admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-18 02:46:20 +00:00
parent 9952f85e5b
commit 47ed5e3595
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
46 changed files with 3241 additions and 3241 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
2001/0xxx/CVE-2001-0205.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0205", "ID": "CVE-2001-0205",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting \"...\" into the requested pathname, a modified .. (dot dot) attack."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010206 Vulnerability in AOLserver", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=98148759123258&w=2" "lang": "eng",
}, "value": "Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting \"...\" into the requested pathname, a modified .. (dot dot) attack."
{ }
"name" : "20010208 Vulnerability in AOLserver", ]
"refsource" : "BUGTRAQ", },
"url" : "http://marc.info/?l=bugtraq&m=98168216003867&w=2" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "2343", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/2343" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "20010206 Vulnerability in AOLserver",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=98148759123258&w=2"
},
{
"name": "20010208 Vulnerability in AOLserver",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=98168216003867&w=2"
},
{
"name": "2343",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2343"
}
]
}
} }

138
2001/0xxx/CVE-2001-0267.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0267", "ID": "CVE-2001-0267",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "HPSBMP0102-008", "description_data": [
"refsource" : "HP", {
"url" : "http://archives.neohapsis.com/archives/hp/2001-q1/0050.html" "lang": "eng",
}, "value": "NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges."
{ }
"name" : "hp-nmdebug-gain-privileges(6226)", ]
"refsource" : "XF", },
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6226" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "6032", "description": [
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/6032" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMP0102-008",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/hp/2001-q1/0050.html"
},
{
"name": "6032",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6032"
},
{
"name": "hp-nmdebug-gain-privileges(6226)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6226"
}
]
}
} }

128
2001/0xxx/CVE-2001-0535.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0535", "ID": "CVE-2001-0535",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the \"HTTP Host\" (CGI.Host) variable in (1) the \"Web Publish\" example script, and (2) the \"Email\" example script."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010807 Remote Vulnerabilities in Macromedia ColdFusion Example Applications", "description_data": [
"refsource" : "ISS", {
"url" : "http://xforce.iss.net/alerts/advise92.php" "lang": "eng",
}, "value": "Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the \"HTTP Host\" (CGI.Host) variable in (1) the \"Web Publish\" example script, and (2) the \"Email\" example script."
{ }
"name" : "MPSB01-08", ]
"refsource" : "ALLAIRE", },
"url" : "http://www.allaire.com/Handlers/index.cfm?ID=21700" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MPSB01-08",
"refsource": "ALLAIRE",
"url": "http://www.allaire.com/Handlers/index.cfm?ID=21700"
},
{
"name": "20010807 Remote Vulnerabilities in Macromedia ColdFusion Example Applications",
"refsource": "ISS",
"url": "http://xforce.iss.net/alerts/advise92.php"
}
]
}
} }

168
2001/0xxx/CVE-2001-0806.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0806", "ID": "CVE-2001-0806",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010626 MacOSX 10.0.X Permissions uncorrectly set", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=99358249631139&w=2" "lang": "eng",
}, "value": "Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages."
{ }
"name" : "20011007 OS X 10.1 and localized desktop folder still vulnerable", ]
"refsource" : "BUGTRAQ", },
"url" : "http://online.securityfocus.com/archive/1/219166" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20010704 Re: MacOSX 10.0.X Permissions uncorrectly set - I got it", "description": [
"refsource" : "BUGTRAQ", {
"url" : "http://marc.info/?l=bugtraq&m=99436289015729&w=2" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2930", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/2930" ]
}, },
{ "references": {
"name" : "macos-desktop-insecure-permissions(6750)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6750" "name": "1882",
}, "refsource": "OSVDB",
{ "url": "http://www.osvdb.org/1882"
"name" : "1882", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/1882" "name": "20010626 MacOSX 10.0.X Permissions uncorrectly set",
} "refsource": "BUGTRAQ",
] "url": "http://marc.info/?l=bugtraq&m=99358249631139&w=2"
} },
{
"name": "macos-desktop-insecure-permissions(6750)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6750"
},
{
"name": "20010704 Re: MacOSX 10.0.X Permissions uncorrectly set - I got it",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq&m=99436289015729&w=2"
},
{
"name": "20011007 OS X 10.1 and localized desktop folder still vulnerable",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/219166"
},
{
"name": "2930",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2930"
}
]
}
} }

158
2001/0xxx/CVE-2001-0825.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-0825", "ID": "CVE-2001-0825",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "CLA-2001:406", "description_data": [
"refsource" : "CONECTIVA", {
"url" : "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000406" "lang": "eng",
}, "value": "Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check."
{ }
"name" : "RHSA-2001:092", ]
"refsource" : "REDHAT", },
"url" : "http://www.redhat.com/support/errata/RHSA-2001-092.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "IMNX-2001-70-029-01", "description": [
"refsource" : "IMMUNIX", {
"url" : "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-029-01" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "2971", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/2971" ]
}, },
{ "references": {
"name" : "xinetd-zero-length-bo(6804)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/6804" "name": "2971",
} "refsource": "BID",
] "url": "http://www.securityfocus.com/bid/2971"
} },
{
"name": "xinetd-zero-length-bo(6804)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6804"
},
{
"name": "CLA-2001:406",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000406"
},
{
"name": "RHSA-2001:092",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2001-092.html"
},
{
"name": "IMNX-2001-70-029-01",
"refsource": "IMMUNIX",
"url": "http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-029-01"
}
]
}
} }

128
2001/1xxx/CVE-2001-1040.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2001-1040", "ID": "CVE-2001-1040",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20010802 Re: HP Jetdirect passwords don't sync", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/201224" "lang": "eng",
}, "value": "HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password."
{ }
"name" : "3132", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/3132" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3132",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/3132"
},
{
"name": "20010802 Re: HP Jetdirect passwords don't sync",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/201224"
}
]
}
} }

168
2006/2xxx/CVE-2006-2077.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2077", "ID": "CVE-2006-2077",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact and attack vectors. NOTE: this issue might be related to the OUSPG PROTOS DNS test suite."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.phys.uu.nl/~rombouts/pdnsd.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.phys.uu.nl/~rombouts/pdnsd.html" "lang": "eng",
}, "value": "Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact and attack vectors. NOTE: this issue might be related to the OUSPG PROTOS DNS test suite."
{ }
"name" : "GLSA-200605-10", ]
"refsource" : "GENTOO", },
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200605-10.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "VU#955777", "description": [
"refsource" : "CERT-VN", {
"url" : "http://www.kb.cert.org/vuls/id/955777" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "17720", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/17720" ]
}, },
{ "references": {
"name" : "20055", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20055" "name": "http://www.phys.uu.nl/~rombouts/pdnsd.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.phys.uu.nl/~rombouts/pdnsd.html"
"name" : "dns-improper-request-handling(26081)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081" "name": "dns-improper-request-handling(26081)",
} "refsource": "XF",
] "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26081"
} },
{
"name": "VU#955777",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/955777"
},
{
"name": "17720",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17720"
},
{
"name": "20055",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20055"
},
{
"name": "GLSA-200605-10",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200605-10.xml"
}
]
}
} }

