diff --git a/2007/0xxx/CVE-2007-0347.json b/2007/0xxx/CVE-2007-0347.json index 65391964c78..a3dc9041e7c 100644 --- a/2007/0xxx/CVE-2007-0347.json +++ b/2007/0xxx/CVE-2007-0347.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0347", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The is_eow function in format.c in CVSTrac before 2.0.1 does not properly check for the \"'\" (quote) character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service (database error) via a ' character in certain messages, tickets, or Wiki entries." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0347", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070129 CVSTrac 2.0.0 Denial of Service (DoS) vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458455/100/0/threaded" - }, - { - "name" : "20070129 CVSTrac 2.0.0 Denial of Service (DoS) vulnerability", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/052058.html" - }, - { - "name" : "http://www.cvstrac.org/cvstrac/tktview?tn=683", - "refsource" : "MISC", - "url" : "http://www.cvstrac.org/cvstrac/tktview?tn=683" - }, - { - "name" : "http://www.cvstrac.org/cvstrac/chngview?cn=850", - "refsource" : "CONFIRM", - "url" : "http://www.cvstrac.org/cvstrac/chngview?cn=850" - }, - { - "name" : "OpenPKG-SA-2007.008", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.008.html" - }, - { - "name" : "22296", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22296" - }, - { - "name" : "ADV-2007-0398", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0398" - }, - { - "name" : "31935", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31935" - }, - { - "name" : "23940", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23940" - }, - { - "name" : "2192", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2192" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The is_eow function in format.c in CVSTrac before 2.0.1 does not properly check for the \"'\" (quote) character, which allows remote authenticated users to execute limited SQL injection attacks and cause a denial of service (database error) via a ' character in certain messages, tickets, or Wiki entries." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0398", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0398" + }, + { + "name": "2192", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2192" + }, + { + "name": "31935", + "refsource": "OSVDB", + "url": "http://osvdb.org/31935" + }, + { + "name": "20070129 CVSTrac 2.0.0 Denial of Service (DoS) vulnerability", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/052058.html" + }, + { + "name": "20070129 CVSTrac 2.0.0 Denial of Service (DoS) vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458455/100/0/threaded" + }, + { + "name": "http://www.cvstrac.org/cvstrac/chngview?cn=850", + "refsource": "CONFIRM", + "url": "http://www.cvstrac.org/cvstrac/chngview?cn=850" + }, + { + "name": "22296", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22296" + }, + { + "name": "OpenPKG-SA-2007.008", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.008.html" + }, + { + "name": "23940", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23940" + }, + { + "name": "http://www.cvstrac.org/cvstrac/tktview?tn=683", + "refsource": "MISC", + "url": "http://www.cvstrac.org/cvstrac/tktview?tn=683" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0902.json b/2007/0xxx/CVE-2007-0902.json index d382b48469f..22c203d7251 100644 --- a/2007/0xxx/CVE-2007-0902.json +++ b/2007/0xxx/CVE-2007-0902.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0902", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the \"Show debugging information\" feature in MoinMoin 1.5.7 allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0902", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "USN-423-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-423-1" - }, - { - "name" : "22515", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22515" - }, - { - "name" : "33173", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33173" - }, - { - "name" : "24138", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24138" - }, - { - "name" : "24244", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24244" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the \"Show debugging information\" feature in MoinMoin 1.5.7 allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24138", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24138" + }, + { + "name": "USN-423-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-423-1" + }, + { + "name": "33173", + "refsource": "OSVDB", + "url": "http://osvdb.org/33173" + }, + { + "name": "22515", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22515" + }, + { + "name": "24244", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24244" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0908.json b/2007/0xxx/CVE-2007-0908.json index 2b87487690c..59483944b58 100644 --- a/2007/0xxx/CVE-2007-0908.json +++ b/2007/0xxx/CVE-2007-0908.json @@ -1,272 +1,272 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0908", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0908", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461462/100/0/threaded" - }, - { - "name" : "http://www.php-security.org/MOPB/MOPB-11-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-11-2007.html" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.1", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.1" - }, - { - "name" : "http://www.php.net/releases/5_2_1.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_1.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1088", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1088" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm" - }, - { - "name" : "DSA-1264", - "refsource" : "DEBIAN", - "url" : "http://www.us.debian.org/security/2007/dsa-1264" - }, - { - "name" : "GLSA-200703-21", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-21.xml" - }, - { - "name" : "MDKSA-2007:048", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048" - }, - { - "name" : "OpenPKG-SA-2007.010", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html" - }, - { - "name" : "RHSA-2007:0076", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0076.html" - }, - { - "name" : "RHSA-2007:0081", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0081.html" - }, - { - "name" : "RHSA-2007:0089", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0089.html" - }, - { - "name" : "RHSA-2007:0088", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0088.html" - }, - { - "name" : "RHSA-2007:0082", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0082.html" - }, - { - "name" : "20070201-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc" - }, - { - "name" : "SUSE-SA:2007:020", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html" - }, - { - "name" : "2007-0009", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0009/" - }, - { - "name" : "USN-424-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-424-1" - }, - { - "name" : "USN-424-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-424-2" - }, - { - "name" : "22496", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22496" - }, - { - "name" : "22806", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22806" - }, - { - "name" : "oval:org.mitre.oval:def:11185", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11185" - }, - { - "name" : "ADV-2007-0546", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0546" - }, - { - "name" : "32766", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32766" - }, - { - "name" : "1017671", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017671" - }, - { - "name" : "24089", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24089" - }, - { - "name" : "24195", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24195" - }, - { - "name" : "24217", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24217" - }, - { - "name" : "24248", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24248" - }, - { - "name" : "24236", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24236" - }, - { - "name" : "24295", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24295" - }, - { - "name" : "24322", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24322" - }, - { - "name" : "24432", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24432" - }, - { - "name" : "24421", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24421" - }, - { - "name" : "24514", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24514" - }, - { - "name" : "24606", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24606" - }, - { - "name" : "24642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24642" - }, - { - "name" : "24284", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24284" - }, - { - "name" : "24419", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24419" - }, - { - "name" : "2321", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2321" - }, - { - "name" : "php-wddx-information-disclosure(32493)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32493" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element that contains a variable with a string name before a numerical variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-1264", + "refsource": "DEBIAN", + "url": "http://www.us.debian.org/security/2007/dsa-1264" + }, + { + "name": "24295", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24295" + }, + { + "name": "2007-0009", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0009/" + }, + { + "name": "OpenPKG-SA-2007.010", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html" + }, + { + "name": "24195", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24195" + }, + { + "name": "1017671", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017671" + }, + { + "name": "24606", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24606" + }, + { + "name": "24642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24642" + }, + { + "name": "24217", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24217" + }, + { + "name": "32766", + "refsource": "OSVDB", + "url": "http://osvdb.org/32766" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm" + }, + { + "name": "24248", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24248" + }, + { + "name": "php-wddx-information-disclosure(32493)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32493" + }, + { + "name": "24514", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24514" + }, + { + "name": "22496", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22496" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1088", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1088" + }, + { + "name": "24284", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24284" + }, + { + "name": "USN-424-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-424-2" + }, + { + "name": "http://www.php.net/releases/5_2_1.