - "version_value" : "U.motion Builder Software, all versions prior to v1.3.4" - } - ] - } - } - ] - }, - "vendor_name" : "Schneider Electric SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. There is a directory traversal vulnerability in the processing of the 's' parameter of the applet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Directory Traversal Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "cybersecurity@schneider-electric.com", + "DATE_PUBLIC": "2018-04-05T00:00:00", + "ID": "CVE-2018-7764", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "U.Motion", + "version": { + "version_data": [ + { + "version_value": "U.motion Builder Software, all versions prior to v1.3.4" + } + ] + } + } + ] + }, + "vendor_name": "Schneider Electric SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/", - "refsource" : "CONFIRM", - "url" : "https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. There is a directory traversal vulnerability in the processing of the 's' parameter of the applet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Directory Traversal Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/", + "refsource": "CONFIRM", + "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-095-01/" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5116.json b/2019/5xxx/CVE-2019-5116.json index 3eac3061b36..6af5e9b9484 100644 --- a/2019/5xxx/CVE-2019-5116.json +++ b/2019/5xxx/CVE-2019-5116.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5116", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5116", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5624.json b/2019/5xxx/CVE-2019-5624.json index ab49eb016c5..7fd3f6d0e59 100644 --- a/2019/5xxx/CVE-2019-5624.json +++ b/2019/5xxx/CVE-2019-5624.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5624", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5624", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file