148
2006/2xxx/CVE-2006-2230.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2230", "ID": "CVE-2006-2230",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack vectors involve a user-assisted, local command line argument of a non-setuid program, this issue might not be a vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060429 XINE format string bugs when handling non existen file", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/432598/100/0/threaded" "lang": "eng",
}, "value": "Multiple format string vulnerabilities in xiTK (xitk/main.c) in xine 0.99.4 might allow attackers to cause a denial of service via format string specifiers in an MP3 filename specified on the command line. NOTE: this is a different vulnerability than CVE-2006-1905. In addition, if the only attack vectors involve a user-assisted, local command line argument of a non-setuid program, this issue might not be a vulnerability."
{ }
"name" : "DSA-1093", ]
"refsource" : "DEBIAN", },
"url" : "http://www.debian.org/security/2006/dsa-1093" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "17769", "description": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/17769" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "xine-mainc-format-string(26216)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26216" ]
} },
] "references": {
} "reference_data": [
{
"name": "20060429 XINE format string bugs when handling non existen file",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/432598/100/0/threaded"
},
{
"name": "17769",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17769"
},
{
"name": "xine-mainc-format-string(26216)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26216"
},
{
"name": "DSA-1093",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1093"
}
]
}
} }

188
2006/2xxx/CVE-2006-2550.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2550", "ID": "CVE-2006-2550",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "perlpodder before 0.5 allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast, which are executed when saving the URL to a log file. NOTE: the wget vector is already covered by CVE-2006-2548."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060522 Perlpodder Remote Arbitrary Command Execution", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/434711/100/0/threaded" "lang": "eng",
}, "value": "perlpodder before 0.5 allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast, which are executed when saving the URL to a log file. NOTE: the wget vector is already covered by CVE-2006-2548."
{ }
"name" : "20060522 Perlpodder Remote Arbitrary Command Execution", ]
"refsource" : "FULLDISC", },
"url" : "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0570.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://www.redteam-pentesting.de/advisories/rt-sa-2006-003.php", "description": [
"refsource" : "MISC", {
"url" : "http://www.redteam-pentesting.de/advisories/rt-sa-2006-003.php" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "18067", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/18067" ]
}, },
{ "references": {
"name" : "ADV-2006-1906", "reference_data": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/1906" "name": "perlpodder-dlset-command-execution(26575)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26575"
"name" : "25708", },
"refsource" : "OSVDB", {
"url" : "http://www.osvdb.org/25708" "name": "20060522 Perlpodder Remote Arbitrary Command Execution",
}, "refsource": "FULLDISC",
{ "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0570.html"
"name" : "20238", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20238" "name": "20060522 Perlpodder Remote Arbitrary Command Execution",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/434711/100/0/threaded"
"name" : "perlpodder-dlset-command-execution(26575)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26575" "name": "ADV-2006-1906",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/1906"
} },
{
"name": "20238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20238"
},
{
"name": "http://www.redteam-pentesting.de/advisories/rt-sa-2006-003.php",
"refsource": "MISC",
"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2006-003.php"
},
{
"name": "18067",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18067"
},
{
"name": "25708",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25708"
}
]
}
} }

148
2006/2xxx/CVE-2006-2682.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2682", "ID": "CVE-2006-2682",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "PHP remote file inclusion vulnerability in BE_config.php in Back-End CMS 0.7.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _PSL[classdir] parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "1825", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/1825" "lang": "eng",
}, "value": "PHP remote file inclusion vulnerability in BE_config.php in Back-End CMS 0.7.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the _PSL[classdir] parameter."
{ }
"name" : "ADV-2006-1979", ]
"refsource" : "VUPEN", },
"url" : "http://www.vupen.com/english/advisories/2006/1979" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "20292", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20292" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "backendcms-beconfig-file-inclusion(26699)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26699" ]
} },
] "references": {
} "reference_data": [
{
"name": "1825",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/1825"
},
{
"name": "20292",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20292"
},
{
"name": "ADV-2006-1979",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1979"
},
{
"name": "backendcms-beconfig-file-inclusion(26699)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26699"
}
]
}
} }

508
2006/2xxx/CVE-2006-2785.json
View File

@ -1,257 +1,257 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-2785", "ID": "CVE-2006-2785",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a \"View Image\" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting \"Show only this frame\" on a frame whose SRC attribute contains a Javascript URL."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "20060602 rPSA-2006-0091-1 firefox thunderbird", "description_data": [
"refsource" : "BUGTRAQ", {
"url" : "http://www.securityfocus.com/archive/1/435795/100/0/threaded" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 1.5.0.4 allows user-assisted remote attackers to inject arbitrary web script or HTML by tricking a user into (1) performing a \"View Image\" on a broken image in which the SRC attribute contains a Javascript URL, or (2) selecting \"Show only this frame\" on a frame whose SRC attribute contains a Javascript URL."
{ }
"name" : "http://www.mozilla.org/security/announce/2006/mfsa2006-34.html", ]
"refsource" : "CONFIRM", },
"url" : "http://www.mozilla.org/security/announce/2006/mfsa2006-34.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-1118", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1118" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "DSA-1120", ]
"refsource" : "DEBIAN", }
"url" : "http://www.debian.org/security/2006/dsa-1120" ]
}, },
{ "references": {
"name" : "DSA-1134", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2006/dsa-1134" "name": "21176",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21176"
"name" : "GLSA-200606-12", },
"refsource" : "GENTOO", {
"url" : "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml" "name": "MDKSA-2006:145",
}, "refsource": "MANDRIVA",
{ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145"
"name" : "HPSBUX02153", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/446658/100/200/threaded" "name": "ADV-2006-3748",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2006/3748"
"name" : "SSRT061181", },
"refsource" : "HP", {
"url" : "http://www.securityfocus.com/archive/1/446658/100/200/threaded" "name": "USN-296-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/296-1/"
"name" : "MDKSA-2006:143", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143" "name": "USN-323-1",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/323-1/"
"name" : "MDKSA-2006:145", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:145" "name": "20561",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20561"
"name" : "RHSA-2006:0578", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0578.html" "name": "RHSA-2006:0594",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0594.html"
"name" : "RHSA-2006:0610", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0610.html" "name": "21336",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21336"
"name" : "RHSA-2006:0611", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0611.html" "name": "20060602 rPSA-2006-0091-1 firefox thunderbird",
}, "refsource": "BUGTRAQ",
{ "url": "http://www.securityfocus.com/archive/1/435795/100/0/threaded"
"name" : "RHSA-2006:0609", },
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2006-0609.html" "name": "RHSA-2006:0610",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0610.html"
"name" : "RHSA-2006:0594", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2006-0594.html" "name": "20376",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/20376"
"name" : "SUSE-SA:2006:035", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html" "name": "RHSA-2006:0609",
}, "refsource": "REDHAT",
{ "url": "http://rhn.redhat.com/errata/RHSA-2006-0609.html"
"name" : "USN-296-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/296-1/" "name": "mozilla-viewimage-xss(26845)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26845"
"name" : "USN-296-2", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/296-2/" "name": "21178",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21178"
"name" : "USN-323-1", },
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/323-1/" "name": "1016202",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1016202"
"name" : "18228", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/18228" "name": "18228",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/18228"
"name" : "oval:org.mitre.oval:def:10545", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10545" "name": "21532",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21532"
"name" : "ADV-2006-2106", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/2106" "name": "21270",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21270"
"name" : "ADV-2006-3748", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/3748" "name": "ADV-2008-0083",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2008/0083"
"name" : "ADV-2008-0083", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2008/0083" "name": "http://www.mozilla.org/security/announce/2006/mfsa2006-34.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2006/mfsa2006-34.html"
"name" : "1016202", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1016202" "name": "21188",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21188"
"name" : "20376", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20376" "name": "21134",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21134"
"name" : "20561", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/20561" "name": "21631",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21631"
"name" : "21134", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21134" "name": "SSRT061181",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
"name" : "21183", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21183" "name": "oval:org.mitre.oval:def:10545",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10545"
"name" : "21176", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21176" "name": "USN-296-2",
}, "refsource": "UBUNTU",
{ "url": "https://usn.ubuntu.com/296-2/"
"name" : "21178", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21178" "name": "DSA-1118",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1118"
"name" : "21188", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21188" "name": "HPSBUX02153",
}, "refsource": "HP",
{ "url": "http://www.securityfocus.com/archive/1/446658/100/200/threaded"
"name" : "21269", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21269" "name": "DSA-1120",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1120"
"name" : "21270", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21270" "name": "RHSA-2006:0611",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2006-0611.html"
"name" : "21336", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21336" "name": "DSA-1134",
}, "refsource": "DEBIAN",
{ "url": "http://www.debian.org/security/2006/dsa-1134"
"name" : "21324", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21324" "name": "GLSA-200606-12",
}, "refsource": "GENTOO",
{ "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml"
"name" : "21532", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21532" "name": "21324",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21324"
"name" : "21631", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/21631" "name": "21183",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/21183"
"name" : "22066", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/22066" "name": "22066",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/22066"
"name" : "mozilla-viewimage-xss(26845)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/26845" "name": "21269",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/21269"
} },
{
"name": "SUSE-SA:2006:035",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_35_mozilla.html"
},
{
"name": "RHSA-2006:0578",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0578.html"
},
{
"name": "ADV-2006-2106",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2106"
},
{
"name": "MDKSA-2006:143",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:143"
}
]
}
} }