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_1.php" + }, + { + "name": "GLSA-200703-21", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-21.xml" + }, + { + "name": "oval:org.mitre.oval:def:11185", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11185" + }, + { + "name": "24432", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24432" + }, + { + "name": "24421", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24421" + }, + { + "name": "24089", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24089" + }, + { + "name": "SUSE-SA:2007:020", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html" + }, + { + "name": "2321", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2321" + }, + { + "name": "RHSA-2007:0076", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0076.html" + }, + { + "name": "24419", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24419" + }, + { + "name": "RHSA-2007:0089", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0089.html" + }, + { + "name": "RHSA-2007:0088", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0088.html" + }, + { + "name": "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461462/100/0/threaded" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm" + }, + { + "name": "RHSA-2007:0082", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html" + }, + { + "name": "22806", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22806" + }, + { + "name": "20070201-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc" + }, + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.1", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.1" + }, + { + "name": "MDKSA-2007:048", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-11-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-11-2007.html" + }, + { + "name": "USN-424-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-424-1" + }, + { + "name": "RHSA-2007:0081", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0081.html" + }, + { + "name": "24322", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24322" + }, + { + "name": "24236", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24236" + }, + { + "name": "ADV-2007-0546", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0546" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0910.json b/2007/0xxx/CVE-2007-0910.json index 83b05b12920..6a866ef62b7 100644 --- a/2007/0xxx/CVE-2007-0910.json +++ b/2007/0xxx/CVE-2007-0910.json @@ -1,267 +1,267 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0910", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in PHP before 5.2.1 allows attackers to \"clobber\" certain super-global variables via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0910", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461462/100/0/threaded" - }, - { - "name" : "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/466166/100/0/threaded" - }, - { - "name" : "http://www.php.net/ChangeLog-5.php#5.2.1", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/ChangeLog-5.php#5.2.1" - }, - { - "name" : "http://www.php.net/releases/5_2_1.php", - "refsource" : "CONFIRM", - "url" : "http://www.php.net/releases/5_2_1.php" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1088", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1088" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1268", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1268" - }, - { - "name" : "DSA-1264", - "refsource" : "DEBIAN", - "url" : "http://www.us.debian.org/security/2007/dsa-1264" - }, - { - "name" : "GLSA-200703-21", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200703-21.xml" - }, - { - "name" : "MDKSA-2007:048", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048" - }, - { - "name" : "OpenPKG-SA-2007.010", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html" - }, - { - "name" : "RHSA-2007:0076", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0076.html" - }, - { - "name" : "RHSA-2007:0081", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0081.html" - }, - { - "name" : "RHSA-2007:0089", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0089.html" - }, - { - "name" : "RHSA-2007:0088", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0088.html" - }, - { - "name" : "RHSA-2007:0082", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0082.html" - }, - { - "name" : "20070201-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc" - }, - { - "name" : "SUSE-SA:2007:020", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html" - }, - { - "name" : "2007-0009", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0009/" - }, - { - "name" : "USN-424-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-424-1" - }, - { - "name" : "USN-424-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-424-2" - }, - { - "name" : "22496", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22496" - }, - { - "name" : "oval:org.mitre.oval:def:9514", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9514" - }, - { - "name" : "ADV-2007-0546", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0546" - }, - { - "name" : "32763", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32763" - }, - { - "name" : "1017671", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017671" - }, - { - "name" : "24089", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24089" - }, - { - "name" : "24195", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24195" - }, - { - "name" : "24217", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24217" - }, - { - "name" : "24248", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24248" - }, - { - "name" : "24236", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24236" - }, - { - "name" : "24295", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24295" - }, - { - "name" : "24322", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24322" - }, - { - "name" : "24432", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24432" - }, - { - "name" : "24421", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24421" - }, - { - "name" : "24514", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24514" - }, - { - "name" : "24606", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24606" - }, - { - "name" : "24642", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24642" - }, - { - "name" : "24945", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24945" - }, - { - "name" : "24284", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24284" - }, - { - "name" : "24419", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24419" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in PHP before 5.2.1 allows attackers to \"clobber\" certain super-global variables via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-1264", + "refsource": "DEBIAN", + "url": "http://www.us.debian.org/security/2007/dsa-1264" + }, + { + "name": "24295", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24295" + }, + { + "name": "2007-0009", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0009/" + }, + { + "name": "OpenPKG-SA-2007.010", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.010.html" + }, + { + "name": "24195", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24195" + }, + { + "name": "1017671", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017671" + }, + { + "name": "32763", + "refsource": "OSVDB", + "url": "http://osvdb.org/32763" + }, + { + "name": "24606", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24606" + }, + { + "name": "24642", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24642" + }, + { + "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded" + }, + { + "name": "24217", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24217" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-101.htm" + }, + { + "name": "24248", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24248" + }, + { + "name": "24514", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24514" + }, + { + "name": "22496", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22496" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1088", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1088" + }, + { + "name": "24284", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24284" + }, + { + "name": "USN-424-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-424-2" + }, + { + "name": "http://www.php.net/releases/5_2_1.php", + "refsource": "CONFIRM", + "url": "http://www.php.net/releases/5_2_1.php" + }, + { + "name": "GLSA-200703-21", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200703-21.xml" + }, + { + "name": "oval:org.mitre.oval:def:9514", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9514" + }, + { + "name": "24432", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24432" + }, + { + "name": "24421", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24421" + }, + { + "name": "24089", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24089" + }, + { + "name": "SUSE-SA:2007:020", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html" + }, + { + "name": "RHSA-2007:0076", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0076.html" + }, + { + "name": "24419", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24419" + }, + { + "name": "24945", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24945" + }, + { + "name": "RHSA-2007:0089", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0089.html" + }, + { + "name": "RHSA-2007:0088", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0088.html" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1268", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1268" + }, + { + "name": "20070227 rPSA-2007-0043-1 php php-mysql php-pgsql", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461462/100/0/threaded" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-136.htm" + }, + { + "name": "RHSA-2007:0082", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0082.html" + }, + { + "name": "20070201-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc" + }, + { + "name": "http://www.php.net/ChangeLog-5.php#5.2.1", + "refsource": "CONFIRM", + "url": "http://www.php.net/ChangeLog-5.php#5.2.1" + }, + { + "name": "MDKSA-2007:048", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:048" + }, + { + "name": "USN-424-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-424-1" + }, + { + "name": "RHSA-2007:0081", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0081.html" + }, + { + "name": "24322", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24322" + }, + { + "name": "24236", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24236" + }, + { + "name": "ADV-2007-0546", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0546" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1016.json b/2007/1xxx/CVE-2007-1016.json index f6c8e853b55..6a7f36b9213 100644 --- a/2007/1xxx/CVE-2007-1016.json +++ b/2007/1xxx/CVE-2007-1016.