32
2006/6xxx/CVE-2006-6098.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2006-6098", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2006-6098",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2006. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2006. Notes: none."
} }
] ]
} }
} }

348
2006/6xxx/CVE-2006-6303.json
View File

@ -1,177 +1,177 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6303", "ID": "CVE-2006-6303",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service (infinite loop) via crafted HTTP requests, a different issue than CVE-2006-5467."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.ruby-lang.org/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.ruby-lang.org/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/" "lang": "eng",
}, "value": "The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service (infinite loop) via crafted HTTP requests, a different issue than CVE-2006-5467."
{ }
"name" : "http://bugs.gentoo.org/show_bug.cgi?id=157048", ]
"refsource" : "MISC", },
"url" : "http://bugs.gentoo.org/show_bug.cgi?id=157048" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218287", "description": [
"refsource" : "MISC", {
"url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218287" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/lib/cgi.rb.diff?f=h&only_with_tag=MAIN&r1=text&tr1=1.92&r2=text&tr2=1.91", ]
"refsource" : "MISC", }
"url" : "http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/lib/cgi.rb.diff?f=h&only_with_tag=MAIN&r1=text&tr1=1.92&r2=text&tr2=1.91" ]
}, },
{ "references": {
"name" : "http://docs.info.apple.com/article.html?artnum=305530", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://docs.info.apple.com/article.html?artnum=305530" "name": "http://docs.info.apple.com/article.html?artnum=305530",
}, "refsource": "CONFIRM",
{ "url": "http://docs.info.apple.com/article.html?artnum=305530"
"name" : "APPLE-SA-2007-05-24", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html" "name": "USN-394-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/usn-394-1"
"name" : "GLSA-200612-21", },
"refsource" : "GENTOO", {
"url" : "http://security.gentoo.org/glsa/glsa-200612-21.xml" "name": "31090",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/31090"
"name" : "MDKSA-2006:225", },
"refsource" : "MANDRIVA", {
"url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:225" "name": "27576",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/27576"
"name" : "RHSA-2007:0961", },
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2007-0961.html" "name": "ADV-2007-1939",
}, "refsource": "VUPEN",
{ "url": "http://www.vupen.com/english/advisories/2007/1939"
"name" : "SUSE-SR:2007:004", },
"refsource" : "SUSE", {
"url" : "http://www.novell.com/linux/security/advisories/2007_4_sr.html" "name": "JVN#84798830",
}, "refsource": "JVN",
{ "url": "http://jvn.jp/jp/JVN%2384798830/index.html"
"name" : "USN-394-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/usn-394-1" "name": "23268",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23268"
"name" : "JVN#84798830", },
"refsource" : "JVN", {
"url" : "http://jvn.jp/jp/JVN%2384798830/index.html" "name": "APPLE-SA-2007-05-24",
}, "refsource": "APPLE",
{ "url": "http://lists.apple.com/archives/security-announce/2007/May/msg00004.html"
"name" : "21441", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/21441" "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218287",
}, "refsource": "MISC",
{ "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218287"
"name" : "oval:org.mitre.oval:def:10529", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10529" "name": "http://www.ruby-lang.org/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/",
}, "refsource": "CONFIRM",
{ "url": "http://www.ruby-lang.org/en/news/2006/12/04/another-dos-vulnerability-in-cgi-library/"
"name" : "ADV-2006-4855", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4855" "name": "25402",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/25402"
"name" : "ADV-2007-1939", },
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2007/1939" "name": "23165",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/23165"
"name" : "1017363", },
"refsource" : "SECTRACK", {
"url" : "http://securitytracker.com/id?1017363" "name": "RHSA-2007:0961",
}, "refsource": "REDHAT",
{ "url": "http://www.redhat.com/support/errata/RHSA-2007-0961.html"
"name" : "23268", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23268" "name": "oval:org.mitre.oval:def:10529",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10529"
"name" : "23165", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23165" "name": "ruby-cgi-library-dos(30734)",
}, "refsource": "XF",
{ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30734"
"name" : "23454", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/23454" "name": "1017363",
}, "refsource": "SECTRACK",
{ "url": "http://securitytracker.com/id?1017363"
"name" : "25402", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/25402" "name": "SUSE-SR:2007:004",
}, "refsource": "SUSE",
{ "url": "http://www.novell.com/linux/security/advisories/2007_4_sr.html"
"name" : "27576", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/27576" "name": "http://bugs.gentoo.org/show_bug.cgi?id=157048",
}, "refsource": "MISC",
{ "url": "http://bugs.gentoo.org/show_bug.cgi?id=157048"
"name" : "31090", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/31090" "name": "http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/lib/cgi.rb.diff?f=h&only_with_tag=MAIN&r1=text&tr1=1.92&r2=text&tr2=1.91",
}, "refsource": "MISC",
{ "url": "http://www.ruby-lang.org/cgi-bin/cvsweb.cgi/ruby/lib/cgi.rb.diff?f=h&only_with_tag=MAIN&r1=text&tr1=1.92&r2=text&tr2=1.91"
"name" : "ruby-cgi-library-dos(30734)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30734" "name": "ADV-2006-4855",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/4855"
} },
{
"name": "MDKSA-2006:225",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:225"
},
{
"name": "GLSA-200612-21",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200612-21.xml"
},
{
"name": "23454",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23454"
},
{
"name": "21441",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21441"
}
]
}
} }