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1016", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Aktueldownload Haber script allows remote attackers to execute arbitrary SQL commands via certain vectors related to the HaberDetay.asp and rss.asp components, and the id and kid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: the combination of the HaberDetay.asp component and the id parameter is already covered by another February 2007 CVE candidate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1016", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ADV-2007-0620", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0620" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Aktueldownload Haber script allows remote attackers to execute arbitrary SQL commands via certain vectors related to the HaberDetay.asp and rss.asp components, and the id and kid parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: the combination of the HaberDetay.asp component and the id parameter is already covered by another February 2007 CVE candidate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0620", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0620" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1038.json b/2007/1xxx/CVE-2007-1038.json index c908212c3e9..90d9a28a815 100644 --- a/2007/1xxx/CVE-2007-1038.json +++ b/2007/1xxx/CVE-2007-1038.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1038", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Shemes.com Grabit 1.5.3, and possibly earlier, allows remote attackers to cause a denial of service (application crash) via a .nzb file with a subject field containing ';' (semicolon) characters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1038", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22619", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22619" - }, - { - "name" : "ADV-2007-0664", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0664" - }, - { - "name" : "38906", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38906" - }, - { - "name" : "grabit-nzb-dos(32579)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32579" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Shemes.com Grabit 1.5.3, and possibly earlier, allows remote attackers to cause a denial of service (application crash) via a .nzb file with a subject field containing ';' (semicolon) characters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0664", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0664" + }, + { + "name": "22619", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22619" + }, + { + "name": "38906", + "refsource": "OSVDB", + "url": "http://osvdb.org/38906" + }, + { + "name": "grabit-nzb-dos(32579)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32579" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1776.json b/2007/1xxx/CVE-2007-1776.json index b79be46bfe7..92694e69a57 100644 --- a/2007/1xxx/CVE-2007-1776.json +++ b/2007/1xxx/CVE-2007-1776.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1776", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the DesignForJoomla.com D4J eZine (com_ezine) 2.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in a read action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1776", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3590", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3590" - }, - { - "name" : "23165", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23165" - }, - { - "name" : "ADV-2007-1135", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1135" - }, - { - "name" : "34511", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34511" - }, - { - "name" : "24675", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24675" - }, - { - "name" : "d4jezine-index-sql-injection(33249)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33249" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the DesignForJoomla.com D4J eZine (com_ezine) 2.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the article parameter in a read action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23165", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23165" + }, + { + "name": "d4jezine-index-sql-injection(33249)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33249" + }, + { + "name": "ADV-2007-1135", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1135" + }, + { + "name": "3590", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3590" + }, + { + "name": "24675", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24675" + }, + { + "name": "34511", + "refsource": "OSVDB", + "url": "http://osvdb.org/34511" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1843.json b/2007/1xxx/CVE-2007-1843.json index b1eb3d7659b..27caeade469 100644 --- a/2007/1xxx/CVE-2007-1843.json +++ b/2007/1xxx/CVE-2007-1843.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1843", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in gmapfactory/params.php in MapLab 2.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gszAppPath parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1843", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070402 Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464462/100/0/threaded" - }, - { - "name" : "20070402 Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464503/100/0/threaded" - }, - { - "name" : "20070402 Re: Maplab <= 2.2.1 (gszAppPath) Remote File InclusionVulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464490/100/0/threaded" - }, - { - "name" : "3638", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3638" - }, - { - "name" : "23249", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23249" - }, - { - "name" : "ADV-2007-1203", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1203" - }, - { - "name" : "34620", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34620" - }, - { - "name" : "24715", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24715" - }, - { - "name" : "maplab-params-file-include(33360)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33360" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in gmapfactory/params.php in MapLab 2.2.1, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the gszAppPath parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1203", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1203" + }, + { + "name": "20070402 Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464462/100/0/threaded" + }, + { + "name": "20070402 Re: Maplab <= 2.2.1 (gszAppPath) Remote File InclusionVulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464490/100/0/threaded" + }, + { + "name": "3638", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3638" + }, + { + "name": "34620", + "refsource": "OSVDB", + "url": "http://osvdb.org/34620" + }, + { + "name": "23249", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23249" + }, + { + "name": "maplab-params-file-include(33360)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33360" + }, + { + "name": "20070402 Re: Maplab <= 2.2.1 (gszAppPath) Remote File Inclusion Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464503/100/0/threaded" + }, + { + "name": "24715", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24715" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4259.json b/2007/4xxx/CVE-2007-4259.json index 1e6e2a4533e..f2de5b03688 100644 --- a/2007/4xxx/CVE-2007-4259.json +++ b/2007/4xxx/CVE-2007-4259.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4259", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "EZPhotoSales 1.9.3 and earlier allows remote attackers to download arbitrary image files via (1) a direct request for a URL under OnlineViewing/galleries/ or (2) navigation of the gallery user interface with JavaScript disabled." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4259", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070806 EZPhotoSales 1.9.3 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475678/100/0/threaded" - }, - { - "name" : "http://www.airscanner.com/security/07080601_ezphotosales.htm", - "refsource" : "MISC", - "url" : "http://www.airscanner.com/security/07080601_ezphotosales.htm" - }, - { - "name" : "http://www.informit.com/guides/content.asp?g=security&seqNum=267", - "refsource" : "MISC", - "url" : "http://www.informit.com/guides/content.asp?g=security&seqNum=267" - }, - { - "name" : "http://www.informit.com/guides/content.asp?g=security&seqNum=268", - "refsource" : "MISC", - "url" : "http://www.informit.com/guides/content.asp?g=security&seqNum=268" - }, - { - "name" : "25323", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25323" - }, - { - "name" : "26341", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26341" - }, - { - "name" : "2985", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2985" - }, - { - "name" : "ezphotosales-javascript-security-bypass(35832)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35832" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "EZPhotoSales 1.9.3 and earlier allows remote attackers to download arbitrary image files via (1) a direct request for a URL under OnlineViewing/galleries/ or (2) navigation of the gallery user interface with JavaScript disabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.informit.com/guides/content.asp?g=security&seqNum=267", + "refsource": "MISC", + "url": "http://www.informit.com/guides/content.asp?g=security&seqNum=267" + }, + { + "name": "25323", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25323" + }, + { + "name": "26341", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26341" + }, + { + "name": "http://www.informit.com/guides/content.asp?g=security&seqNum=268", + "refsource": "MISC", + "url": "http://www.informit.com/guides/content.asp?g=security&seqNum=268" + }, + { + "name": "2985", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2985" + }, + { + "name": "20070806 EZPhotoSales 1.9.3 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475678/100/0/threaded" + }, + { + "name": "ezphotosales-javascript-security-bypass(35832)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35832" + }, + { + "name": "http://www.airscanner.com/security/07080601_ezphotosales.htm", + "refsource": "MISC", + "url": "http://www.airscanner.com/security/07080601_ezphotosales.htm" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4360.json b/2007/4xxx/CVE-2007-4360.json index 2847582b562..00ff3e1b3a7 100644 --- a/2007/4xxx/CVE-2007-4360.json +++ b/2007/4xxx/CVE-2007-4360.