158
2006/6xxx/CVE-2006-6390.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2006-6390", "ID": "CVE-2006-6390",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[db_type] parameter to (1) categories.php, (2) couriers.php, (3) orders.php, and (4) products.php in actions_admin/; and (5) orders.php and (6) products.php in actions_client/; as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by one of these PHP scripts."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "2889", "description_data": [
"refsource" : "EXPLOIT-DB", {
"url" : "https://www.exploit-db.com/exploits/2889" "lang": "eng",
}, "value": "Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the config[db_type] parameter to (1) categories.php, (2) couriers.php, (3) orders.php, and (4) products.php in actions_admin/; and (5) orders.php and (6) products.php in actions_client/; as demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by one of these PHP scripts."
{ }
"name" : "21411", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/21411" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "ADV-2006-4835", "description": [
"refsource" : "VUPEN", {
"url" : "http://www.vupen.com/english/advisories/2006/4835" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "23168", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/23168" ]
}, },
{ "references": {
"name" : "quickcart-configdbtype-file-include(30698)", "reference_data": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/30698" "name": "ADV-2006-4835",
} "refsource": "VUPEN",
] "url": "http://www.vupen.com/english/advisories/2006/4835"
} },
{
"name": "2889",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/2889"
},
{
"name": "21411",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21411"
},
{
"name": "23168",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23168"
},
{
"name": "quickcart-configdbtype-file-include(30698)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30698"
}
]
}
} }

148
2011/2xxx/CVE-2011-2147.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-2147", "ID": "CVE-2011-2147",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Openswan 2.2.x does not properly restrict permissions for (1) /var/run/starter.pid, related to starter.c in the IPsec starter, and (2) /var/lock/subsys/ipsec, which allows local users to kill arbitrary processes by writing a PID to a file, or possibly bypass disk quotas by writing arbitrary data to a file, as demonstrated by files with 0666 permissions, a different vulnerability than CVE-2011-1784."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-security] 20110510 Re: World writable pid and lock files.", "description_data": [
"refsource" : "MLIST", {
"url" : "http://lists.debian.org/debian-security/2011/05/msg00013.html" "lang": "eng",
}, "value": "Openswan 2.2.x does not properly restrict permissions for (1) /var/run/starter.pid, related to starter.c in the IPsec starter, and (2) /var/lock/subsys/ipsec, which allows local users to kill arbitrary processes by writing a PID to a file, or possibly bypass disk quotas by writing arbitrary data to a file, as demonstrated by files with 0666 permissions, a different vulnerability than CVE-2011-1784."
{ }
"name" : "[debian-security] 20110510 Re: World writable pid and lock files.", ]
"refsource" : "MLIST", },
"url" : "http://lists.debian.org/debian-security/2011/05/msg00018.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[debian-security] 20110510 World writable pid and lock files.", "description": [
"refsource" : "MLIST", {
"url" : "http://lists.debian.org/debian-security/2011/05/msg00012.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "openswan-pid-dos(67822)", ]
"refsource" : "XF", }
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/67822" ]
} },
] "references": {
} "reference_data": [
{
"name": "[debian-security] 20110510 World writable pid and lock files.",
"refsource": "MLIST",
"url": "http://lists.debian.org/debian-security/2011/05/msg00012.html"
},
{
"name": "[debian-security] 20110510 Re: World writable pid and lock files.",
"refsource": "MLIST",
"url": "http://lists.debian.org/debian-security/2011/05/msg00018.html"
},
{
"name": "openswan-pid-dos(67822)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67822"
},
{
"name": "[debian-security] 20110510 Re: World writable pid and lock files.",
"refsource": "MLIST",
"url": "http://lists.debian.org/debian-security/2011/05/msg00013.html"
}
]
}
} }

198
2011/2xxx/CVE-2011-2453.json
View File

@ -1,102 +1,102 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2011-2453", "ID": "CVE-2011-2453",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb11-28.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb11-28.html" "lang": "eng",
}, "value": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460."
{ }
"name" : "GLSA-201204-07", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-201204-07.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2011:1445", "description": [
"refsource" : "REDHAT", {
"url" : "http://www.redhat.com/support/errata/RHSA-2011-1445.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SA:2011:043", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2011:1244", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html" "name": "oval:org.mitre.oval:def:15862",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15862"
"name" : "openSUSE-SU-2011:1240", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html" "name": "openSUSE-SU-2011:1240",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html"
"name" : "oval:org.mitre.oval:def:14231", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14231" "name": "SUSE-SA:2011:043",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html"
"name" : "oval:org.mitre.oval:def:15862", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15862" "name": "SUSE-SU-2011:1244",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html"
"name" : "48819", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/48819" "name": "GLSA-201204-07",
} "refsource": "GENTOO",
] "url": "http://security.gentoo.org/glsa/glsa-201204-07.xml"
} },
{
"name": "RHSA-2011:1445",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1445.html"
},
{
"name": "48819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48819"
},
{
"name": "oval:org.mitre.oval:def:14231",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14231"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
]
}
} }

128
2011/2xxx/CVE-2011-2732.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-2732", "ID": "CVE-2011-2732",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814", "description_data": [
"refsource" : "MISC", {
"url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814" "lang": "eng",
}, "value": "CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter."
{ }
"name" : "http://support.springsource.com/security/cve-2011-2732", ]
"refsource" : "CONFIRM", },
"url" : "http://support.springsource.com/security/cve-2011-2732" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814"
},
{
"name": "http://support.springsource.com/security/cve-2011-2732",
"refsource": "CONFIRM",
"url": "http://support.springsource.com/security/cve-2011-2732"
}
]
}
} }

138
2011/3xxx/CVE-2011-3442.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-3442", "ID": "CVE-2011-3442",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT5052", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5052" "lang": "eng",
}, "value": "The kernel in Apple iOS before 5.0.1 does not ensure the validity of flag combinations for an mmap system call, which allows local users to execute arbitrary unsigned code via a crafted app."
{ }
"name" : "APPLE-SA-2011-11-10-1", ]
"refsource" : "APPLE", },
"url" : "http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "1026287", "description": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id?1026287" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "1026287",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026287"
},
{
"name": "APPLE-SA-2011-11-10-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/Security-announce/2011/Nov/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT5052",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5052"
}
]
}
} }

148
2011/3xxx/CVE-2011-3464.json
View File

@ -1,77 +1,77 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2011-3464", "ID": "CVE-2011-3464",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.libpng.org/pub/png/libpng.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.libpng.org/pub/png/libpng.html" "lang": "eng",
}, "value": "Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow."
{ }
"name" : "GLSA-201206-15", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-201206-15.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "47827", "description": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/47827" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "49660", ]
"refsource" : "SECUNIA", }
"url" : "http://secunia.com/advisories/49660" ]
} },
] "references": {
} "reference_data": [
{
"name": "49660",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49660"
},
{
"name": "47827",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47827"
},
{
"name": "GLSA-201206-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201206-15.xml"
},
{
"name": "http://www.libpng.org/pub/png/libpng.html",
"refsource": "CONFIRM",
"url": "http://www.libpng.org/pub/png/libpng.html"
}
]
}
} }