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4360", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Dell Remote Access Card 4 (DRAC4) with firmware 1.50 Build 02.16 allows remote attackers to cause a denial of service (SSH daemon crash) via certain network traffic, as demonstrated by an \"nmap -O\" scan with nmap 4.03, possibly related to a Mocana (Mocanada) SSH vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4360", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070813 Re: Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476311/100/0/threaded" - }, - { - "name" : "20070813 Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476301/100/0/threaded" - }, - { - "name" : "20080118 [FIXED] Remote Denial of Service for SSH service at Dell DRAC4(maybe Mocana SSH)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/486589/100/0/threaded" - }, - { - "name" : "ftp://ftp.us.dell.com/sysman/readme_160_A00.txt", - "refsource" : "MISC", - "url" : "ftp://ftp.us.dell.com/sysman/readme_160_A00.txt" - }, - { - "name" : "25291", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25291" - }, - { - "name" : "ADV-2007-2908", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2908" - }, - { - "name" : "26428", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26428" - }, - { - "name" : "drac-ssh-dos(35998)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35998" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Dell Remote Access Card 4 (DRAC4) with firmware 1.50 Build 02.16 allows remote attackers to cause a denial of service (SSH daemon crash) via certain network traffic, as demonstrated by an \"nmap -O\" scan with nmap 4.03, possibly related to a Mocana (Mocanada) SSH vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26428", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26428" + }, + { + "name": "20070813 Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476301/100/0/threaded" + }, + { + "name": "ftp://ftp.us.dell.com/sysman/readme_160_A00.txt", + "refsource": "MISC", + "url": "ftp://ftp.us.dell.com/sysman/readme_160_A00.txt" + }, + { + "name": "25291", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25291" + }, + { + "name": "20080118 [FIXED] Remote Denial of Service for SSH service at Dell DRAC4(maybe Mocana SSH)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/486589/100/0/threaded" + }, + { + "name": "ADV-2007-2908", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2908" + }, + { + "name": "drac-ssh-dos(35998)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35998" + }, + { + "name": "20070813 Re: Remote Denial of Service for SSH service at Dell DRAC4 (maybeMocana SSH)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476311/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4711.json b/2007/4xxx/CVE-2007-4711.json index 098618c152d..3af3931078b 100644 --- a/2007/4xxx/CVE-2007-4711.json +++ b/2007/4xxx/CVE-2007-4711.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4711", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Toms Gaestebuch 1.00 allow remote attackers to inject arbitrary web script or HTML via the (1) homepage, (2) mail, and (3) name parameters in a show action to (a) form.php; the (4) language and (5) anzeigebreite parameters to (b) admin/header.php; and the (6) msg parameter to (c) install.php, different vectors than CVE-2006-0706." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4711", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070901 Toms Gästebuch 1.00 - XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/478360/100/0/threaded" - }, - { - "name" : "20070907 Re: Toms Gästebuch 1.00 - XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/478803/100/0/threaded" - }, - { - "name" : "25507", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25507" - }, - { - "name" : "36735", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36735" - }, - { - "name" : "36736", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36736" - }, - { - "name" : "26662", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26662" - }, - { - "name" : "3097", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3097" - }, - { - "name" : "toms-gastebuch-multiple-xss(36404)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36404" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Toms Gaestebuch 1.00 allow remote attackers to inject arbitrary web script or HTML via the (1) homepage, (2) mail, and (3) name parameters in a show action to (a) form.php; the (4) language and (5) anzeigebreite parameters to (b) admin/header.php; and the (6) msg parameter to (c) install.php, different vectors than CVE-2006-0706." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070907 Re: Toms Gästebuch 1.00 - XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/478803/100/0/threaded" + }, + { + "name": "36736", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36736" + }, + { + "name": "3097", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3097" + }, + { + "name": "20070901 Toms Gästebuch 1.00 - XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/478360/100/0/threaded" + }, + { + "name": "26662", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26662" + }, + { + "name": "toms-gastebuch-multiple-xss(36404)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36404" + }, + { + "name": "25507", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25507" + }, + { + "name": "36735", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36735" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4871.json b/2007/4xxx/CVE-2007-4871.json index fbc0af40647..82ef2b22ccd 100644 --- a/2007/4xxx/CVE-2007-4871.json +++ b/2007/4xxx/CVE-2007-4871.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4871", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4871", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5155.json b/2007/5xxx/CVE-2007-5155.json index f7feec43edf..d90be52a689 100644 --- a/2007/5xxx/CVE-2007-5155.json +++ b/2007/5xxx/CVE-2007-5155.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5155", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect arguments, which allows user-assisted remote attackers to execute arbitrary code via a long filename in the header of an ACE archive, which triggers a stack-based buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5155", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://vuln.sg/iceows420b-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/iceows420b-en.html" - }, - { - "name" : "25844", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25844" - }, - { - "name" : "ADV-2007-3312", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3312" - }, - { - "name" : "41381", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41381" - }, - { - "name" : "26973", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26973" - }, - { - "name" : "iceows-icegui-bo(36843)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36843" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IceGUI.DLL in ICEOWS 4.20b invokes a function with incorrect arguments, which allows user-assisted remote attackers to execute arbitrary code via a long filename in the header of an ACE archive, which triggers a stack-based buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://vuln.sg/iceows420b-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/iceows420b-en.html" + }, + { + "name": "25844", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25844" + }, + { + "name": "41381", + "refsource": "OSVDB", + "url": "http://osvdb.org/41381" + }, + { + "name": "26973", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26973" + }, + { + "name": "iceows-icegui-bo(36843)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36843" + }, + { + "name": "ADV-2007-3312", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3312" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5255.json b/2007/5xxx/CVE-2007-5255.json index ff190fb1181..2f9035fa1ad 100644 --- a/2007/5xxx/CVE-2007-5255.json +++ b/2007/5xxx/CVE-2007-5255.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5255", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance 3.4.14 allows remote attackers to inject arbitrary web script or HTML via the ie parameter to the /search URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071010 Vulnerabilities digest", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482006/100/0/threaded" - }, - { - "name" : "http://websecurity.com.ua/1368/", - "refsource" : "MISC", - "url" : "http://websecurity.com.ua/1368/" - }, - { - "name" : "http://securityvulns.ru/Sdocument32.html", - "refsource" : "MISC", - "url" : "http://securityvulns.ru/Sdocument32.html" - }, - { - "name" : "25894", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25894" - }, - { - "name" : "ADV-2007-3327", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3327" - }, - { - "name" : "1018759", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018759" - }, - { - "name" : "26946", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26946" - }, - { - "name" : "google-mini-search-xss(36907)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36907" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Google Mini Search Appliance 3.4.14 allows remote attackers to inject arbitrary web script or HTML via the ie parameter to the /search URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071010 Vulnerabilities digest", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482006/100/0/threaded" + }, + { + "name": "http://securityvulns.ru/Sdocument32.html", + "refsource": "MISC", + "url": "http://securityvulns.ru/Sdocument32.html" + }, + { + "name": "ADV-2007-3327", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3327" + }, + { + "name": "26946", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26946" + }, + { + "name": "http://websecurity.com.ua/1368/", + "refsource": "MISC", + "url": "http://websecurity.com.ua/1368/" + }, + { + "name": "google-mini-search-xss(36907)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36907" + }, + { + "name": "25894", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25894" + }, + { + "name": "1018759", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018759" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2754.json b/2015/2xxx/CVE-2015-2754.json index 7cc6d7aaed0..52d8fc4f988 100644 --- a/2015/2xxx/CVE-2015-2754.json +++ b/2015/2xxx/CVE-2015-2754.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2754", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a \"premature EOF.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2754", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150324 CVE Request: Multiple vulnerabilities in freexl 1.0.0g", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/25/1" - }, - { - "name" : "[oss-security] 20150327 Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/27/1" - }, - { - "name" : "https://www.gaia-gis.it/fossil/freexl/fdiff?v1=2e167b337481dda3&v2=61618ce51a9b0c15&sbs=1", - "refsource" : "CONFIRM", - "url" : "https://www.gaia-gis.it/fossil/freexl/fdiff?v1=2e167b337481dda3&v2=61618ce51a9b0c15&sbs=1" - }, - { - "name" : "DSA-3208", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3208" - }, - { - "name" : "GLSA-201606-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201606-15" - }, - { - "name" : "73330", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73330" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a \"premature EOF.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201606-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201606-15" + }, + { + "name": "DSA-3208", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3208" + }, + { + "name": "https://www.gaia-gis.it/fossil/freexl/fdiff?v1=2e167b337481dda3&v2=61618ce51a9b0c15&sbs=1", + "refsource": "CONFIRM", + "url": "https://www.gaia-gis.it/fossil/freexl/fdiff?v1=2e167b337481dda3&v2=61618ce51a9b0c15&sbs=1" + }, + { + "name": "[oss-security] 20150324 CVE Request: Multiple vulnerabilities in freexl 1.0.0g", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/25/1" + }, + { + "name": "73330", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73330" + }, + { + "name": "[oss-security] 20150327 Re: CVE Request: Multiple vulnerabilities in freexl 1.0.0g", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/27/1" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3210.json b/2015/3xxx/CVE-2015-3210.json index 93305144a28..96c322ecb28 100644 --- a/2015/3xxx/CVE-2015-3210.json +++ b/2015/3xxx/CVE-2015-3210.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3210", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?Pc)(?Pa(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3210", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150601 CVE-2015-3210: PCRE Library Heap Overflow Vulnerability", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/06/01/7" - }, - { - "name" : "[oss-security] 20151202 Re: Heap Overflow in PCRE", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/02/11" - }, - { - "name" : "https://bugs.exim.org/show_bug.cgi?id=1636", - "refsource" : "CONFIRM", - "url" : "https://bugs.exim.org/show_bug.cgi?id=1636" - }, - { - "name" : "RHSA-2016:1132", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1132" - }, - { - "name" : "RHSA-2016:2750", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" - }, - { - "name" : "74934", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74934" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code via a crafted regular expression, as demonstrated by /^(?P=B)((?P=B)(?J:(?Pc)(?Pa(?P=B)))>WGXCREDITS)/, a different vulnerability than CVE-2015-8384." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:1132", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1132" + }, + { + "name": "74934", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74934" + }, + { + "name": "RHSA-2016:2750", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" + }, + { + "name": "[oss-security] 20150601 CVE-2015-3210: PCRE Library Heap Overflow Vulnerability", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/06/01/7" + }, + { + "name": "[oss-security] 20151202 Re: Heap Overflow in PCRE", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/02/11" + }, + { + "name": "https://bugs.exim.org/show_bug.cgi?id=1636", + "refsource": "CONFIRM", + "url": "https://bugs.exim.org/show_bug.cgi?id=1636" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3227.json b/2015/3xxx/CVE-2015-3227.json index 0091af94c8b..5b499b88698 100644 --- a/2015/3xxx/CVE-2015-3227.json +++ b/2015/3xxx/CVE-2015-3227.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3227", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3227", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150616 [CVE-2015-3227] Possible Denial of Service attack in Active Support", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2015/06/16/16" - }, - { - "name" : "[rubyonrails-security] 20150616 [CVE-2015-3227] Possible Denial of Service attack in Active Support", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/bahr2JLnxvk/x4EocXnHPp8J" - }, - { - "name" : "DSA-3464", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3464" - }, - { - "name" : "openSUSE-SU-2015:1279", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-07/msg00050.html" - }, - { - "name" : "75234", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75234" - }, - { - "name" : "1033755", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033755" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033755", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033755" + }, + { + "name": "75234", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75234" + }, + { + "name": "[rubyonrails-security] 20150616 [CVE-2015-3227] Possible Denial of Service attack in Active Support", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/bahr2JLnxvk/x4EocXnHPp8J" + }, + { + "name": "openSUSE-SU-2015:1279", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00050.html" + }, + { + "name": "DSA-3464", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3464" + }, + { + "name": "[oss-security] 20150616 [CVE-2015-3227] Possible Denial of Service attack in Active Support", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2015/06/16/16" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3609.json b/2015/3xxx/CVE-2015-3609.json index 445928d53ae..cf6cb93afda 100644 --- a/2015/3xxx/CVE-2015-3609.json +++ b/2015/3xxx/CVE-2015-3609.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3609", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3609", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3674.json b/2015/3xxx/CVE-2015-3674.json index a8db127c84f..1bc8c4a1c8e 100644 --- a/2015/3xxx/CVE-2015-3674.json +++ b/2015/3xxx/CVE-2015-3674.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3674", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "afpserver in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3674", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "APPLE-SA-2015-06-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" - }, - { - "name" : "75493", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75493" - }, - { - "name" : "1032760", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "afpserver in Apple OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-06-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" + }, + { + "name": "75493", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75493" + }, + { + "name": "1032760", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032760" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3689.json b/2015/3xxx/CVE-2015-3689.json index 46d93b90e34..b79608ec236 100644 --- a/2015/3xxx/CVE-2015-3689.json +++ b/2015/3xxx/CVE-2015-3689.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3689", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3689", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204941", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204941" - }, - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "APPLE-SA-2015-06-30-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-06-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" - }, - { - "name" : "75491", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75491" - }, - { - "name" : "1032760", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "75491", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75491" + }, + { + "name": "http://support.apple.com/kb/HT204941", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204941" + }, + { + "name": "APPLE-SA-2015-06-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" + }, + { + "name": "1032760", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032760" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + }, + { + "name": "APPLE-SA-2015-06-30-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6036.json b/2015/6xxx/CVE-2015-6036.json index a3c589efb98..df9abfcdd5e 100644 --- a/2015/6xxx/CVE-2015-6036.json +++ b/2015/6xxx/CVE-2015-6036.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6036", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QNAP Signage Station before 2.0.1 allows remote attackers to bypass authentication, and consequently upload files, via a spoofed HTTP request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-6036", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#444472", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/444472" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QNAP Signage Station before 2.0.1 allows remote attackers to bypass authentication, and consequently upload files, via a spoofed HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#444472", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/444472" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6078.json b/2015/6xxx/CVE-2015-6078.json index a2747be2ba6..70434526d29 100644 --- a/2015/6xxx/CVE-2015-6078.json +++ b/2015/6xxx/CVE-2015-6078.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6078", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6065." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6078", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-112", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" - }, - { - "name" : "MS15-113", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-113" - }, - { - "name" : "1034112", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034112" - }, - { - "name" : "1034113", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034113" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6065." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-113", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-113" + }, + { + "name": "1034112", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034112" + }, + { + "name": "1034113", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034113" + }, + { + "name": "MS15-112", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6192.json b/2015/6xxx/CVE-2015-6192.json index 8f2b54433ab..d064acc1a92 100644 --- a/2015/6xxx/CVE-2015-6192.json +++ b/2015/6xxx/CVE-2015-6192.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6192", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6192", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6510.json b/2015/6xxx/CVE-2015-6510.json index bac375eb280..de3ae8f3508 100644 --- a/2015/6xxx/CVE-2015-6510.json +++ b/2015/6xxx/CVE-2015-6510.