118
2011/3xxx/CVE-2011-3564.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert_us@oracle.com",
"ID" : "CVE-2011-3564", "ID": "CVE-2011-3564",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 allows local users to affect confidentiality via unknown vectors related to Administration."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html" "lang": "eng",
} "value": "Unspecified vulnerability in Oracle GlassFish Enterprise Server 2.1.1 allows local users to affect confidentiality via unknown vectors related to Administration."
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"
}
]
}
} }

32
2011/4xxx/CVE-2011-4322.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2011-4322", "ID": "CVE-2011-4322",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

188
2011/4xxx/CVE-2011-4615.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2011-4615", "ID": "CVE-2011-4615",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter (aka host groups name) to (1) hostgroups.php and (2) usergrps.php, the update action to (3) hosts.php and (4) scripts.php, and (5) maintenance.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.zabbix.com/rn1.8.10.php", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.zabbix.com/rn1.8.10.php" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter (aka host groups name) to (1) hostgroups.php and (2) usergrps.php, the update action to (3) hosts.php and (4) scripts.php, and (5) maintenance.php."
{ }
"name" : "https://support.zabbix.com/browse/ZBX-4015", ]
"refsource" : "CONFIRM", },
"url" : "https://support.zabbix.com/browse/ZBX-4015" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FEDORA-2011-17559", "description": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071660.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2011-17560", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071687.html" ]
}, },
{ "references": {
"name" : "51093", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/51093" "name": "77771",
}, "refsource": "OSVDB",
{ "url": "http://osvdb.org/77771"
"name" : "77771", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/77771" "name": "51093",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/51093"
"name" : "47216", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/47216" "name": "FEDORA-2011-17559",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071660.html"
"name" : "zabbix-hostgroups-usergrps-xss(71855)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/71855" "name": "https://support.zabbix.com/browse/ZBX-4015",
} "refsource": "CONFIRM",
] "url": "https://support.zabbix.com/browse/ZBX-4015"
} },
{
"name": "FEDORA-2011-17560",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071687.html"
},
{
"name": "zabbix-hostgroups-usergrps-xss(71855)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71855"
},
{
"name": "http://www.zabbix.com/rn1.8.10.php",
"refsource": "CONFIRM",
"url": "http://www.zabbix.com/rn1.8.10.php"
},
{
"name": "47216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/47216"
}
]
}
} }

188
2013/0xxx/CVE-2013-0605.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "psirt@adobe.com",
"ID" : "CVE-2013-0605", "ID": "CVE-2013-0605",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.adobe.com/support/security/bulletins/apsb13-02.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.adobe.com/support/security/bulletins/apsb13-02.html" "lang": "eng",
}, "value": "Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623."
{ }
"name" : "GLSA-201308-03", ]
"refsource" : "GENTOO", },
"url" : "http://security.gentoo.org/glsa/glsa-201308-03.xml" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "RHSA-2013:0150", "description": [
"refsource" : "REDHAT", {
"url" : "http://rhn.redhat.com/errata/RHSA-2013-0150.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "SUSE-SU-2013:0044", ]
"refsource" : "SUSE", }
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html" ]
}, },
{ "references": {
"name" : "SUSE-SU-2013:0047", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html" "name": "SUSE-SU-2013:0044",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html"
"name" : "openSUSE-SU-2013:0138", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html" "name": "SUSE-SU-2013:0047",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html"
"name" : "openSUSE-SU-2013:0193", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html" "name": "openSUSE-SU-2013:0193",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html"
"name" : "oval:org.mitre.oval:def:16266", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16266" "name": "oval:org.mitre.oval:def:16266",
} "refsource": "OVAL",
] "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16266"
} },
{
"name": "openSUSE-SU-2013:0138",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb13-02.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb13-02.html"
},
{
"name": "RHSA-2013:0150",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0150.html"
},
{
"name": "GLSA-201308-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml"
}
]
}
} }

168
2013/0xxx/CVE-2013-0734.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID" : "CVE-2013-0734", "ID": "CVE-2013-0734",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) search_words parameter in a search action to wpf.class.php or (2) togroupusers parameter in an add_user_togroup action to fs-admin/fs-admin.php."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://secunia.com/secunia_research/2013-3", "description_data": [
"refsource" : "MISC", {
"url" : "http://secunia.com/secunia_research/2013-3" "lang": "eng",
}, "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) search_words parameter in a search action to wpf.class.php or (2) togroupusers parameter in an add_user_togroup action to fs-admin/fs-admin.php."
{ }
"name" : "58059", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/58059" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "90432", "description": [
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/90432" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "90433", ]
"refsource" : "OSVDB", }
"url" : "http://osvdb.org/90433" ]
}, },
{ "references": {
"name" : "52167", "reference_data": [
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/52167" "name": "http://secunia.com/secunia_research/2013-3",
}, "refsource": "MISC",
{ "url": "http://secunia.com/secunia_research/2013-3"
"name" : "wp-mingleforum-index-admin-xss(82187)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/82187" "name": "52167",
} "refsource": "SECUNIA",
] "url": "http://secunia.com/advisories/52167"
} },
{
"name": "90433",
"refsource": "OSVDB",
"url": "http://osvdb.org/90433"
},
{
"name": "wp-mingleforum-index-admin-xss(82187)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82187"
},
{
"name": "90432",
"refsource": "OSVDB",
"url": "http://osvdb.org/90432"
},
{
"name": "58059",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58059"
}
]
}
} }

188
2013/1xxx/CVE-2013-1002.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "product-security@apple.com",
"ID" : "CVE-2013-1002", "ID": "CVE-2013-1002",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://support.apple.com/kb/HT5766", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5766" "lang": "eng",
}, "value": "WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2013-05-16-1."
{ }
"name" : "http://support.apple.com/kb/HT5785", ]
"refsource" : "CONFIRM", },
"url" : "http://support.apple.com/kb/HT5785" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://support.apple.com/kb/HT5934", "description": [
"refsource" : "CONFIRM", {
"url" : "http://support.apple.com/kb/HT5934" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "APPLE-SA-2013-05-16-1", ]
"refsource" : "APPLE", }
"url" : "http://lists.apple.com/archives/security-announce/2013/May/msg00000.html" ]
}, },
{ "references": {
"name" : "APPLE-SA-2013-06-04-2", "reference_data": [
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html" "name": "http://support.apple.com/kb/HT5785",
}, "refsource": "CONFIRM",
{ "url": "http://support.apple.com/kb/HT5785"
"name" : "APPLE-SA-2013-09-18-2", },
"refsource" : "APPLE", {
"url" : "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html" "name": "oval:org.mitre.oval:def:17187",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17187"
"name" : "oval:org.mitre.oval:def:17187", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17187" "name": "54886",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/54886"
"name" : "54886", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/54886" "name": "http://support.apple.com/kb/HT5934",
} "refsource": "CONFIRM",
] "url": "http://support.apple.com/kb/HT5934"
} },
{
"name": "APPLE-SA-2013-06-04-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Jun/msg00001.html"
},
{
"name": "http://support.apple.com/kb/HT5766",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5766"
},
{
"name": "APPLE-SA-2013-05-16-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/May/msg00000.html"
},
{
"name": "APPLE-SA-2013-09-18-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Sep/msg00006.html"
}
]
}
} }