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6510", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) srctrack, (2) use_mfs_tmp_size, or (3) use_mfs_var_size parameter to system_advanced_misc.php; the (4) port, (5) snaplen, or (6) count parameter to diag_packet_capture.php; the (7) pppoe_resethour, (8) pppoe_resetminute, (9) wpa_group_rekey, or (10) wpa_gmk_rekey parameter to interfaces.php; the (11) pppoe_resethour or (12) pppoe_resetminute parameter to interfaces_ppps_edit.php; the (13) member[] parameter to interfaces_qinq_edit.php; the (14) port or (15) retry parameter to load_balancer_pool_edit.php; the (16) pkgrepourl parameter to pkg_mgr_settings.php; the (17) zone parameter to services_captiveportal.php; the port parameter to (18) services_dnsmasq.php or (19) services_unbound.php; the (20) cache_max_ttl or (21) cache_min_ttl parameter to services_unbound_advanced.php; the (22) sshport parameter to system_advanced_admin.php; the (23) id, (24) tunable, (25) descr, or (26) value parameter to system_advanced_sysctl.php; the (27) firmwareurl, (28) repositoryurl, or (29) branch parameter to system_firmware_settings.php; the (30) pfsyncpeerip, (31) synchronizetoip, (32) username, or (33) passwordfld parameter to system_hasync.php; the (34) maxmss parameter to vpn_ipsec_settings.php; the (35) ntp_server1, (36) ntp_server2, (37) wins_server1, or (38) wins_server2 parameter to vpn_openvpn_csc.php; or unspecified parameters to (39) load_balancer_relay_action.php, (40) load_balancer_relay_action_edit.php, (41) load_balancer_relay_protocol.php, or (42) load_balancer_relay_protocol_edit.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6510", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc", - "refsource" : "CONFIRM", - "url" : "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) srctrack, (2) use_mfs_tmp_size, or (3) use_mfs_var_size parameter to system_advanced_misc.php; the (4) port, (5) snaplen, or (6) count parameter to diag_packet_capture.php; the (7) pppoe_resethour, (8) pppoe_resetminute, (9) wpa_group_rekey, or (10) wpa_gmk_rekey parameter to interfaces.php; the (11) pppoe_resethour or (12) pppoe_resetminute parameter to interfaces_ppps_edit.php; the (13) member[] parameter to interfaces_qinq_edit.php; the (14) port or (15) retry parameter to load_balancer_pool_edit.php; the (16) pkgrepourl parameter to pkg_mgr_settings.php; the (17) zone parameter to services_captiveportal.php; the port parameter to (18) services_dnsmasq.php or (19) services_unbound.php; the (20) cache_max_ttl or (21) cache_min_ttl parameter to services_unbound_advanced.php; the (22) sshport parameter to system_advanced_admin.php; the (23) id, (24) tunable, (25) descr, or (26) value parameter to system_advanced_sysctl.php; the (27) firmwareurl, (28) repositoryurl, or (29) branch parameter to system_firmware_settings.php; the (30) pfsyncpeerip, (31) synchronizetoip, (32) username, or (33) passwordfld parameter to system_hasync.php; the (34) maxmss parameter to vpn_ipsec_settings.php; the (35) ntp_server1, (36) ntp_server2, (37) wins_server1, or (38) wins_server2 parameter to vpn_openvpn_csc.php; or unspecified parameters to (39) load_balancer_relay_action.php, (40) load_balancer_relay_action_edit.php, (41) load_balancer_relay_protocol.php, or (42) load_balancer_relay_protocol_edit.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc", + "refsource": "CONFIRM", + "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_06.webgui.asc" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7035.json b/2015/7xxx/CVE-2015-7035.json index babbbfab811..a22c7e0a487 100644 --- a/2015/7xxx/CVE-2015-7035.json +++ b/2015/7xxx/CVE-2015-7035.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7035", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach \"unused\" functions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7035", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205317", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205317" - }, - { - "name" : "https://support.apple.com/HT205375", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205375" - }, - { - "name" : "APPLE-SA-2015-10-21-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" - }, - { - "name" : "APPLE-SA-2015-10-21-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00007.html" - }, - { - "name" : "74971", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74971" - }, - { - "name" : "1033921", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033921" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apple Mac EFI before 2015-002, as used in OS X before 10.11.1 and other products, mishandles arguments, which allows attackers to reach \"unused\" functions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-10-21-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" + }, + { + "name": "https://support.apple.com/HT205375", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205375" + }, + { + "name": "https://support.apple.com/HT205317", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205317" + }, + { + "name": "APPLE-SA-2015-10-21-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00007.html" + }, + { + "name": "74971", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74971" + }, + { + "name": "1033921", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033921" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7133.json b/2015/7xxx/CVE-2015-7133.json index cc21bd917c7..8c5e002cbe1 100644 --- a/2015/7xxx/CVE-2015-7133.json +++ b/2015/7xxx/CVE-2015-7133.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7133", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7133", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7540.json b/2015/7xxx/CVE-2015-7540.json index 743d7b4eff6..ad3d8a1ad19 100644 --- a/2015/7xxx/CVE-2015-7540.json +++ b/2015/7xxx/CVE-2015-7540.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7540", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7540", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1288451", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1288451" - }, - { - "name" : "https://git.samba.org/?p=samba.git;a=commit;h=530d50a1abdcdf4d1775652d4c456c1274d83d8d", - "refsource" : "CONFIRM", - "url" : "https://git.samba.org/?p=samba.git;a=commit;h=530d50a1abdcdf4d1775652d4c456c1274d83d8d" - }, - { - "name" : "https://git.samba.org/?p=samba.git;a=commit;h=9d989c9dd7a5b92d0c5d65287935471b83b6e884", - "refsource" : "CONFIRM", - "url" : "https://git.samba.org/?p=samba.git;a=commit;h=9d989c9dd7a5b92d0c5d65287935471b83b6e884" - }, - { - "name" : "https://www.samba.org/samba/security/CVE-2015-7540.html", - "refsource" : "CONFIRM", - "url" : "https://www.samba.org/samba/security/CVE-2015-7540.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "DSA-3433", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3433" - }, - { - "name" : "FEDORA-2015-0e0879cc8a", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html" - }, - { - "name" : "FEDORA-2015-b36076d32e", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html" - }, - { - "name" : "GLSA-201612-47", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-47" - }, - { - "name" : "openSUSE-SU-2015:2356", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html" - }, - { - "name" : "USN-2855-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2855-2" - }, - { - "name" : "USN-2855-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2855-1" - }, - { - "name" : "79736", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79736" - }, - { - "name" : "1034492", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034492" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://git.samba.org/?p=samba.git;a=commit;h=9d989c9dd7a5b92d0c5d65287935471b83b6e884", + "refsource": "CONFIRM", + "url": "https://git.samba.org/?p=samba.git;a=commit;h=9d989c9dd7a5b92d0c5d65287935471b83b6e884" + }, + { + "name": "FEDORA-2015-0e0879cc8a", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html" + }, + { + "name": "USN-2855-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2855-2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "https://git.samba.org/?p=samba.git;a=commit;h=530d50a1abdcdf4d1775652d4c456c1274d83d8d", + "refsource": "CONFIRM", + "url": "https://git.samba.org/?p=samba.git;a=commit;h=530d50a1abdcdf4d1775652d4c456c1274d83d8d" + }, + { + "name": "1034492", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034492" + }, + { + "name": "79736", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79736" + }, + { + "name": "https://www.samba.org/samba/security/CVE-2015-7540.html", + "refsource": "CONFIRM", + "url": "https://www.samba.org/samba/security/CVE-2015-7540.html" + }, + { + "name": "FEDORA-2015-b36076d32e", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html" + }, + { + "name": "DSA-3433", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3433" + }, + { + "name": "GLSA-201612-47", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-47" + }, + { + "name": "USN-2855-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2855-1" + }, + { + "name": "openSUSE-SU-2015:2356", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1288451", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1288451" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7587.json b/2015/7xxx/CVE-2015-7587.json index c17a4413d18..67b86ae4e58 100644 --- a/2015/7xxx/CVE-2015-7587.json +++ b/2015/7xxx/CVE-2015-7587.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7587", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7587", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7949.json b/2015/7xxx/CVE-2015-7949.json index d5ae2a36af7..2e34d889a64 100644 --- a/2015/7xxx/CVE-2015-7949.json +++ b/2015/7xxx/CVE-2015-7949.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7949", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7949", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8248.json b/2015/8xxx/CVE-2015-8248.json index 508a5a7023b..17c16f2c372 100644 --- a/2015/8xxx/CVE-2015-8248.json +++ b/2015/8xxx/CVE-2015-8248.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8248", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8248", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8290.json b/2015/8xxx/CVE-2015-8290.json index 7e4fea523bc..fa8768396fd 100644 --- a/2015/8xxx/CVE-2015-8290.json +++ b/2015/8xxx/CVE-2015-8290.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8290", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8290", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0188.json b/2016/0xxx/CVE-2016-0188.json index fea1c96aa8b..1f8a6d5609d 100644 --- a/2016/0xxx/CVE-2016-0188.json +++ b/2016/0xxx/CVE-2016-0188.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0188", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka \"Internet Explorer Security Feature Bypass.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0188", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-051", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051" - }, - { - "name" : "90003", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90003" - }, - { - "name" : "1035820", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035820" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka \"Internet Explorer Security Feature Bypass.