238
2013/1xxx/CVE-2013-1724.json
View File

@ -1,122 +1,122 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2013-1724", "ID": "CVE-2013-1724",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.mozilla.org/security/announce/2013/mfsa2013-81.html", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.mozilla.org/security/announce/2013/mfsa2013-81.html" "lang": "eng",
}, "value": "Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a destroyed SELECT element."
{ }
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=894137", ]
"refsource" : "CONFIRM", },
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=894137" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "FEDORA-2013-16992", "description": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2013-17047", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html" ]
}, },
{ "references": {
"name" : "FEDORA-2013-17074", "reference_data": [
"refsource" : "FEDORA", {
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html" "name": "openSUSE-SU-2013:1491",
}, "refsource": "SUSE",
{ "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00055.html"
"name" : "openSUSE-SU-2013:1491", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-09/msg00055.html" "name": "oval:org.mitre.oval:def:18982",
}, "refsource": "OVAL",
{ "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18982"
"name" : "openSUSE-SU-2013:1493", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-09/msg00057.html" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=894137",
}, "refsource": "CONFIRM",
{ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=894137"
"name" : "openSUSE-SU-2013:1495", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-09/msg00059.html" "name": "FEDORA-2013-16992",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115907.html"
"name" : "openSUSE-SU-2013:1499", },
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-09/msg00061.html" "name": "http://www.mozilla.org/security/announce/2013/mfsa2013-81.html",
}, "refsource": "CONFIRM",
{ "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-81.html"
"name" : "USN-1951-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1951-1" "name": "FEDORA-2013-17074",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116610.html"
"name" : "USN-1952-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1952-1" "name": "USN-1952-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1952-1"
"name" : "62464", },
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/62464" "name": "USN-1951-1",
}, "refsource": "UBUNTU",
{ "url": "http://www.ubuntu.com/usn/USN-1951-1"
"name" : "oval:org.mitre.oval:def:18982", },
"refsource" : "OVAL", {
"url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18982" "name": "FEDORA-2013-17047",
} "refsource": "FEDORA",
] "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-September/117526.html"
} },
{
"name": "openSUSE-SU-2013:1493",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00057.html"
},
{
"name": "62464",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62464"
},
{
"name": "openSUSE-SU-2013:1499",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00061.html"
},
{
"name": "openSUSE-SU-2013:1495",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00059.html"
}
]
}
} }

188
2013/1xxx/CVE-2013-1783.json
View File

@ -1,97 +1,97 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-1783", "ID": "CVE-2013-1783",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the 3 slide gallery in page--front.tpl.php in the Business theme before 7.x-1.8 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20130227 Re: CVE Request for Drupal Contributed Modules", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2013/02/28/3" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the 3 slide gallery in page--front.tpl.php in the Business theme before 7.x-1.8 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://drupal.org/node/1929496", ]
"refsource" : "MISC", },
"url" : "http://drupal.org/node/1929496" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://drupal.org/node/1723246", "description": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/1723246" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://drupalcode.org/project/business.git/commitdiff/02f081f", ]
"refsource" : "CONFIRM", }
"url" : "http://drupalcode.org/project/business.git/commitdiff/02f081f" ]
}, },
{ "references": {
"name" : "58216", "reference_data": [
"refsource" : "BID", {
"url" : "http://www.securityfocus.com/bid/58216" "name": "52424",
}, "refsource": "SECUNIA",
{ "url": "http://secunia.com/advisories/52424"
"name" : "90685", },
"refsource" : "OSVDB", {
"url" : "http://osvdb.org/90685" "name": "58216",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/58216"
"name" : "52424", },
"refsource" : "SECUNIA", {
"url" : "http://secunia.com/advisories/52424" "name": "http://drupal.org/node/1929496",
}, "refsource": "MISC",
{ "url": "http://drupal.org/node/1929496"
"name" : "business-3slidegallery-xss(82460)", },
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/82460" "name": "90685",
} "refsource": "OSVDB",
] "url": "http://osvdb.org/90685"
} },
{
"name": "http://drupalcode.org/project/business.git/commitdiff/02f081f",
"refsource": "CONFIRM",
"url": "http://drupalcode.org/project/business.git/commitdiff/02f081f"
},
{
"name": "business-3slidegallery-xss(82460)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82460"
},
{
"name": "[oss-security] 20130227 Re: CVE Request for Drupal Contributed Modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/28/3"
},
{
"name": "http://drupal.org/node/1723246",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/1723246"
}
]
}
} }

158
2013/1xxx/CVE-2013-1784.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-1784", "ID": "CVE-2013-1784",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Clean Theme before 7.x-1.3 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20130227 Re: CVE Request for Drupal Contributed Modules", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2013/02/28/3" "lang": "eng",
}, "value": "Cross-site scripting (XSS) vulnerability in the 3 slide gallery in the Clean Theme before 7.x-1.3 for Drupal allows remote authenticated users with the administer themes permission to inject arbitrary web script or HTML via unspecified vectors."
{ }
"name" : "http://drupal.org/node/1929500", ]
"refsource" : "MISC", },
"url" : "http://drupal.org/node/1929500" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://drupal.org/node/1723532", "description": [
"refsource" : "CONFIRM", {
"url" : "http://drupal.org/node/1723532" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "http://drupalcode.org/project/clean_theme.git/commitdiff/697f839", ]
"refsource" : "CONFIRM", }
"url" : "http://drupalcode.org/project/clean_theme.git/commitdiff/697f839" ]
}, },
{ "references": {
"name" : "http://drupalcode.org/project/clean_theme.git/commitdiff/ff2da6f", "reference_data": [
"refsource" : "CONFIRM", {
"url" : "http://drupalcode.org/project/clean_theme.git/commitdiff/ff2da6f" "name": "http://drupal.org/node/1723532",
} "refsource": "CONFIRM",
] "url": "http://drupal.org/node/1723532"
} },
{
"name": "http://drupal.org/node/1929500",
"refsource": "MISC",
"url": "http://drupal.org/node/1929500"
},
{
"name": "[oss-security] 20130227 Re: CVE Request for Drupal Contributed Modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/02/28/3"
},
{
"name": "http://drupalcode.org/project/clean_theme.git/commitdiff/ff2da6f",
"refsource": "CONFIRM",
"url": "http://drupalcode.org/project/clean_theme.git/commitdiff/ff2da6f"
},
{
"name": "http://drupalcode.org/project/clean_theme.git/commitdiff/697f839",
"refsource": "CONFIRM",
"url": "http://drupalcode.org/project/clean_theme.git/commitdiff/697f839"
}
]
}
} }