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-051", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051" + }, + { + "name": "90003", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90003" + }, + { + "name": "1035820", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035820" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0490.json b/2016/0xxx/CVE-2016-0490.json index 403a8406156..a5c0066e58b 100644 --- a/2016/0xxx/CVE-2016-0490.json +++ b/2016/0xxx/CVE-2016-0490.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0490", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0487. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the UploadServlet servlet, which allows remote attackers to upload and execute arbitrary files via directory traversal sequences in a filename header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0490", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-039", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-039" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "81173", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81173" - }, - { - "name" : "1034734", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034734" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Test Manager for Web Apps, a different vulnerability than CVE-2016-0487. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the UploadServlet servlet, which allows remote attackers to upload and execute arbitrary files via directory traversal sequences in a filename header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034734", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034734" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-039", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-039" + }, + { + "name": "81173", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81173" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0569.json b/2016/0xxx/CVE-2016-0569.json index 7b265200372..d0881b32ebe 100644 --- a/2016/0xxx/CVE-2016-0569.json +++ b/2016/0xxx/CVE-2016-0569.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0569", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0569", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0745.json b/2016/0xxx/CVE-2016-0745.json index df04127488f..28980b5074f 100644 --- a/2016/0xxx/CVE-2016-0745.json +++ b/2016/0xxx/CVE-2016-0745.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0745", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-0745", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1040.json b/2016/1xxx/CVE-2016-1040.json index acc93f76cdb..8297c63d3ca 100644 --- a/2016/1xxx/CVE-2016-1040.json +++ b/2016/1xxx/CVE-2016-1040.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1040", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1040", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "90517", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90517" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2016-1038, CVE-2016-1039, CVE-2016-1041, CVE-2016-1042, CVE-2016-1044, CVE-2016-1062, and CVE-2016-1117." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "90517", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90517" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1078.json b/2016/1xxx/CVE-2016-1078.json index adc6d473216..0c129d8f013 100644 --- a/2016/1xxx/CVE-2016-1078.json +++ b/2016/1xxx/CVE-2016-1078.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1078", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1078", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-325", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-325" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-325", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-325" + }, + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4201.json b/2016/4xxx/CVE-2016-4201.json index 7775cd9ed6b..aad255a3d7e 100644 --- a/2016/4xxx/CVE-2016-4201.json +++ b/2016/4xxx/CVE-2016-4201.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4201", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4201", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40101", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40101/" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" - }, - { - "name" : "91716", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91716" - }, - { - "name" : "1036281", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91716", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91716" + }, + { + "name": "1036281", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036281" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" + }, + { + "name": "40101", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40101/" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4298.json b/2016/4xxx/CVE-2016-4298.json index afe8621d6a1..ac0a47dbed0 100644 --- a/2016/4xxx/CVE-2016-4298.json +++ b/2016/4xxx/CVE-2016-4298.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-4298", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Hancom version Hancom Office 2014 VP Trial HShow.exe Product version: 9.1.0.2176 HncBM90.dll Product version: 9.1.0.2291", - "version" : { - "version_data" : [ - { - "version_value" : "Hancom version Hancom Office 2014 VP Trial HShow.exe Product version: 9.1.0.2176 HncBM90.dll Product version: 9.1.0.2291" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a list of elements using a length from the file. When calculating this length, an integer overflow can be made to occur which will cause the buffer to be undersized when the application tries to copy file data into the object containing this structure. This allows one to overwrite contiguous data in the heap which can lead to code-execution under the context of the application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "integer overflow" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4298", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Hancom version Hancom Office 2014 VP Trial HShow.exe Product version: 9.1.0.2176 HncBM90.dll Product version: 9.1.0.2291", + "version": { + "version_data": [ + { + "version_value": "Hancom version Hancom Office 2014 VP Trial HShow.exe Product version: 9.1.0.2176 HncBM90.dll Product version: 9.1.0.2291" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0144/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0144/" - }, - { - "name" : "92325", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92325" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "When opening a Hangul HShow Document (.hpt) and processing a structure within the document, Hancom Office 2014 will attempt to allocate space for a list of elements using a length from the file. When calculating this length, an integer overflow can be made to occur which will cause the buffer to be undersized when the application tries to copy file data into the object containing this structure. This allows one to overwrite contiguous data in the heap which can lead to code-execution under the context of the application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "integer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0144/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0144/" + }, + { + "name": "92325", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92325" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5192.json b/2016/5xxx/CVE-2016-5192.json index 6451e77875a..81237deb4cf 100644 --- a/2016/5xxx/CVE-2016-5192.json +++ b/2016/5xxx/CVE-2016-5192.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-5192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome prior to 54.0.2840.59 for Windows", - "version" : { - "version_data" : [ - { - "version_value" : "Chrome prior to 54.0.2840.59 for Windows" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in TextTrackLoader, which allowed a remote attacker to bypass cross-origin restrictions via crafted HTML pages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "bypass cross-origin restrictions" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome prior to 54.0.2840.59 for Windows", + "version": { + "version_data": [ + { + "version_value": "Chrome prior to 54.0.2840.59 for Windows" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html" - }, - { - "name" : "https://crbug.com/633885", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/633885" - }, - { - "name" : "GLSA-201610-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-09" - }, - { - "name" : "RHSA-2016:2067", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2067.html" - }, - { - "name" : "93528", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in TextTrackLoader, which allowed a remote attacker to bypass cross-origin restrictions via crafted HTML pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "bypass cross-origin restrictions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://crbug.com/633885", + "refsource": "CONFIRM", + "url": "https://crbug.com/633885" + }, + { + "name": "93528", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93528" + }, + { + "name": "RHSA-2016:2067", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2067.html" + }, + { + "name": "GLSA-201610-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-09" + }, + { + "name": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/10/stable-channel-update-for-desktop.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5352.json b/2016/5xxx/CVE-2016-5352.json index aeaaafb95cc..24c5bb71cdd 100644 --- a/2016/5xxx/CVE-2016-5352.json +++ b/2016/5xxx/CVE-2016-5352.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5352", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.4 mishandles certain length values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5352", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160609 Re: CVE Request: wireshark releases", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/09/3" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12175", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12175" - }, - { - "name" : "https://github.com/wireshark/wireshark/commit/b6d838eebf4456192360654092e5587c5207f185", - "refsource" : "CONFIRM", - "url" : "https://github.com/wireshark/wireshark/commit/b6d838eebf4456192360654092e5587c5207f185" - }, - { - "name" : "https://www.wireshark.org/security/wnpa-sec-2016-31.html", - "refsource" : "CONFIRM", - "url" : "https://www.wireshark.org/security/wnpa-sec-2016-31.