168
2013/1xxx/CVE-2013-1986.json
View File

@ -1,87 +1,87 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"ID" : "CVE-2013-1986", "ID": "CVE-2013-1986",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries", "description_data": [
"refsource" : "MLIST", {
"url" : "http://www.openwall.com/lists/oss-security/2013/05/23/3" "lang": "eng",
}, "value": "Multiple integer overflows in X.org libXrandr 1.4.0 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRRQueryOutputProperty and (2) XRRQueryProviderProperty functions."
{ }
"name" : "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23", ]
"refsource" : "CONFIRM", },
"url" : "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "DSA-2684", "description": [
"refsource" : "DEBIAN", {
"url" : "http://www.debian.org/security/2013/dsa-2684" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "FEDORA-2013-9056", ]
"refsource" : "FEDORA", }
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106857.html" ]
}, },
{ "references": {
"name" : "openSUSE-SU-2013:1028", "reference_data": [
"refsource" : "SUSE", {
"url" : "http://lists.opensuse.org/opensuse-updates/2013-06/msg00156.html" "name": "FEDORA-2013-9056",
}, "refsource": "FEDORA",
{ "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106857.html"
"name" : "USN-1862-1", },
"refsource" : "UBUNTU", {
"url" : "http://www.ubuntu.com/usn/USN-1862-1" "name": "USN-1862-1",
} "refsource": "UBUNTU",
] "url": "http://www.ubuntu.com/usn/USN-1862-1"
} },
{
"name": "openSUSE-SU-2013:1028",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00156.html"
},
{
"name": "[oss-security] 20130523 Fwd: [ANNOUNCE] X.Org Security Advisory: Protocol handling issues in X Window System client libraries",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/23/3"
},
{
"name": "DSA-2684",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2684"
},
{
"name": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23",
"refsource": "CONFIRM",
"url": "http://www.x.org/wiki/Development/Security/Advisory-2013-05-23"
}
]
}
} }

138
2013/5xxx/CVE-2013-5010.json
View File

@ -1,72 +1,72 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "secure@symantec.com",
"ID" : "CVE-2013-5010", "ID": "CVE-2013-5010",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00", "description_data": [
"refsource" : "CONFIRM", {
"url" : "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00" "lang": "eng",
}, "value": "The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors."
{ }
"name" : "64129", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/64129" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "symantec-endpoint-cve20135010-sec-bypass(90225)", "description": [
"refsource" : "XF", {
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90225" "lang": "eng",
} "value": "n/a"
] }
} ]
}
]
},
"references": {
"reference_data": [
{
"name": "64129",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64129"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00"
},
{
"name": "symantec-endpoint-cve20135010-sec-bypass(90225)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90225"
}
]
}
} }

32
2013/5xxx/CVE-2013-5747.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2013-5747", "ID": "CVE-2013-5747",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

118
2014/2xxx/CVE-2014-2073.json
View File

@ -1,62 +1,62 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2014-2073", "ID": "CVE-2014-2073",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a crafted packet, related to \"CATV5_Backbone_Bus.\""
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "http://packetstormsecurity.com/files/125325/Catia-V5-6R2013-Stack-Buffer-Overflow.html", "description_data": [
"refsource" : "MISC", {
"url" : "http://packetstormsecurity.com/files/125325/Catia-V5-6R2013-Stack-Buffer-Overflow.html" "lang": "eng",
} "value": "Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a crafted packet, related to \"CATV5_Backbone_Bus.\""
] }
} ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://packetstormsecurity.com/files/125325/Catia-V5-6R2013-Stack-Buffer-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/125325/Catia-V5-6R2013-Stack-Buffer-Overflow.html"
}
]
}
} }

128
2017/0xxx/CVE-2017-0632.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@google.com", "ASSIGNER": "security@android.com",
"ID" : "CVE-2017-0632", "ID": "CVE-2017-0632",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android", "product_name": "Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "Kernel-3.10" "version_value": "Kernel-3.10"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Google Inc." "vendor_name": "Google Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An information disclosure vulnerability in the Qualcomm sound codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35392586. References: QC-CR#832915."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information disclosure"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/2017-05-01", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/2017-05-01" "lang": "eng",
}, "value": "An information disclosure vulnerability in the Qualcomm sound codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-35392586. References: QC-CR#832915."
{ }
"name" : "98221", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/98221" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98221"
},
{
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
}
]
}
} }

192
2017/1000xxx/CVE-2017-1000158.json
View File

@ -1,99 +1,99 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org", "ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED" : "2017-08-22T17:29:33.370843", "DATE_ASSIGNED": "2017-08-22T17:29:33.370843",
"ID" : "CVE-2017-1000158", "ID": "CVE-2017-1000158",
"REQUESTER" : "jaybosamiya@gmail.com", "REQUESTER": "jaybosamiya@gmail.com",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "CPython", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "2.7.13 and older" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Integer Overflow"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20171124 [SECURITY] [DLA 1189-1] python2.7 security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html" "lang": "eng",
}, "value": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)"
{ }
"name" : "[debian-lts-announce] 20171124 [SECURITY] [DLA 1190-1] python2.6 security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "[debian-lts-announce] 20180925 [SECURITY] [DLA 1519-1] python2.7 security update", "description": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "[debian-lts-announce] 20180926 [SECURITY] [DLA 1520-1] python3.4 security update", ]
"refsource" : "MLIST", }
"url" : "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html" ]
}, },
{ "references": {
"name" : "https://bugs.python.org/issue30657", "reference_data": [
"refsource" : "MISC", {
"url" : "https://bugs.python.org/issue30657" "name": "[debian-lts-announce] 20171124 [SECURITY] [DLA 1189-1] python2.7 security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html"
"name" : "DSA-4307", },
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4307" "name": "[debian-lts-announce] 20180926 [SECURITY] [DLA 1520-1] python3.4 security update",
}, "refsource": "MLIST",
{ "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html"
"name" : "GLSA-201805-02", },
"refsource" : "GENTOO", {
"url" : "https://security.gentoo.org/glsa/201805-02" "name": "https://bugs.python.org/issue30657",
}, "refsource": "MISC",
{ "url": "https://bugs.python.org/issue30657"
"name" : "1039890", },
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1039890" "name": "1039890",
} "refsource": "SECTRACK",
] "url": "http://www.securitytracker.com/id/1039890"
} },
{
"name": "[debian-lts-announce] 20171124 [SECURITY] [DLA 1190-1] python2.6 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html"
},
{
"name": "DSA-4307",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4307"
},
{
"name": "[debian-lts-announce] 20180925 [SECURITY] [DLA 1519-1] python2.7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html"
},
{
"name": "GLSA-201805-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201805-02"
}
]
}
} }

32
2017/12xxx/CVE-2017-12039.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12039", "ID": "CVE-2017-12039",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

128
2017/12xxx/CVE-2017-12654.json
View File

@ -1,67 +1,67 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-12654", "ID": "CVE-2017-12654",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://github.com/ImageMagick/ImageMagick/issues/620", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://github.com/ImageMagick/ImageMagick/issues/620" "lang": "eng",
}, "value": "The ReadPICTImage function in coders/pict.c in ImageMagick 7.0.6-3 allows attackers to cause a denial of service (memory leak) via a crafted file."
{ }
"name" : "100230", ]
"refsource" : "BID", },
"url" : "http://www.securityfocus.com/bid/100230" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/ImageMagick/ImageMagick/issues/620",
"refsource": "CONFIRM",
"url": "https://github.com/ImageMagick/ImageMagick/issues/620"
},
{
"name": "100230",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100230"
}
]
}
} }

32
2017/16xxx/CVE-2017-16293.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16293", "ID": "CVE-2017-16293",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

158
2017/16xxx/CVE-2017-16547.json
View File

@ -1,82 +1,82 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16547", "ID": "CVE-2017-16547",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "n/a", "product_name": "n/a",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "n/a" "version_value": "n/a"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "n/a" "vendor_name": "n/a"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "[debian-lts-announce] 20171114 [SECURITY] [DLA 1170-1] graphicsmagick security update", "description_data": [
"refsource" : "MLIST", {
"url" : "https://lists.debian.org/debian-lts-announce/2017/11/msg00016.html" "lang": "eng",
}, "value": "The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, which allows remote attackers to cause a denial of service (negative strncpy and application crash) or possibly have unspecified other impact via a crafted file."
{ }
"name" : "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update", ]
"refsource" : "MLIST", },
"url" : "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc", "description": [
"refsource" : "CONFIRM", {
"url" : "http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc" "lang": "eng",
}, "value": "n/a"
{ }
"name" : "https://sourceforge.net/p/graphicsmagick/bugs/517/", ]
"refsource" : "CONFIRM", }
"url" : "https://sourceforge.net/p/graphicsmagick/bugs/517/" ]
}, },
{ "references": {
"name" : "DSA-4321", "reference_data": [
"refsource" : "DEBIAN", {
"url" : "https://www.debian.org/security/2018/dsa-4321" "name": "[debian-lts-announce] 20171114 [SECURITY] [DLA 1170-1] graphicsmagick security update",
} "refsource": "MLIST",
] "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00016.html"
} },
{
"name": "http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc",
"refsource": "CONFIRM",
"url": "http://hg.code.sf.net/p/graphicsmagick/code/rev/785758bbbfcc"
},
{
"name": "DSA-4321",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4321"
},
{
"name": "https://sourceforge.net/p/graphicsmagick/bugs/517/",
"refsource": "CONFIRM",
"url": "https://sourceforge.net/p/graphicsmagick/bugs/517/"
},
{
"name": "[debian-lts-announce] 20180803 [SECURITY] [DLA 1456-1] graphicsmagick security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/08/msg00002.html"
}
]
}
} }

32
2017/16xxx/CVE-2017-16977.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-16977", "ID": "CVE-2017-16977",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2017/1xxx/CVE-2017-1016.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID" : "CVE-2017-1016", "ID": "CVE-2017-1016",
"STATE" : "RESERVED" "STATE": "RESERVED"
}, },
"data_format" : "MITRE", "data_format": "MITRE",
"data_type" : "CVE", "data_type": "CVE",
"data_version" : "4.0", "data_version": "4.0",
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
} }
] ]
} }
} }

32
2017/4xxx/CVE-2017-4021.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4021", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4021",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

32
2017/4xxx/CVE-2017-4111.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4111", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4111",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

32
2017/4xxx/CVE-2017-4457.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4457", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4457",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

32
2017/4xxx/CVE-2017-4480.json
View File

@ -1,18 +1,18 @@
{ {
"CVE_data_meta" : { "data_type": "CVE",
"ASSIGNER" : "cve@mitre.org", "data_format": "MITRE",
"ID" : "CVE-2017-4480", "data_version": "4.0",
"STATE" : "REJECT" "CVE_data_meta": {
}, "ID": "CVE-2017-4480",
"data_format" : "MITRE", "ASSIGNER": "cve@mitre.org",
"data_type" : "CVE", "STATE": "REJECT"
"data_version" : "4.0", },
"description" : { "description": {
"description_data" : [ "description_data": [
{ {
"lang" : "eng", "lang": "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none." "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
} }
] ]
} }
} }

160
2018/5xxx/CVE-2018-5128.json
View File

@ -1,83 +1,83 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "security@mozilla.org", "ASSIGNER": "security@mozilla.org",
"ID" : "CVE-2018-5128", "ID": "CVE-2018-5128",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Firefox", "product_name": "Firefox",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_affected" : "<", "version_affected": "<",
"version_value" : "59" "version_value": "59"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Mozilla" "vendor_name": "Mozilla"
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations. This results in a potentially exploitable crash. This vulnerability affects Firefox < 59."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Use-after-free manipulating editor selection ranges"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1431336", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1431336" "lang": "eng",
}, "value": "A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations. This results in a potentially exploitable crash. This vulnerability affects Firefox < 59."
{ }
"name" : "https://www.mozilla.org/security/advisories/mfsa2018-06/", ]
"refsource" : "CONFIRM", },
"url" : "https://www.mozilla.org/security/advisories/mfsa2018-06/" "problemtype": {
}, "problemtype_data": [
{ {
"name" : "USN-3596-1", "description": [
"refsource" : "UBUNTU", {
"url" : "https://usn.ubuntu.com/3596-1/" "lang": "eng",
}, "value": "Use-after-free manipulating editor selection ranges"
{ }
"name" : "103386", ]
"refsource" : "BID", }
"url" : "http://www.securityfocus.com/bid/103386" ]
}, },
{ "references": {
"name" : "1040514", "reference_data": [
"refsource" : "SECTRACK", {
"url" : "http://www.securitytracker.com/id/1040514" "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1431336",
} "refsource": "CONFIRM",
] "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1431336"
} },
{
"name": "103386",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/103386"
},
{
"name": "1040514",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040514"
},
{
"name": "USN-3596-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3596-1/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2018-06/",
"refsource": "CONFIRM",
"url": "https://www.mozilla.org/security/advisories/mfsa2018-06/"
}
]
}
} }

130
2018/5xxx/CVE-2018-5888.json
View File

@ -1,68 +1,68 @@
{ {
"CVE_data_meta" : { "CVE_data_meta": {
"ASSIGNER" : "product-security@qualcomm.com", "ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC" : "2018-06-05T00:00:00", "DATE_PUBLIC": "2018-06-05T00:00:00",
"ID" : "CVE-2018-5888", "ID": "CVE-2018-5888",
"STATE" : "PUBLIC" "STATE": "PUBLIC"
}, },
"affects" : { "affects": {
"vendor" : { "vendor": {
"vendor_data" : [ "vendor_data": [
{ {
"product" : { "product": {
"product_data" : [ "product_data": [
{ {
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android", "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version" : { "version": {
"version_data" : [ "version_data": [
{ {
"version_value" : "All Android releases from CAF using the Linux kernel" "version_value": "All Android releases from CAF using the Linux kernel"
} }
] ]
} }
} }
] ]
}, },
"vendor_name" : "Qualcomm, Inc." "vendor_name": "Qualcomm, Inc."
} }
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Incorrect Calculation of Buffer Size in Boot"
}
] ]
} }
] },
}, "data_format": "MITRE",
"references" : { "data_type": "CVE",
"reference_data" : [ "data_version": "4.0",
{ "description": {
"name" : "https://source.android.com/security/bulletin/pixel/2018-06-01#qualcomm-components", "description_data": [
"refsource" : "CONFIRM", {
"url" : "https://source.android.com/security/bulletin/pixel/2018-06-01#qualcomm-components" "lang": "eng",
}, "value": "While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05."
{ }
"name" : "https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=5388803fa6d004382f4a857056ce06d963698d9c", ]
"refsource" : "CONFIRM", },
"url" : "https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=5388803fa6d004382f4a857056ce06d963698d9c" "problemtype": {
} "problemtype_data": [
] {
} "description": [
{
"lang": "eng",
"value": "Incorrect Calculation of Buffer Size in Boot"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=5388803fa6d004382f4a857056ce06d963698d9c",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=5388803fa6d004382f4a857056ce06d963698d9c"
},
{
"name": "https://source.android.com/security/bulletin/pixel/2018-06-01#qualcomm-components",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2018-06-01#qualcomm-components"
}
]
}
} }