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" - }, - { - "name" : "91140", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91140" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.4 mishandles certain length values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/wireshark/wireshark/commit/b6d838eebf4456192360654092e5587c5207f185", + "refsource": "CONFIRM", + "url": "https://github.com/wireshark/wireshark/commit/b6d838eebf4456192360654092e5587c5207f185" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12175", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12175" + }, + { + "name": "[oss-security] 20160609 Re: CVE Request: wireshark releases", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/09/3" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" + }, + { + "name": "91140", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91140" + }, + { + "name": "https://www.wireshark.org/security/wnpa-sec-2016-31.html", + "refsource": "CONFIRM", + "url": "https://www.wireshark.org/security/wnpa-sec-2016-31.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5520.json b/2016/5xxx/CVE-2016-5520.json index 2ab627b6e15..36fbc2eb5c7 100644 --- a/2016/5xxx/CVE-2016-5520.json +++ b/2016/5xxx/CVE-2016-5520.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5520", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-5520", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0048.json b/2019/0xxx/CVE-2019-0048.json index 437dd4d2c2f..05bac589018 100644 --- a/2019/0xxx/CVE-2019-0048.json +++ b/2019/0xxx/CVE-2019-0048.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0048", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0048", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0306.json b/2019/0xxx/CVE-2019-0306.json index bfeb253636a..25d6d6db497 100644 --- a/2019/0xxx/CVE-2019-0306.json +++ b/2019/0xxx/CVE-2019-0306.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0306", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0306", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0718.json b/2019/0xxx/CVE-2019-0718.json index 973807c2a48..d4dbcf3b87b 100644 --- a/2019/0xxx/CVE-2019-0718.json +++ b/2019/0xxx/CVE-2019-0718.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0718", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0718", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0767.json b/2019/0xxx/CVE-2019-0767.json index 4aba97db938..fab1bfbd3ee 100644 --- a/2019/0xxx/CVE-2019-0767.json +++ b/2019/0xxx/CVE-2019-0767.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0767", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0767", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1395.json b/2019/1xxx/CVE-2019-1395.json index 113de8c056e..344b857f1f1 100644 --- a/2019/1xxx/CVE-2019-1395.json +++ b/2019/1xxx/CVE-2019-1395.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1395", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1395", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1664.json b/2019/1xxx/CVE-2019-1664.json index 39e924afd0c..919dad5d558 100644 --- a/2019/1xxx/CVE-2019-1664.json +++ b/2019/1xxx/CVE-2019-1664.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "DATE_PUBLIC" : "2019-02-20T16:00:00-0800", - "ID" : "CVE-2019-1664", - "STATE" : "PUBLIC", - "TITLE" : "Cisco HyperFlex Software Unauthenticated Root Access Vulnerability" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco HyperFlex HX-Series ", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_value" : "3.5(2a)" - } - ] - } - } - ] - }, - "vendor_name" : "Cisco" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the hxterm service as a non-privileged, local user. A successful exploit could allow the attacker to gain root access to all member nodes of the HyperFlex cluster. This vulnerability affects Cisco HyperFlex Software Releases prior to 3.5(2a)." - } - ] - }, - "exploit" : [ - { - "lang" : "eng", - "value" : "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " - } - ], - "impact" : { - "cvss" : { - "baseScore" : "8.1", - "vectorString" : "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H ", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-284" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2019-02-20T16:00:00-0800", + "ID": "CVE-2019-1664", + "STATE": "PUBLIC", + "TITLE": "Cisco HyperFlex Software Unauthenticated Root Access Vulnerability" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco HyperFlex HX-Series ", + "version": { + "version_data": [ + { + "affected": "<", + "version_value": "3.5(2a)" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20190220 Cisco HyperFlex Software Unauthenticated Root Access Vulnerability", - "refsource" : "CISCO", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-chn-root-access" - }, - { - "name" : "107103", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107103" - } - ] - }, - "source" : { - "advisory" : "cisco-sa-20190220-chn-root-access", - "defect" : [ - [ - "CSCvk31047" - ] - ], - "discovery" : "INTERNAL" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the hxterm service of Cisco HyperFlex Software could allow an unauthenticated, local attacker to gain root access to all nodes in the cluster. The vulnerability is due to insufficient authentication controls. An attacker could exploit this vulnerability by connecting to the hxterm service as a non-privileged, local user. A successful exploit could allow the attacker to gain root access to all member nodes of the HyperFlex cluster. This vulnerability affects Cisco HyperFlex Software Releases prior to 3.5(2a)." + } + ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "8.1", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20190220 Cisco HyperFlex Software Unauthenticated Root Access Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-chn-root-access" + }, + { + "name": "107103", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107103" + } + ] + }, + "source": { + "advisory": "cisco-sa-20190220-chn-root-access", + "defect": [ + [ + "CSCvk31047" + ] + ], + "discovery": "INTERNAL" + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3109.json b/2019/3xxx/CVE-2019-3109.json index 2e2d1c7a602..76d0091e6f4 100644 --- a/2019/3xxx/CVE-2019-3109.json +++ b/2019/3xxx/CVE-2019-3109.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3109", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3109", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3115.json b/2019/3xxx/CVE-2019-3115.json index 86826750efa..c25f65b13a6 100644 --- a/2019/3xxx/CVE-2019-3115.json +++ b/2019/3xxx/CVE-2019-3115.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3115", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3115", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3336.json b/2019/3xxx/CVE-2019-3336.json index 0487e800bc6..4f208a2ccaf 100644 --- a/2019/3xxx/CVE-2019-3336.json +++ b/2019/3xxx/CVE-2019-3336.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3336", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3336", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3445.json b/2019/3xxx/CVE-2019-3445.json index d60c49f2c44..1bf846070fe 100644 --- a/2019/3xxx/CVE-2019-3445.json +++ b/2019/3xxx/CVE-2019-3445.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3445", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3445", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4085.json b/2019/4xxx/CVE-2019-4085.json index edb9aa6de95..739f496fe86 100644 --- a/2019/4xxx/CVE-2019-4085.json +++ b/2019/4xxx/CVE-2019-4085.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4085", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4085", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4125.json b/2019/4xxx/CVE-2019-4125.json index 81628191dd8..5130db49a1d 100644 --- a/2019/4xxx/CVE-2019-4125.json +++ b/2019/4xxx/CVE-2019-4125.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4125", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4125", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4291.json b/2019/4xxx/CVE-2019-4291.json index b6892251f04..749569f5701 100644 --- a/2019/4xxx/CVE-2019-4291.json +++ b/2019/4xxx/CVE-2019-4291.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4291", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4291", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4331.json b/2019/4xxx/CVE-2019-4331.json index 67e72d5db5d..594530b4625 100644 --- a/2019/4xxx/CVE-2019-4331.json +++ b/2019/4xxx/CVE-2019-4331.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4331", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4331", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7161.json b/2019/7xxx/CVE-2019-7161.json index 8506575469b..c7c51638b4c 100644 --- a/2019/7xxx/CVE-2019-7161.json +++ b/2019/7xxx/CVE-2019-7161.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7161", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7161", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8091.json b/2019/8xxx/CVE-2019-8091.json index bdd01e7d08f..7e12568c708 100644 --- a/2019/8xxx/CVE-2019-8091.json +++ b/2019/8xxx/CVE-2019-8091.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8091", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8091", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8355.json b/2019/8xxx/CVE-2019-8355.json index 1837ec05655..695dc1b222b 100644 --- a/2019/8xxx/CVE-2019-8355.json +++ b/2019/8xxx/CVE-2019-8355.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8355", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8355", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sourceforge.net/p/sox/bugs/320", - "refsource" : "MISC", - "url" : "https://sourceforge.net/p/sox/bugs/320" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceforge.net/p/sox/bugs/320", + "refsource": "MISC", + "url": "https://sourceforge.net/p/sox/bugs/320" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8472.json b/2019/8xxx/CVE-2019-8472.json index 816222b645d..aedd77da148 100644 --- a/2019/8xxx/CVE-2019-8472.json +++ b/2019/8xxx/CVE-2019-8472.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8472", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8472", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8851.json b/2019/8xxx/CVE-2019-8851.json index e8bc2003cf1..a34ae11cc1b 100644 --- a/2019/8xxx/CVE-2019-8851.json +++ b/2019/8xxx/CVE-2019-8851.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8851", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8851", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9281.json b/2019/9xxx/CVE-2019-9281.json index 4978555df82..44d415ff0d4 100644 --- a/2019/9xxx/CVE-2019-9281.json +++ b/2019/9xxx/CVE-2019-9281.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9281", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9281", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9698.json b/2019/9xxx/CVE-2019-9698.json index 6036fb0cf92..4c95d523f68 100644 --- a/2019/9xxx/CVE-2019-9698.json +++ b/2019/9xxx/CVE-2019-9698.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9698", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9698", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file